 |
Meng Wanzhou, the CFO of Huawei
Industries arrested.
|
To read the full article and find an archive of related reporting, follow this link to READBOARD.
WWW.WAPACKLABS.COM
Sunday, December 30, 2018
Huawei Arrest: Chinese Government and Media Spin
WWW.WAPACKLABS.COM
Wapack Labs Keylogger Blacklist
TLP AMBER ANNOUNCEMENT:
Compromised Email Accounts
Reporting Period: December 28, 2018
Action recommendation: Users should immediately place each of these email accounts in a block status in intrusion prevention systems.
Wapack Labs Sinkhole Blacklist
TLP AMBER ANNOUNCEMENT:
Reporting Period: December 28, 2018
Wapack Labs identified connections from 71,459 new unique IP addresses, which are checking in with one of the many Wapack Labs sinkhole domains.
Action recommendation: Users should immediately place each of these IP addresses in a monitor or block status in intrusion prevention systems.
WWW.WAPACKLABS.COM
WWW.WAPACKLABS.COM
Tuesday, December 18, 2018
Wapack Labs Keylogger Blacklist
TLP AMBER ANNOUNCEMENT:
Compromised Email Accounts
Reporting Period: December 17, 2018
Action recommendation: Users should immediately place each of these email accounts in a block status in intrusion prevention systems.
Wapack Labs Sinkhole Blacklist
TLP AMBER ANNOUNCEMENT:
Reporting Period: December 17, 2018
Wapack Labs identified connections from 51,581 new unique IP addresses, which are checking in with one of the many Wapack Labs sinkhole domains.
Action recommendation: Users should immediately place each of these IP addresses in a monitor or block status in intrusion prevention systems.
WWW.WAPACKLABS.COM
WWW.WAPACKLABS.COM
Wednesday, December 12, 2018
Physical Security Risks that Threaten Cybersecurity
Researchers report that one in four breaches in the financial services sector were due to lost or stolen devices, while one in five were the result of hacking. Physical security often is viewed as a necessary evil in many corporations, yet remain very important in overall cybersecurity. Many researchers, as well as Wapack Labs, completely understand the critical point that cybersecurity involves hardware and humans as much as it does malware and networks.
To read the full article and find an archive of related reporting, follow this link to READBOARD.
WWW.WAPACKLABS.COM
Tuesday, December 11, 2018
Wapack Labs Keylogger Blacklist
TLP AMBER ANNOUNCEMENT:
Compromised Email Accounts
Reporting Period: December 10, 2018
Action recommendation: Users should immediately place each of these email accounts in a block status in intrusion prevention systems.
Wapack Labs Sinkhole Blacklist
TLP AMBER ANNOUNCEMENT:
Reporting Period: December 10, 2018
Wapack Labs identified connections from 90,371 new unique IP addresses, which are checking in with one of the many Wapack Labs sinkhole domains.
Action recommendation: Users should immediately place each of these IP addresses in a monitor or block status in intrusion prevention systems.
WWW.WAPACKLABS.COM
WWW.WAPACKLABS.COM
Thursday, December 6, 2018
SamSam Ransomware Actors Magnify Exploitation of Victim Network Vulnerabilities
This report is an update to previous Wapack Labs postings regarding the SamSam malware. US federal authorities are providing current information about the vulnerabilities and exploits used to deploy SamSam ransomware, also known as MSIL/Samas.A. This malware was being deployed by cyber criminals Mohammad Mehdi Shah Mansouri and Faramarz Shahi Savandi. On 26 November 2018, the District of New Jersey indicted Mansouri and Savandi for developing and deploying SamSam ransomware. SamSam infects whole networks and encrypts victim data, allowing Mansouri and Savandi to demand considerable ransoms in Bitcoin in return for decryption keys.
To read the full article and find an archive of related reporting, follow this link to READBOARD.
WWW.WAPACKLABS.COM
Wapack Labs Keylogger Blacklist
TLP AMBER ANNOUNCEMENT:
Compromised Email Accounts
Reporting Period: December 3, 2018
Action recommendation: Users should immediately place each of these email accounts in a block status in intrusion prevention systems.
Wapack Labs Sinkhole Blacklist
TLP AMBER ANNOUNCEMENT:
Reporting Period: December 3, 2018
Wapack Labs identified connections from 81.527 new unique IP addresses, which are checking in with one of the many Wapack Labs sinkhole domains.
Action recommendation: Users should immediately place each of these IP addresses in a monitor or block status in intrusion prevention systems.
WWW.WAPACKLABS.COM
WWW.WAPACKLABS.COM
Thursday, November 15, 2018
XU YANJUN: A Case Study in Chinese Economic Espionage Tradecraft
To read the full article and find an archive of related reporting, follow this link to READBOARD.
WWW.WAPACKLABS.COM
Wednesday, November 14, 2018
Wapack Labs Sinkhole Blacklist
LP AMBER ANNOUNCEMENT:
Reporting Period: November 13, 2018
Wapack Labs identified connections from 74,137 new unique IP addresses, which are checking in with one of the many Wapack Labs sinkhole domains.
Action recommendation: Users should immediately place each of these IP addresses in a monitor or block status in intrusion prevention systems.
WWW.WAPACKLABS.COM
WWW.WAPACKLABS.COM
Wapack Labs Keylogger Blacklist
TLP AMBER ANNOUNCEMENT:
Compromised Email Accounts
Reporting Period: November 13, 2018
Action recommendation: Users should immediately place each of these email accounts in a block status in intrusion prevention systems.
Thursday, November 8, 2018
LoJax Malware
Cybersecurity researchers have unveiled, the first-ever, UEFI (Unified Extensible Firmware Interface) rootkit being used. It allows hackers to implant persistent malware on targeted computers that could endure a complete hard-drive wipe. Titled LoJax, the UEFI rootkit is part of a malware campaign conducted by the Sednit group, also known as APT28, Fancy Bear, Strontium, and Sofacy, who have targeted government organizations in the Balkans as well as in Central and Eastern Europe.[1] The Sednit group is a state-sponsored hacking group believed to be a unit of the Russian GRU (General Staff Main Intelligence Directorate). The hacking group has been associated with a number of high-profile attacks, including the DNC hack during the US 2016 presidential election.
To read the full article and find an archive of related reporting, follow this link to READBOARD.
WWW.WAPACKLABS.COM
Wapack Labs Sinkhole Blacklist
TLP AMBER ANNOUNCEMENT:
Reporting Period: November 5, 2018
Wapack Labs identified connections from 59,877 new unique IP addresses, which are checking in with one of the many Wapack Labs sinkhole domains.
Action recommendation: Users should immediately place each of these IP addresses in a monitor or block status in intrusion prevention systems.
WWW.WAPACKLABS.COM
WWW.WAPACKLABS.COM
Subscribe to:
Posts (Atom)