TLP AMBER ANNOUNCEMENT:
Compromised Email Accounts
Reporting Period: September 24, 2018
Action recommendation: Users should immediately place each of these email accounts in a block status in intrusion prevention systems.
Wednesday, September 26, 2018
Wapack Labs Keylogger Blacklist
Wednesday, September 19, 2018
Wapack Labs Keylogger Blacklist
TLP AMBER ANNOUNCEMENT:
Compromised Email Accounts
Reporting Period: September 19, 2018
Action recommendation: Users should immediately place each of these email accounts in a block status in intrusion prevention systems.
Wapack Labs Sinkhole Blacklist
TLP AMBER ANNOUNCEMENT:
Reporting Period: September 17, 2018
Wapack Labs identified connections from 10,200 new unique IP addresses, which are checking in with one of the many Wapack Labs sinkhole domains.
Action recommendation: Users should immediately place each of these IP addresses in a monitor or block status in intrusion prevention systems.
WWW.WAPACKLABS.COM
WWW.WAPACKLABS.COM
Sunday, September 16, 2018
Motor Vessel (MV) Impersonation
Wapack Labs conducted a CTAC collection for malicious activity, analyzing all data containing Motor Vessel (MV) in the subject line of malicious emails. Email subject line Motor Vessel (MV) impersonation is a common TTP for attackers targeting the maritime industry. Wapack Labs is providing this monthly list of Motor Vessels in which Wapack Labs directly observed the vessel being impersonated, with associated malicious emails. A few 'MV' examples:
- MV AMIS WISDOM III //CIF, KEELUNG// Bunker & Ship Charter - Seen 16 times
- RE: MV MODULUS 5 - CARGO: 2106.505 MTS STEEL SCRAP IN BULK - Seen 5 times
- MV PAPAYIANNIS - Requisition - Seen 3 times
- MV TS Honour - voy 180XXXX - Appointment of Agency for Load - Seen 3 times
- MV TS Honour - voy 180XXXX - Appointment of Agency for Load Assistance and Agreement - Seen 3 times
Would you like to read the full Motor Vessel (MV) Impersonation article, get all the related specifics? A PDF will be available on the complimentary CHANNEL 001 Webinar, this upcoming Wednesday, September 19th. Topic: The Missing Link in the Supply Chain, Presented to you by Wapack Labs and Chris Hall, Co-Owner and Principal Engineer at Wapack Labs.
Friday, September 14, 2018
Wapack Labs Sinkhole Blacklist
TLP AMBER ANNOUNCEMENT:
Reporting Period: September 12, 2018
Wapack Labs identified connections from 76,077 new unique IP addresses, which are checking in with one of the many Wapack Labs sinkhole domains.
Action recommendation: Users should immediately place each of these IP addresses in a monitor or block status in intrusion prevention systems.
WWW.WAPACKLABS.COM
WWW.WAPACKLABS.COM
Wapack Labs Keylogger Blacklist
TLP AMBER ANNOUNCEMENT:
Compromised Email Accounts
Reporting Period: September 12, 2018
Action recommendation: Users should immediately place each of these email accounts in a block status in intrusion prevention systems.
Thursday, September 13, 2018
CHANNEL 001:CYBER BRIEF: The Missing Link in the Supply Chain Webinar
Introducing a NEW Wapack Labs Monthly Cyber Brief Webinar Series - called 'Channel 001'. We will host a webinar every month on prevailing cyber topics. These webinars are open to everyone and are free to attend. First up, we have a Supply Chain webinar - 'The Missing Link in the Supply Chain'.
September 19th, 10:00 AM EDT REGISTER NOW
Viewers will:
• Understand the basic nature of cyber supply chains
• Gain insight into cyber supply chain vulnerabilities
• Learn how to begin protecting our cyber supply chains
Your presenter Chris Hall, Co-Owner and Principal Engineer at Wapack Labs, has been in the intelligence community for over 18 years in various capacities including SIGINT, network defense, reverse-engineering, and fusion. In 2012, Chris moved from the government to the private sector to help form the Red Sky alliance and then co-found Wapack Labs in 2013. As a partner at Wapack Labs, Chris's main responsibility is to oversee the production, sourcing, and collection of intelligence.
Please join us for this webinar and many more to come. September 19th, 10:00 AM EDT.
REGISTER NOW
Contact Wapack Labs for more information:
603-606-1246, or info@wapacklabs.com
WWW.WAPACKLABS.COM
Friday, September 7, 2018
Wapack Labs Keylogger Blacklist
TLP AMBER ANNOUNCEMENT:
Compromised Email Accounts
Reporting Period: September 5, 2018
Action recommendation: Users should immediately place each of these email accounts in a block status in intrusion prevention systems.
Thursday, September 6, 2018
DeepLocker – An AI Powered Malware
DeepLocker is a class of malware that use AI (Artificial Intelligence) to infect a victim’s system. DeepLocker was developed and launched by an IBM research group.[1] Their concept is artificial intelligence can automatically detect and combat malware to effectively stop cyber-attacks before they impact an organization. This positive concept can now theoretically be used in reverse and weaponized by bad actors. This to power a new generation of malware that can evade even the best cyber-security defenses and infect a computer network or launch an attack; even when with strong two-party authentication. Read More ...To read the full article and find an archive of related reporting follow this link to READBOARD.
WWW.WAPACKLABS.COM
Wednesday, September 5, 2018
Wapack Labs Sinkhole Blacklist
TLP AMBER ANNOUNCEMENT:
Reporting Period: September 4, 2018
Wapack Labs identified connections from 14,706 new unique IP addresses, which are checking in with one of the many Wapack Labs sinkhole domains.
Action recommendation: Users should immediately place each of these IP addresses in a monitor or block status in intrusion prevention systems.
WWW.WAPACKLABS.COM
This TLP AMBER report is available only to Red Sky Alliance members.
TLP AMBER ANNOUNCEMENT:
Reporting Period: September 4, 2018
Wapack Labs identified connections from 14,706 new unique IP addresses, which are checking in with one of the many Wapack Labs sinkhole domains.
Action recommendation: Users should immediately place each of these IP addresses in a monitor or block status in intrusion prevention systems.
WWW.WAPACKLABS.COM
WWW.WAPACKLABS.COM
Subscribe to:
Posts (Atom)