Red Sky Alliance: Cyber Intelligence Service: August 2019

Monday, August 26, 2019

Cryxos Trojan Malware Uptick

Hackers can program Trojans like Cryxos to accomplish pretty much anything they want. In August 2019, Wapack Labs observed a significant uptick in malicious emails delivering a malware identified as Cryxos. The observed malware is currently being delivered to users in Brazil, however, thousands of related specimens were observed on Virus Total indicating a widespread campaign affecting multiple countries.

To read the full article in our portal, and find an archive of related reporting, follow this link to - https://redskyalliance.org/finished-analysis/cryxos-variant

Wapack Labs Sinkhole Blacklist

TLP AMBER ANNOUNCEMENT:

Reporting Period: August 26, 2019

Wapack Labs identified connections from 63,336 new unique IP addresses, which are checking in with one of the many Wapack Labs sinkhole domains.

Contact Wapack Labs for more information:
603-606-1246, or feedback@wapacklabs.com

Action recommendation: Users should immediately place each of these IP addresses in a monitor or block status in intrusion prevention systems.

Wapack Labs Keylogger Blacklist

TLP AMBER ANNOUNCEMENT:

Compromised Email Accounts

Reporting Period: August 26, 2019

On 26 August 2019, Wapack Labs identified 14 unique email accounts compromised with keyloggers and used to log into mostly personal accounts and organizations. Attackers may be able to access not only email addresses but also financial, social media and other data.

Contact Wapack Labs for more information:
603-606-1246, or feedback@wapacklabs.com

Action recommendation: Users should immediately place each of these email accounts in a block status in intrusion prevention systems.

WWW.WAPACKLABS.COM

Thursday, August 22, 2019

Wapack Labs Sinkhole Blacklist

TLP AMBER ANNOUNCEMENT:

Reporting Period: August 19, 2019

Wapack Labs identified connections from 29,051 new unique IP addresses, which are checking in with one of the many Wapack Labs sinkhole domains.

Contact Wapack Labs for more information:
603-606-1246, or feedback@wapacklabs.com

Action recommendation: Users should immediately place each of these IP addresses in a monitor or block status in intrusion prevention systems.

Wapack Labs Keylogger Blacklist

TLP AMBER ANNOUNCEMENT:

Compromised Email Accounts

Reporting Period: August 19, 2019

On 19 August 2019, Wapack Labs identified 102 unique email accounts compromised with keyloggers and used to log into mostly personal accounts and organizations. Attackers may be able to access not only email addresses but also financial, social media and other data.

Contact Wapack Labs for more information:
603-606-1246, or feedback@wapacklabs.com

Action recommendation: Users should immediately place each of these email accounts in a block status in intrusion prevention systems.

WWW.WAPACKLABS.COM

Monday, August 12, 2019

Wapack Labs Keylogger Blacklist

TLP AMBER ANNOUNCEMENT:

Compromised Email Accounts

Reporting Period: August 12, 2019

On 12 August 2019, Wapack Labs identified 32 unique email accounts compromised with keyloggers and used to log into mostly personal accounts and organizations. Attackers may be able to access not only email addresses but also financial, social media and other data.

Contact Wapack Labs for more information:
603-606-1246, or feedback@wapacklabs.com

Action recommendation: Users should immediately place each of these email accounts in a block status in intrusion prevention systems.

WWW.WAPACKLABS.COM

Wapack Labs Sinkhole Blacklist

TLP AMBER ANNOUNCEMENT:

Reporting Period: August 12, 2019

Wapack Labs identified connections from 77,164 new unique IP addresses, which are checking in with one of the many Wapack Labs sinkhole domains.

Contact Wapack Labs for more information:
603-606-1246, or feedback@wapacklabs.com

Action recommendation: Users should immediately place each of these IP addresses in a monitor or block status in intrusion prevention systems.

Friday, August 9, 2019

Health Center Gets Hit With Ransomware, Twice!

In April 2019, Park Duvalle Community Health Center (PDCHC), located in Louisville, KY was targeted with an unspecified variant of ransomware. It took PDCHC three weeks to restore their files from their back up and make the network fully functional. On June 7, 2019, PDCHC was hit again with ransomware, attackers requested a payment of approximately $70,000 worth of Bitcoin.

To read the full article in our portal, and find an archive of related reporting, follow this link to - https://redskyalliance.org/healthcare/

Wapack Labs Sinkhole Blacklist

TLP AMBER ANNOUNCEMENT:

Reporting Period: August 5, 2019

Wapack Labs identified connections from 40,141 new unique IP addresses, which are checking in with one of the many Wapack Labs sinkhole domains.

Contact Wapack Labs for more information:
603-606-1246, or feedback@wapacklabs.com

Action recommendation: Users should immediately place each of these IP addresses in a monitor or block status in intrusion prevention systems.

Wapack Labs Keylogger Blacklist

TLP AMBER ANNOUNCEMENT:

Compromised Email Accounts

Reporting Period: August 5, 2019

On 5 August 2019, Wapack Labs identified 4,079 unique email accounts compromised with keyloggers and used to log into mostly personal accounts and organizations. Attackers may be able to access not only email addresses but also financial, social media and other data.

Contact Wapack Labs for more information:
603-606-1246, or feedback@wapacklabs.com

Action recommendation: Users should immediately place each of these email accounts in a block status in intrusion prevention systems.

WWW.WAPACKLABS.COM

Thursday, August 8, 2019

Wapack Labs REDXRAY Threat Report (1 companies with new threats)

Banks and Credit Unions

REDXRAY Threat Report

All hits in this notification should be investigated by an analyst before being actioned or blocked. For more information, please contact Wapack Labs at 888-733-9729.

People's United Financial

Botnet Tracker - 0 Breach Data - 2 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

Bank of New England: No new indicators for this company in the past 24 hours.

Bank of New Hampshire: No new indicators for this company in the past 24 hours.

Bellwether Community Credit Union: No new indicators for this company in the past 24 hours.

Cambridge Trust Company of New Hampshire, Inc.: No new indicators for this company in the past 24 hours.

Charter Trust Company: No new indicators for this company in the past 24 hours.

Claremont Savings Bank: No new indicators for this company in the past 24 hours.

Deutsche AM Trust Company: No new indicators for this company in the past 24 hours.

Exeter Trust Company: No new indicators for this company in the past 24 hours.

Franklin Savings Bank: No new indicators for this company in the past 24 hours.

Granite Bank: No new indicators for this company in the past 24 hours.

Granite State Credit Union: No new indicators for this company in the past 24 hours.

Hemenway Trust Company LLC: No new indicators for this company in the past 24 hours.

Holy Rosary Regional Credit Union: No new indicators for this company in the past 24 hours.

Members First Credit Union of New Hampshire: No new indicators for this company in the past 24 hours.

Meredith Village Savings Bank: No new indicators for this company in the past 24 hours.

Merrimack County Savings Bank: No new indicators for this company in the past 24 hours.

New Hampshire Postal Credit Union: No new indicators for this company in the past 24 hours.

New Hampshire Trust Company: No new indicators for this company in the past 24 hours.

Newport Trust Company: No new indicators for this company in the past 24 hours.

Northeast Credit Union: No new indicators for this company in the past 24 hours.

Northern Trust Corp.: No new indicators for this company in the past 24 hours.

Northway Bank: No new indicators for this company in the past 24 hours.

Peoples Bank: No new indicators for this company in the past 24 hours.

Perspecta Trust LLC: No new indicators for this company in the past 24 hours.

Piscataqua Savings Bank: No new indicators for this company in the past 24 hours.

Primary Bank: No new indicators for this company in the past 24 hours.

Profile Bank: No new indicators for this company in the past 24 hours.

Salem Cooperative Bank: No new indicators for this company in the past 24 hours.

Savings Bank of Walpole: No new indicators for this company in the past 24 hours.

Service Credit Union: No new indicators for this company in the past 24 hours.

St. Mary's Bank: No new indicators for this company in the past 24 hours.

Sugar River Bank: No new indicators for this company in the past 24 hours.

Triangle Credit Union: No new indicators for this company in the past 24 hours.

VantageTrust Company, LLC: No new indicators for this company in the past 24 hours.

Woodsville Guaranty Savings Bank: No new indicators for this company in the past 24 hours.

Botnet_tracker

If your IP address is found in botnet tracker, it means that it was seen in a communication with a malicious endpoint. This does not automatically indicate a malware infection as there are a number of reasons why two IP addresses might communicate. The traffic should first be inspected before escalating to incident responders.

Keylogger

A keylogger hit means your domain or IP address appeared in a keylogger output file. This would mean one of the following things: 1) A keylogger malware is running on your network. 2) A username and password belonging to an employee was captured by a keylogger. 3) An email address was observed in clipboard data on an infected computer. For example somebody cut and paste an email address belonging to your organization. The raw source data must first be investigated to determine course of action.

Malicious Emails

If your domain or IP address shows up in this collection, it means it was observed in the header of an email that has been identified as malicious (1 or more AV detection). The raw email should be inspected to see whether it was sent to or from your organization, or if it was spoofed using your organizations data. It should be noted that some AV vendors classify emails as malicious when they are actually benign. All malicious emails hits only indicate targeting, not malware infections.

Pastebin

A pastebin hit simply means your information was observed in a paste on pastebin.com. There are numerous reasons information would be contained in a paste – some malicious and some benign. Each pastebin hit must be individually analyzed to determine context.

Sinkhole data

A sinkhole hit means your IP was observed in weblogs from our sinkhole server. Similar to the botnet_tracker hits, it only means that communication was observed. The nature of that communication needs to be determined from the raw sinkhole record. If the sinkhole hit is a result of a malware infection, then the information should be referred to incident responders.

Breach Data

Breach data hits are from public database leaks. Depending on the nature of the leaked database, exposed information may vary from just email addresses, to username and password combinations and other personally identifiable information. RedXray contains the raw breach data so you can easily see what type of data has been exposed. If the breach data contains passwords then Wapack Labs recommends enforcing a password reset and investigating whether there has been unauthorized access of the account.

Threat Recon

Threat recon consists of both primary sourced indicators and open sourced indicators from dozens of sources. Each hit from this collection should be individually analyzed as each source has different context. Threat recon records contain references to the original source.

Wapack Labs REDXRAY Threat Report (21 companies with new threats)

National Defense Transportation

REDXRAY Threat Report

All hits in this notification should be investigated by an analyst before being actioned or blocked. For more information, please contact Wapack Labs at 888-733-9729.

Abraham LLC

Botnet Tracker - 0 Breach Data - 5384 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

Accenture

Botnet Tracker - 0 Breach Data - 12 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

Aegis Strategies LLC

Botnet Tracker - 0 Breach Data - 214850 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

Agency & NW Regional President

Botnet Tracker - 0 Breach Data - 26 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

Crane Worldwide Logistics

Botnet Tracker - 0 Breach Data - 4 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

DHL Global Forwarding

Botnet Tracker - 0 Breach Data - 10 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

HQ USTRANSCOM/J4-LT

Botnet Tracker - 0 Breach Data - 1470 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

Military Sealift Command

Botnet Tracker - 0 Breach Data - 16 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

Oracle

Botnet Tracker - 0 Breach Data - 26 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

PricewaterhouseCooper

Botnet Tracker - 0 Breach Data - 20 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

Radiant Global Logistics

Botnet Tracker - 0 Breach Data - 10892 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 208 Sinkhole Traffic - 0 ThreatRecon Records - 0

State Department

Botnet Tracker - 0 Breach Data - 4 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

The Boeing Company

Botnet Tracker - 0 Breach Data - 16 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

USTRANSCOM

Botnet Tracker - 0 Breach Data - 574 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 4 Sinkhole Traffic - 0 ThreatRecon Records - 0

Uber Technologies, Inc.

Botnet Tracker - 0 Breach Data - 2134 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 1

Union Pacific Railroad

Botnet Tracker - 0 Breach Data - 2 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

United Airlines

Botnet Tracker - 0 Breach Data - 2 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

Wounded Warrior Project

Botnet Tracker - 0 Breach Data - 5548 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 99 Sinkhole Traffic - 0 ThreatRecon Records - 0

Botnet_tracker

Keylogger

Malicious Emails

Pastebin

Sinkhole data

Breach Data

Threat Recon

Wapack Labs REDXRAY Threat Report (11 companies with new threats)

Information Technology - Midcap

REDXRAY Threat Report

All hits in this notification should be investigated by an analyst before being actioned or blocked. For more information, please contact Wapack Labs at 888-733-9729.

Anixter International Inc

Botnet Tracker - 0 Breach Data - 2 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

Badger Meter Inc.

Botnet Tracker - 0 Breach Data - 2 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

Electronics for Imaging Inc

Botnet Tracker - 0 Breach Data - 2 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

GTT Communications Inc

Botnet Tracker - 0 Breach Data - 164 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

Insight Enterprises Inc

Botnet Tracker - 0 Breach Data - 8 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

Methode Electronics Inc

Botnet Tracker - 0 Breach Data - 2 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

Plexus Corp

Botnet Tracker - 0 Breach Data - 2 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

Power Integrations Inc

Botnet Tracker - 0 Breach Data - 2 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

Stratasys Ltd

Botnet Tracker - 0 Breach Data - 2 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

Svmk Inc

Botnet Tracker - 0 Breach Data - 4 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

TiVo Corp

Botnet Tracker - 0 Breach Data - 2 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

21Vianet Group Inc: No new indicators for this company in the past 24 hours.

2U Inc: No new indicators for this company in the past 24 hours.

3D Systems Corp: No new indicators for this company in the past 24 hours.

8x8 Inc: No new indicators for this company in the past 24 hours.

ADTRAN Inc: No new indicators for this company in the past 24 hours.

AVX Corp.: No new indicators for this company in the past 24 hours.

Acacia Communications Inc: No new indicators for this company in the past 24 hours.

Advanced Energy Industries Inc.: No new indicators for this company in the past 24 hours.

Alarm.com Holdings Inc: No new indicators for this company in the past 24 hours.

Altair Engineering Inc: No new indicators for this company in the past 24 hours.

Ambarella Inc: No new indicators for this company in the past 24 hours.

Amkor Technology Inc: No new indicators for this company in the past 24 hours.

AppFolio Inc: No new indicators for this company in the past 24 hours.

Appian Corp: No new indicators for this company in the past 24 hours.

Au Optronics Corp: No new indicators for this company in the past 24 hours.

Aurora Mobile Ltd: No new indicators for this company in the past 24 hours.

Avaya Holdings Corp: No new indicators for this company in the past 24 hours.

Belden Inc: No new indicators for this company in the past 24 hours.

Benchmark Electronics Inc: No new indicators for this company in the past 24 hours.

Benefitfocus Inc: No new indicators for this company in the past 24 hours.

BlackLine Inc: No new indicators for this company in the past 24 hours.

Bottomline Technologies Inc: No new indicators for this company in the past 24 hours.

Box Inc: No new indicators for this company in the past 24 hours.

Brooks Automation Inc: No new indicators for this company in the past 24 hours.

CSG Systems International Inc.: No new indicators for this company in the past 24 hours.

CTS Corp: No new indicators for this company in the past 24 hours.

Cabot Microelectronics Corp: No new indicators for this company in the past 24 hours.

Canadian Solar Inc: No new indicators for this company in the past 24 hours.

Carbon Black Inc: No new indicators for this company in the past 24 hours.

Carbonite Inc: No new indicators for this company in the past 24 hours.

Cardtronics plc: No new indicators for this company in the past 24 hours.

Celestica Inc: No new indicators for this company in the past 24 hours.

Cirrus Logic Inc.: No new indicators for this company in the past 24 hours.

Cision Ltd: No new indicators for this company in the past 24 hours.

Cloudera Inc: No new indicators for this company in the past 24 hours.

Coherent Inc: No new indicators for this company in the past 24 hours.

CommScope Holding Co Inc: No new indicators for this company in the past 24 hours.

CommVault Systems Inc: No new indicators for this company in the past 24 hours.

Computer Services Inc: No new indicators for this company in the past 24 hours.

Conduent Inc: No new indicators for this company in the past 24 hours.

Cornerstone OnDemand Inc: No new indicators for this company in the past 24 hours.

Cray Inc: No new indicators for this company in the past 24 hours.

Descartes Systems Group Inc %28The%29: No new indicators for this company in the past 24 hours.

Diebold Nixdorf Inc: No new indicators for this company in the past 24 hours.

Diodes Inc: No new indicators for this company in the past 24 hours.

Domo Inc: No new indicators for this company in the past 24 hours.

EVERTEC Inc: No new indicators for this company in the past 24 hours.

EVO Payments Inc: No new indicators for this company in the past 24 hours.

Ebix Inc: No new indicators for this company in the past 24 hours.

Endava plc: No new indicators for this company in the past 24 hours.

Everbridge Inc: No new indicators for this company in the past 24 hours.

ExlService Holdings Inc: No new indicators for this company in the past 24 hours.

FARO Technologies Inc: No new indicators for this company in the past 24 hours.

Fabrinet: No new indicators for this company in the past 24 hours.

Fastly Inc: No new indicators for this company in the past 24 hours.

Finisar Corp: No new indicators for this company in the past 24 hours.

FireEye Inc: No new indicators for this company in the past 24 hours.

Fitbit Inc: No new indicators for this company in the past 24 hours.

Five9 Inc: No new indicators for this company in the past 24 hours.

ForeScout Technologies Inc: No new indicators for this company in the past 24 hours.

FormFactor Inc: No new indicators for this company in the past 24 hours.

Globant SA: No new indicators for this company in the past 24 hours.

GreenSky Inc: No new indicators for this company in the past 24 hours.

Hollysys Automation Technologies Ltd: No new indicators for this company in the past 24 hours.

II VI Inc: No new indicators for this company in the past 24 hours.

Inphi Corp: No new indicators for this company in the past 24 hours.

Instructure Inc: No new indicators for this company in the past 24 hours.

InterDigital Inc: No new indicators for this company in the past 24 hours.

Itron Inc: No new indicators for this company in the past 24 hours.

JinkoSolar Holding Co Ltd: No new indicators for this company in the past 24 hours.

KBR Inc: No new indicators for this company in the past 24 hours.

KEMET Corp: No new indicators for this company in the past 24 hours.

Knowles Corp: No new indicators for this company in the past 24 hours.

Kulicke and Soffa Industries Inc: No new indicators for this company in the past 24 hours.

Lattice Semiconductor Corp: No new indicators for this company in the past 24 hours.

LivePerson Inc: No new indicators for this company in the past 24 hours.

Luxoft Holding Inc: No new indicators for this company in the past 24 hours.

MACOM Technology Solutions Holdings Inc: No new indicators for this company in the past 24 hours.

MTS Systems Corp: No new indicators for this company in the past 24 hours.

ManTech International Corp: No new indicators for this company in the past 24 hours.

MaxLinear Inc: No new indicators for this company in the past 24 hours.

MicroStrategy Inc: No new indicators for this company in the past 24 hours.

Mimecast Ltd: No new indicators for this company in the past 24 hours.

NETGEAR Inc: No new indicators for this company in the past 24 hours.

NIC Inc: No new indicators for this company in the past 24 hours.

Nanometrics Inc: No new indicators for this company in the past 24 hours.

NetScout Systems Inc: No new indicators for this company in the past 24 hours.

Nova Measuring Instruments Ltd: No new indicators for this company in the past 24 hours.

Novanta Inc: No new indicators for this company in the past 24 hours.

OSI Systems Inc: No new indicators for this company in the past 24 hours.

Opera Ltd: No new indicators for this company in the past 24 hours.

PC Connection Inc: No new indicators for this company in the past 24 hours.

PROS Holdings Inc: No new indicators for this company in the past 24 hours.

PagerDuty Inc: No new indicators for this company in the past 24 hours.

Perficient Inc: No new indicators for this company in the past 24 hours.

Plantronics Inc.: No new indicators for this company in the past 24 hours.

Pluralsight Inc: No new indicators for this company in the past 24 hours.

Presidio Inc: No new indicators for this company in the past 24 hours.

Progress Software Corp: No new indicators for this company in the past 24 hours.

Q2 Holdings Inc: No new indicators for this company in the past 24 hours.

QAD Inc: No new indicators for this company in the past 24 hours.

QIWI plc: No new indicators for this company in the past 24 hours.

Quantenna Communications Inc: No new indicators for this company in the past 24 hours.

Radware Ltd: No new indicators for this company in the past 24 hours.

Rambus Inc: No new indicators for this company in the past 24 hours.

Rapid7 Inc: No new indicators for this company in the past 24 hours.

Rogers Corp.: No new indicators for this company in the past 24 hours.

Rudolph Technologies Inc.: No new indicators for this company in the past 24 hours.

SPS Commerce Inc: No new indicators for this company in the past 24 hours.

SailPoint Technologies Holdings Inc: No new indicators for this company in the past 24 hours.

Sanmina Corp: No new indicators for this company in the past 24 hours.

Sapiens International Corp NV: No new indicators for this company in the past 24 hours.

ScanSource Inc: No new indicators for this company in the past 24 hours.

SecureWorks Corp: No new indicators for this company in the past 24 hours.

Semtech Corp: No new indicators for this company in the past 24 hours.

Silicon Motion Technology Corp: No new indicators for this company in the past 24 hours.

SolarEdge Technologies Inc: No new indicators for this company in the past 24 hours.

SunPower Corp: No new indicators for this company in the past 24 hours.

Sykes Enterprises Inc: No new indicators for this company in the past 24 hours.

Synaptics Inc: No new indicators for this company in the past 24 hours.

TTEC Holdings Inc: No new indicators for this company in the past 24 hours.

TTM Technologies Inc: No new indicators for this company in the past 24 hours.

Talend SA: No new indicators for this company in the past 24 hours.

Tenable Holdings Inc: No new indicators for this company in the past 24 hours.

Tower Semiconductor Ltd: No new indicators for this company in the past 24 hours.

Upland Software Inc: No new indicators for this company in the past 24 hours.

Varonis Systems Inc: No new indicators for this company in the past 24 hours.

Verra Mobility Corp: No new indicators for this company in the past 24 hours.

Viavi Solutions Inc: No new indicators for this company in the past 24 hours.

Virtusa Corp: No new indicators for this company in the past 24 hours.

Vishay Intertechnology Inc.: No new indicators for this company in the past 24 hours.

WNS %28Holdings%29 Ltd: No new indicators for this company in the past 24 hours.

Workiva Inc: No new indicators for this company in the past 24 hours.

Xperi Corp: No new indicators for this company in the past 24 hours.

Yext Inc: No new indicators for this company in the past 24 hours.

Zuora Inc: No new indicators for this company in the past 24 hours.

ePlus Inc: No new indicators for this company in the past 24 hours.

Botnet_tracker

Keylogger

Malicious Emails

Pastebin

Sinkhole data

Breach Data

Threat Recon

Wapack Labs REDXRAY Threat Report (8 companies with new threats)

Oil and Gas Suppliers - Mid Market

REDXRAY Threat Report

All hits in this notification should be investigated by an analyst before being actioned or blocked. For more information, please contact Wapack Labs at 888-733-9729.

Accenture

Botnet Tracker - 0 Breach Data - 12 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

Baker Hughes

Botnet Tracker - 0 Breach Data - 46 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

Caterpillar Caterpillar Oil &Gas

Botnet Tracker - 0 Breach Data - 20 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

Deloitte

Botnet Tracker - 0 Breach Data - 2 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

Halliburton

Botnet Tracker - 0 Breach Data - 2 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

National Oilwell Varco

Botnet Tracker - 0 Breach Data - 4 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

Oceaneering International, Inc.

Botnet Tracker - 0 Breach Data - 2 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 0 Sinkhole Traffic - 0 ThreatRecon Records - 0

Schlumberger

Botnet Tracker - 0 Breach Data - 6 Keylogger Records - 0 Malicious Emails - 0 Malicious Emails Context- 0 Malicious Email Detections- 0 Pastebin - 2 Sinkhole Traffic - 0 ThreatRecon Records - 0

AF Global: No new indicators for this company in the past 24 hours.

ASRC Energy Services: No new indicators for this company in the past 24 hours.

Aereon: No new indicators for this company in the past 24 hours.

Affirm Oilfield (a division of Select Energy Services): No new indicators for this company in the past 24 hours.

Alix Partners: No new indicators for this company in the past 24 hours.

All-Pro Fasteners: No new indicators for this company in the past 24 hours.

Allison Transmission: No new indicators for this company in the past 24 hours.

American Block: No new indicators for this company in the past 24 hours.

Apergy: No new indicators for this company in the past 24 hours.

Aries World Wide Logistics: No new indicators for this company in the past 24 hours.

Arnco Technology: No new indicators for this company in the past 24 hours.

Atlas Sand: No new indicators for this company in the past 24 hours.

Auge: No new indicators for this company in the past 24 hours.

Aztec events & tents: No new indicators for this company in the past 24 hours.

B&L Pipeco Services: No new indicators for this company in the past 24 hours.

BJ Services Company USA: No new indicators for this company in the past 24 hours.

Basic Energy Services: No new indicators for this company in the past 24 hours.

Bell Supply Company (a division of Endurance Lift Holgings): No new indicators for this company in the past 24 hours.

Big E Drilling (A division of Eastham Forge): No new indicators for this company in the past 24 hours.

Blackhorse Pumps: No new indicators for this company in the past 24 hours.

Brookfield: No new indicators for this company in the past 24 hours.

C&J Energy Services: No new indicators for this company in the past 24 hours.

CDI Energy Products: No new indicators for this company in the past 24 hours.

Camerona Schlumberger Company: No new indicators for this company in the past 24 hours.

Clearlake Capital: No new indicators for this company in the past 24 hours.

Covenant Testing Technologies: No new indicators for this company in the past 24 hours.

Credit Suisse: No new indicators for this company in the past 24 hours.

Distrubution Now: No new indicators for this company in the past 24 hours.

Doxsteel Fasterners: No new indicators for this company in the past 24 hours.

Dragon Products: No new indicators for this company in the past 24 hours.

Duff & Phelps: No new indicators for this company in the past 24 hours.

Eastham Forge: No new indicators for this company in the past 24 hours.

Elwood Group, Inc: No new indicators for this company in the past 24 hours.

Endurance Lift Solutions: No new indicators for this company in the past 24 hours.

Energy Alloys: No new indicators for this company in the past 24 hours.

Enventure Global Technology, Inc.,: No new indicators for this company in the past 24 hours.

Exterran: No new indicators for this company in the past 24 hours.

Finkl Steel, Finkl Steel Composite (division of Finkl Steel) , Finkle Steel-Sorel (division of Finkl Steel): No new indicators for this company in the past 24 hours.

First Reserve: No new indicators for this company in the past 24 hours.

Flexitallic Group Inc.: No new indicators for this company in the past 24 hours.

Forged Products, Inc.: No new indicators for this company in the past 24 hours.

Forum Energy Technologies (FET): No new indicators for this company in the past 24 hours.

Fox Metals and Alloys: No new indicators for this company in the past 24 hours.

Frank's International: No new indicators for this company in the past 24 hours.

Freemyer Industrial Pressure: No new indicators for this company in the past 24 hours.

GEO Dynamics (Oil States International, Inc): No new indicators for this company in the past 24 hours.

GR Energy Services: No new indicators for this company in the past 24 hours.

GTUIT: No new indicators for this company in the past 24 hours.

Galtway Industries: No new indicators for this company in the past 24 hours.

Gardner Denver, Inc: No new indicators for this company in the past 24 hours.

Gravity Oilfield Services: No new indicators for this company in the past 24 hours.

Gulf Energy information: No new indicators for this company in the past 24 hours.

HALE Oil & Gas Business Magazine: No new indicators for this company in the past 24 hours.

Hart Energy: No new indicators for this company in the past 24 hours.

Holland 1916: No new indicators for this company in the past 24 hours.

Hoover Ferguson: No new indicators for this company in the past 24 hours.

Hunting Energy Services: No new indicators for this company in the past 24 hours.

Hydrus Technology: No new indicators for this company in the past 24 hours.

Industrial Tax Consulting: No new indicators for this company in the past 24 hours.

InfoChip LP: No new indicators for this company in the past 24 hours.

IronGate Energy Services, LLC: No new indicators for this company in the past 24 hours.

JD Rush Corporation: No new indicators for this company in the past 24 hours.

KLX Energy Services: No new indicators for this company in the past 24 hours.

KW International: No new indicators for this company in the past 24 hours.

Kenewick: No new indicators for this company in the past 24 hours.

Kerr Pumps: No new indicators for this company in the past 24 hours.

Key Energy Services, Inc.: No new indicators for this company in the past 24 hours.

Kimray: No new indicators for this company in the past 24 hours.

Lazard: No new indicators for this company in the past 24 hours.

Li Gear: No new indicators for this company in the past 24 hours.

Lockton Global Energy & Marine: No new indicators for this company in the past 24 hours.

Lone Star Group: No new indicators for this company in the past 24 hours.

Lucchini Mame Forge: No new indicators for this company in the past 24 hours.

M & M International: No new indicators for this company in the past 24 hours.

M&M Forgings: No new indicators for this company in the past 24 hours.

MRC Global: No new indicators for this company in the past 24 hours.

Master Flo Valve (USA) Inc.: No new indicators for this company in the past 24 hours.

McGriff, Seibels & Williams: No new indicators for this company in the past 24 hours.

Minco, Inc.: No new indicators for this company in the past 24 hours.

Mustang Cat: No new indicators for this company in the past 24 hours.

Nabors Drilling Technologies USA: No new indicators for this company in the past 24 hours.

Newpark Drilling Fluids, LLC: No new indicators for this company in the past 24 hours.

OFS Energy, LLC: No new indicators for this company in the past 24 hours.

Oil States Energy Services: No new indicators for this company in the past 24 hours.

PPHB: No new indicators for this company in the past 24 hours.

PRT Offshore: No new indicators for this company in the past 24 hours.

PennWell/Oil & Gas Journal: No new indicators for this company in the past 24 hours.

Pink Petro: No new indicators for this company in the past 24 hours.

Pioneer Energy Services: No new indicators for this company in the past 24 hours.

Premier Pipe: No new indicators for this company in the past 24 hours.

Preng & Associates: No new indicators for this company in the past 24 hours.

ProSep: No new indicators for this company in the past 24 hours.

Propell: No new indicators for this company in the past 24 hours.

QES (Quintana Energy Services LP): No new indicators for this company in the past 24 hours.

RPC, Inc: No new indicators for this company in the past 24 hours.

Raymond James & Associates, Inc.: No new indicators for this company in the past 24 hours.

Rubicon Oilfield International: No new indicators for this company in the past 24 hours.

S+S Industries: No new indicators for this company in the past 24 hours.

SCF Partners: No new indicators for this company in the past 24 hours.

SOR, Inc.: No new indicators for this company in the past 24 hours.

Scientific Drilling International, Inc.: No new indicators for this company in the past 24 hours.

Select Energy Serivces, LLC: No new indicators for this company in the past 24 hours.

Sertco industries: No new indicators for this company in the past 24 hours.

Sierra Hamilton: No new indicators for this company in the past 24 hours.

Sigma Fasterners, Inc: No new indicators for this company in the past 24 hours.

Simmons & Company International: No new indicators for this company in the past 24 hours.

Sivalls, Inc.: No new indicators for this company in the past 24 hours.

Smart Sand, Inc.: No new indicators for this company in the past 24 hours.

Solaris Oilfield: No new indicators for this company in the past 24 hours.

Solaris Oilfield Infrastructure: No new indicators for this company in the past 24 hours.

Sooner Pipe, LLC: No new indicators for this company in the past 24 hours.

Southern Stimulation Technologies: No new indicators for this company in the past 24 hours.

Southwest Oilfield Products, Inc.: No new indicators for this company in the past 24 hours.

Spencer Stuart: No new indicators for this company in the past 24 hours.

Spring Bolt and Nut Manufacturing: No new indicators for this company in the past 24 hours.

Stallion Oilfield Services Ltd.: No new indicators for this company in the past 24 hours.

Stream-Flo USA LLC: No new indicators for this company in the past 24 hours.

Stress Engineering Service, Inc.: No new indicators for this company in the past 24 hours.

Sunbelt Steel: No new indicators for this company in the past 24 hours.

Superior Energy: No new indicators for this company in the past 24 hours.

TETRA Technologies, Inc.: No new indicators for this company in the past 24 hours.

TechnipFMC: No new indicators for this company in the past 24 hours.

Teledyne Marine: No new indicators for this company in the past 24 hours.

Trinidad Drilling Ltd.: No new indicators for this company in the past 24 hours.

Tudor, Pickering, Holt & Co.: No new indicators for this company in the past 24 hours.

ValTek Industries, Inc.: No new indicators for this company in the past 24 hours.

Vallourec Drilling USA Corporation, Vallourec Drilling USA Corporation, Vallourec Drilling: No new indicators for this company in the past 24 hours.

Vanguard lab Sciences, LLC: No new indicators for this company in the past 24 hours.

WN Global: No new indicators for this company in the past 24 hours.

Weatherford International Ltd.: No new indicators for this company in the past 24 hours.

Weir Oil & Gas: No new indicators for this company in the past 24 hours.

Botnet_tracker

Keylogger

Malicious Emails

Pastebin

Sinkhole data

Breach Data

Threat Recon

Monday, August 5, 2019

Proven Connections Between Huawei & the Chinese State, Military, and Intelligence Gathering Services

The recent leakage of millions of resumes from Chinese job sites has provided the opportunity to research, among other things, the work histories and expertise of thousands of Huawei Technologies employees. Christopher Balding of Fulbright University Vietnam has conducted such a search to determine if Huawei has links to the People’s Liberation Army (PLA) or the Ministry of State Security (MSS). He recently published his conclusion that “there is an undeniable relationship between Huawei and the Chinese state, military, and intelligence gathering services.”

To read the full article in our portal, and find an archive of related reporting, follow this link to - https://redskyalliance.org/

Wapack Labs Sinkhole Blacklist

TLP AMBER ANNOUNCEMENT:

Reporting Period: August 5, 2019

Wapack Labs identified connections from 40,141 new unique IP addresses, which are checking in with one of the many Wapack Labs sinkhole domains.

Contact Wapack Labs for more information:
603-606-1246, or feedback@wapacklabs.com

Action recommendation: Users should immediately place each of these IP addresses in a monitor or block status in intrusion prevention systems.