[prev in list] [next in list] [prev in thread] [next in thread]
List: outages-discussion
Subject: Re: [Outages-discussion] [outages] not quite an outage, more a hack, "Urgent: Threat actor in system
From: Jay Hennigan <jay () west ! net>
Date: 2021-11-14 3:21:08
Message-ID: 3c8f02a9-d3fd-e752-9b1a-6dc1882c92c2 () west ! net
[Download RAW message or body]
On 11/13/21 08:11, Glenn McGurrin via Outages wrote:
[snip]
The body reads a bit like the data sheet for the Turbo-Encabulator.
> Full body of the email:
>
> Our intelligence monitoring indicates exfiltration of several of your
> virtualized clusters in a sophisticated chain attack. We tried to
> blackhole the transit nodes used by this advanced persistent threat
> actor, however there is a huge chance he will modify his attack with
> fastflux technologies, which he proxies trough multiple global
> accelerators. We identified the threat actor to be Vinny Troia, whom is
> believed to be affiliated with the extortion gang TheDarkOverlord, We
> highly recommend you to check your systems and IDS monitoring. Beware
> this threat actor is currently working under inspection of the NCCIC, as
> we are dependent on some of his intelligence research we can not
> interfere physically within 4 hours, which could be enough time to cause
> severe damage to your infrastructure.
> Stay safe,
> U.S. Department of Homeland Security | Cyber Threat Detection and
> Analysis | Network Analysis Group
> _______________________________________________
> Outages mailing list
> Outages@outages.org
> https://puck.nether.net/mailman/listinfo/outages
--
Jay Hennigan - jay@west.net
Network Engineering - CCIE #7880
503 897-8550 - WB6RDV
_______________________________________________
Outages-discussion mailing list
Outages-discussion@outages.org
https://puck.nether.net/mailman/listinfo/outages-discussion
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic