Hi, folks,
This may impact some of you:
https://www.pwc.co.uk/issues/cyber-security-data-privacy/insights/operation-cloud-hopper.html
That URL contains two PDFs (linked near the bottom) - one with a narrative
report, and another with indicators of compromise. You may benefit from
searching through your IDS and netflow logs for these IOCs.
On a related note, I've seen a number of examples lately of IT folks being
targeted where they're less on guard (e.g. home/personal infrastructure) as
a vector for gaining access to juicier targets at their employers. You
don't have to be personally wealthy or otherwise of direct interest to be
of use to an attacker.
--
Graham Freeman
https://graham-freeman.info/
