[bitfolk] Sophisticated attack against large UK companies, v…

Top Page

Reply to this message
Author: Graham Freeman
Date:  
To: BitFolk Users
Subject: [bitfolk] Sophisticated attack against large UK companies, via IT service providers
Hi, folks,

This may impact some of you:

https://www.pwc.co.uk/issues/cyber-security-data-privacy/insights/operation-cloud-hopper.html

That URL contains two PDFs (linked near the bottom) - one with a narrative
report, and another with indicators of compromise. You may benefit from
searching through your IDS and netflow logs for these IOCs.

On a related note, I've seen a number of examples lately of IT folks being
targeted where they're less on guard (e.g. home/personal infrastructure) as
a vector for gaining access to juicier targets at their employers. You
don't have to be personally wealthy or otherwise of direct interest to be
of use to an attacker.

--
Graham Freeman
https://graham-freeman.info/