Hi, folks, This may impact some of you: https://www.pwc.co.uk/issues/cyber-security-data-privacy/insights/operation… That URL contains two PDFs (linked near the bottom) - one with a narrative report, and another with indicators of compromise. You may benefit from searching through your IDS and netflow logs for these IOCs. On a related note, I've seen a number of examples lately of IT folks being targeted where they're less on guard (e.g. home/personal infrastructure) as a vector for gaining access to juicier targets at their employers. You don't have to be personally wealthy or otherwise of direct interest to be of use to an attacker. -- Graham Freeman https://graham-freeman.info/