Search
Items tagged with: threatintel
Ahold Delhaize, who own Stop & Shop, Hannaford, Giant Food, The GIANT Company and Food Lion, say they are dealing with a cybersecurity incident. I understand it is actually ransomware and they're several days in.
newsroom.aholddelhaize.com/ahoβ¦
Ahold Delhaize statement on Ahold Delhaize USA cybersecurity issue
Zaandam, the Netherlands, November 8, 2024 - Ahold Delhaize USA recently detected a cybersecurity issue within its U.S. network.Ahold Delhaize
Why not to leave HMIs exposed to the internet with open VNC - "zPentest" posted a video of themselves turning off refrigeration at a US company.
Wild ass day in the Tor node operator world. Got an email from my VPS, forwarding a complaint from WatchDog CyberSecurity saying that my box was scanning SSH ports!
> Oh no, oh no, I knew I should have set up fail2ban, oh god why was I so lackadaisical!
So I remote in to the machine: no unusual network activity, no unusual processes, users, logins, command history, no sign that anything is doing anything I didn't tell it to do.
So what's up? Turns out there's been a widespread campaign where some actor is spoofing IPs to make it look like systems running Tor are scanning port 22: forum.torproject.org/t/tor-relβ¦
Operators from all over are saying they're getting nastygrams from their VPS providers because WatchDog is fingering their source IPs (which are being spoofed and NOT part of a global portscanning botnet).
@delroth did an amazing writeup of the whole thing here: delroth.net/posts/spoofed-massβ¦
#tor #infosec #cybersecurity #threatintel #privacy
[tor-relays] Tor relays source IPs spoofed to mass-scan port 22?
It would be hard to explain to Verizon I run Tor relays since they technically don't allow servers. I hope I'm not forced onto AT&T Internet Air as my particular co-op rental unit won't let met get Spectrum even when other units can, not that I wanteβ¦Tor Project Forum
We, @greynoise, are seeing a massive uptick in IPs attempting to authenticate via telnet using one of several known backdoor accounts in FiberHome routers. #threatintel
viz.greynoise.io/tags/fiberhomβ¦
1/2
CCCS (Canada): Statement on People's Republic of China reconnaissance of Canadian systems
This got overlooked Friday: The Canadian Centre for Cyber Security (CCCS) warned Canadian organizations to harden their networks against reconnaissance scanning, performed by a Chinese state-sponsored threat actor over several months. Targets were multiple organizations across multiple sectors including:
- Government of Canada departments and agencies
- federal political parties
- the House of Commons and Senate
- democratic institutions
- critical infrastructure
- defense sector
- media organizations
- think tanks
- Non Governmental Organizations (NGOs)
h/t: @campuscodi
#china #cyberespionage #canada #cccs #threatintel #infosec #cybersecurity #cyberthreatintelligence #CTI
