Troy Hunt

JULY 5, 2019

There's a bunch of really interesting numbers in there (for me at least) and rather than just keeping them locked away in an information memorandum, I thought I'd share them with everyone in this week's update. In my haste this week, I put out a really poorly worded tweet which I've tried to clarify in this week's video.

Government 141

Government 141

Cisco Security

AUGUST 12, 2021

We were able to remotely update them into compliance. Once the enrollment was completed, we were able to secure the iPads by deploying the Cisco Secure Endpoint for iOS/Security Connector. We were able to manage all aspects of the iPads remotely. Several came with out-of-date iOS. The PAN firewall team observed Russian IP 45[.]146[.]164[.]110.

DNS 136

DNS Firewall Phishing Mobile 136

Fox IT

APRIL 29, 2022

Considering that BUMBLEBEE is actively being developed on, the operator(s) did not implement a command to update the loader’s binary, resulting the loss of existing infections. 146 172.241.29[.]169 Distribution via OneDrive links. Email thread hijacking with password protected ZIP. 45 103.175.16[.]46 46 104.168.236[.]99

Encryption 75

Encryption Passwords Malware Software 75

SecureList

JANUARY 20, 2022

As a safety measure against this attack and similar ones, it is recommended to update the UEFI firmware regularly and verify that BootGuard, where applicable, is enabled. 146 – ScrambleCross. During the time the actor switched between multiple hosting providers, resulting in a scattered infrastructure across several ASNs.

Firmware 144

Firmware Malware Encryption Passwords 144