lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 2 May 2019 05:57:36 +0000 (UTC)
From: InfoSec News <alerts@...osecnews.org>
To: isn@...ts.infosecnews.org
Subject: [Newsletter/Marketing] [ISN] Attackers Used Red-Team,
 Pen-Testing Tools to Hack Wipro

https://www.darkreading.com/attacks-breaches/attackers-used-red-team-pen-testing-tools-to-hack-wipro/d/d-id/1334586

By Robert Lemos
Dark Reading
5/1/2019

The breach of outsourcing firm Wipro is a cybercriminal operation using tools
common to red teams and penetration testers and has likely been active as far
back as 2015, according to an analysis published by threat-intelligence firm
Flashpoint.

The group behind the breach has links to a phishing campaign that focuses on
gathering credentials to gain access to corporate sites for administering gift
card and reward programs, two researchers with threat-intelligence firm
Flashpoint stated in the analysis. The attackers used ScreenConnect, a remote
access tool (RAT) often used by penetration testers in support engagements, and
Powerkatz, a post-exploitation tool often used by red teams, says Jason Reaves,
a principal threat researcher at Flashpoint.

"The tools used to breach companies are common to pen-testing and red teams," he
says. "The actors perform recon like traditional red teams and cloak themselves
within that environment. They have a preference for the ScreenConnect utility
but also utilize RDP, which is common in most corporate environments."

[...]



--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_

Powered by blists - more mailing lists