lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  PHC 
Open Source and information security mailing list archives
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Date: Thu, 2 May 2019 05:57:36 +0000 (UTC)
From: InfoSec News <>
Subject: [Newsletter/Marketing] [ISN] Attackers Used Red-Team,
 Pen-Testing Tools to Hack Wipro

By Robert Lemos
Dark Reading

The breach of outsourcing firm Wipro is a cybercriminal operation using tools
common to red teams and penetration testers and has likely been active as far
back as 2015, according to an analysis published by threat-intelligence firm

The group behind the breach has links to a phishing campaign that focuses on
gathering credentials to gain access to corporate sites for administering gift
card and reward programs, two researchers with threat-intelligence firm
Flashpoint stated in the analysis. The attackers used ScreenConnect, a remote
access tool (RAT) often used by penetration testers in support engagements, and
Powerkatz, a post-exploitation tool often used by red teams, says Jason Reaves,
a principal threat researcher at Flashpoint.

"The tools used to breach companies are common to pen-testing and red teams," he
says. "The actors perform recon like traditional red teams and cloak themselves
within that environment. They have a preference for the ScreenConnect utility
but also utilize RDP, which is common in most corporate environments."


Subscribe to InfoSec News

Powered by blists - more mailing lists