Vulnerable Disclosures will be releasing information later today or early tomorrow on some entities that are being reported as conducting DDOS, Brute Force Login Attacks and that are either spreading malware or have IP address information showing up in botnet activity reports and malware type indicators.
During our recent research we have been noticing many companies that are
 appearing in our analysis that have machines that are involved in 
denial of service attacks, malware and spam campaigns as well as host 
that are directly attacking others with brute force logins. These 
companies are not considered breached but we should be vigilant in 
watching for future activity. All of the following entities have been 
seen attacking others from IP space owned by the companies. Keep in mind
 this may not be accurate as there are inaccurate entries in ARIN and 
WHOIS databases so this information may not be 100% correct. We feel 
that it's important to list out these companies in the event that they 
are breached in the future to at least note that activity was seen from 
these companies in distributed IDS systems as well as in logs that we 
have been able to review.
Again it's important for us to put the disclaimer that this does not 
necessarily indicate that a company has been breached just that we are 
seeing indicators that would be consistent with infrastructure being 
under the control of a third party.  We do not assume that these 
companies are breached only that others are reporting malicious activity
 originating from these organizations.
These companies should be reviewing their logs and ensuring that they are not infected or should be reaching out to their security teams to perform reviews to determine why they are showing up in these IDS/IPS and firewall logs at other organizations.
We will be emailing the companies on the list directly prior to releasing their information. If they provide any feedback we may remove them from the list or alternatively post them with comments provided.
No comments:
Post a Comment