Thursday, February 19, 2015

Wall of Shame

Here's some of the latest traffic we are seeing today:

US Traffic
1. Boston University - Compromised System (Infiltrated Blacklist)
2. University of Washington - Compromised System (Infiltrated Blacklist, SLC Security Blacklist)
3. Utah State University - Compromised System (Infiltrated Blacklist, SLC Security Blacklist)
4. Yale University - Compromised System/SSH Attacks (Infiltrated Blacklist, Private Feed)

Foreign Traffic
No reports today

Analyst Notes:
We are seeing an increase in US colleges and Universities that may be related to recent hacking activities previously noted. While we have attempted to contact as many organizations as we can we have noted that many have not acknowledged the activity even though some data has been seen on Darknet and some forums.

In addition some recent Twitter activity shows that some of these hackers are posting specific information that was able to be verified. Many Universities have chosen not to report such issues.

The main attack vector at these organizations was mostly SQL injections according to the Twitter post. Specific intelligence is available by subscribing to our intelligence services. In addition we have started noting strange traffic on DNS ports specifically UDP 53 from some of these organizations.

No comments:

Post a Comment