In the past weeks we've seen mayor attacks against companies inside of Europe and Africa. Encrypting over 6500 unique systems in two attacks.pic.twitter.com/tJDe1gEqzr
U tweetove putem weba ili aplikacija drugih proizvođača možete dodati podatke o lokaciji, kao što su grad ili točna lokacija. Povijest lokacija tweetova uvijek možete izbrisati. Saznajte više
In the past weeks we've seen mayor attacks against companies inside of Europe and Africa. Encrypting over 6500 unique systems in two attacks.pic.twitter.com/tJDe1gEqzr
The attacks against MSP are tough to figure out. We'll see lots of different companies being infected. For example we saw lots of dentistry related infections but no clue why. A week later @briankrebs publishes this https://krebsonsecurity.com/2019/12/ransomware-at-colorado-it-provider-affects-100-dental-offices/ …
In the article we still talk about decryptor [.]top as one of the payment sites. The domain no longer resolves. We will need to update that later.
Just this morning I learned the "c2" domains do change. @pmelson showed two distinct sets. This means we sinkhole one of the two. We already assumed we saw a subset of all infections. This confirms it. Going to try and figure out why there are two sets of domains.
So glad that @campuscodi was able to cover the blog. Our blog is long and I'm not a writer. He is and has distilled our ramblings:https://twitter.com/campuscodi/status/1222051933709430784?s=19 …
Will be presenting our research today @kpnsecurity #secureid and later in a joint presentation with @John_Fokker at @HotelHacker
Speaking about it today?
Excellent work! Great to see where collaboration between infosecurity professionals can lead to. Good luck with your talk today. @RonnyTNL and @markloman will attend.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.