Wipro Attackers Have Operated Under the Radar for Years
#1
Quote:New details are emerging in the April attack on systems consulting behemoth Wipro, which saw its network hacked and used for mounting attacks on a dozen of its customers. In a fresh analysis of the indicators of compromise (IOCs), Flashpoint analysts said that the cyberattackers have actually been operating in the shadows for some time – and that the Wipro incident is only its latest effort.
 
Researchers also uncovered that the adversaries used a range of legitimate security applications during the campaign; and, that the threat group appears to have been looking to carry out mass gift card fraud.
 
In the attack, the adversaries appeared to compromise the company’s email server via a successful phishing attempt, before pivoting to reach out to partner networks. The company represents a target-rich environment for this kind of supply-chain attack: It works with tens of thousands of companies, including Fortune 500 clients, on technology outsourcing projects around the globe (last year passing $8 billion in annual run rate).

“We detected a potentially abnormal activity in a few employee accounts on our network due to an advanced phishing campaign,” the company said in a media statement at the time. “Upon learning of the incident, we promptly began an investigation, identified the affected users and took remedial steps to contain and mitigate any potential impact.”

SOURCE: https://threatpost.com/wipro-attackers-u...ar/144276/
[-] The following 1 user says Thank You to silversurfer for this post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username/Email:


Password:





[-]
Recent Posts
Adobe Acrobat Reader DC 2025.001.20467
Adobe Acrobat Read...harlan4096 — 06:11
GFYI [Official] CheckMAL's AppCheck Pro...
tweet CheckMAL Secu...dhruv2193 — 17:10
Introducing Advanced Chat Privacy: Enhan...
Introducing Advanc...harlan4096 — 11:49
Brave 1.77.101
Release Channel 1....harlan4096 — 11:48
Opera118.0.5461.60
Hello! We are h...harlan4096 — 11:47

[-]
Birthdays
Today's Birthdays
avatar (50)steakelask
avatar (44)Termoplenka
Upcoming Birthdays
avatar (50)Toligo

[-]
Online Staff
There are no staff members currently online.

>