It’s been another great week in the Red Sky Alliance!
This week was the week of the FS-ISAC meeting. As a result, participation was a little light, but
nonetheless, we had some pretty cool stuff happen.
Fusion Report 12-009 was just posted to the portal. It tells
the story of an Internet service provider in the US whose only customers are
apparently international (ahem) entrepreneurs, including details of one man’s empire
of fraud, domains, and a laundry list of malicious activity. The report gives
our membership over 400 new domains, malicious emails and subnets that they may
now simply ‘block’. This report was interesting because it wasn’t based on an
incident responded to by a member, rather translations of open source
information by one of our analysis teams which suggested that an international "security professional" was using a rural US-based ISP for their service. The question ‘why?’ lead us to some
interesting findings from the membership, and in the end, a great read!
On Wednesday, another Founding Member joined the Alliance
and our Advisory Board; this one from the Defense Industrial Base. This is a
smaller company ($1.5 billion in annual revenue and 300
federal contracts in intelligence, defense, homeland security and the aviation
industry) but the company has a GREAT Infosec team that will make an incredible
contribution. The cross sector nature of the Alliance is rounding out
nicely! Welcome!
Also on Wednesday we analyzed a suspected targeted 0-day.
Many of the Alliance members assisted, and the output will be a formal Fusion
Report showing how it plays into the bigger scheme of the group using it. I’m very
much looking forward to Fusion Report 10!
Until next time,
Have a great week!
Have a great week!
Jeff
No comments:
Post a Comment