We are happy to post our latest research into a complex web of espionage involving the Russian threat group known as Secret Blizzard (aka Turla). Along with our friends at Microsoft, we reveal how Secret Blizzard was able to discover and manipulate a hacking campaign by a Pakistani-based intelligence group, who managed to harvest intelligence from their Indian government and military victims. But Secret Blizzard wasn't done, instead they worked back up into the Pakistani operators’ own workstations to steal everything they found including custom malware which was later repurposed to their own ends. Please enjoy this fascinating read on the network exploitation involved, links to IOCs, and as a bonus you’ll find the link to MSTIC's breakdown of the malware in play. #infosec #APT #turla #secretblizzard #MSTIC https://lnkd.in/ecqBkAdG
Black Lotus Labs
Computer and Network Security
Monroe, Louisiana 682 followers
The official threat research and operations arm of Lumen Technologies.
About us
Black Lotus Labs, the Threat Research and Intelligence arm of Lumen Technologies, leverages unmatched network visibility to protect our customers and keep the internet clean. By powering Lumen® Rapid Threat Defense, we automate protection and proactively neutralize threats using global network data flows and machine learning algorithms. Our cybersecurity experts uncover and defend against threats others can’t to ensure a safer digital environment.
- Website
-
https://www.lumen.com/en-us/security/black-lotus-labs.html
External link for Black Lotus Labs
- Industry
- Computer and Network Security
- Company size
- 10,001+ employees
- Headquarters
- Monroe, Louisiana
Updates
-
We are thrilled to announce our latest research to our new LinkedIn friends! Our report on the NSOCKS proxy and the ngioweb botnet is now live. Lumen’s Black Lotus Labs has uncovered new elements of this intricate network which has been active since 2018, exploiting routers and IoT devices globally. Over 60% of the victims are in the US, with proxies used by various malefactors for DDoS attacks and data theft. This morning, we coordinated a takedown of the ngioweb and NSOCKS network, blocking all traffic to their control points. This action not only protects Lumen and its customers but also makes the internet a bit safer. Check out the full details here: https://lnkd.in/eF52_Kje
One Sock Fits All: The use and abuse of the NSOCKS botnet
https://blog.lumen.com
-
Black Lotus Labs reposted this
Trying to keep up with #AI? Whether you’re looking for real-time flexible networks or increased security – Lumen can help keep you ahead of the game. ➡️🏈 With Lumen Digital, we’ve built a network for where you’re going – learn how the #TrustedNetwork for AI can help. Learn more: https://bit.ly/4dnl2kZ #CybersecurityAwarenessMonth
-
Welcome to the official Black Lotus Labs LinkedIn page! 🌐🔐 As the threat research and intelligence arm of Lumen Technologies, we’re dedicated to providing cutting-edge cybersecurity solutions. Follow us to stay informed on #ThreatIntelligence on #Botnets, as well as observations on the tools, techniques, and procedures of bad actors. Stay ahead of cyberthreats – join us today and explore more on our website ➡️ https://bit.ly/4gJs32i