Kevin Beaumont on Nostr: Transport for London have shut down outbound internet access and restricted systems ...
Transport for London have shut down outbound internet access and restricted systems inbound, eg they have cut off some Netscaler VPNs but left up others for home users.
They appear to be doing a containment. Unclear if ransomware so far as haven’t had time to crawl network traffic.. but it’s the containment steps you take for ransomware and extortion groups.
#threatintel
Published at
2024-09-03 12:30:23Event JSON
{
"id": "bb320e8074540399ac307b84629372442fb24521e8833b0db9ca9d24cf6aff1b",
"pubkey": "f6870afcde4480ec8508f50304859e14a51309ff24ab3f0f862c52bdc4af8747",
"created_at": 1725366623,
"kind": 1,
"tags": [
[
"e",
"867bd934e622a2f0ec8ed78d9fec7d56cdd8c1911e098a081be3210c3411c5e1",
"wss://relay.mostr.pub",
"reply"
],
[
"t",
"threatintel"
],
[
"proxy",
"https://cyberplace.social/users/GossiTheDog/statuses/113073627027560242",
"activitypub"
]
],
"content": "Transport for London have shut down outbound internet access and restricted systems inbound, eg they have cut off some Netscaler VPNs but left up others for home users. \n\nThey appear to be doing a containment. Unclear if ransomware so far as haven’t had time to crawl network traffic.. but it’s the containment steps you take for ransomware and extortion groups. \n\n#threatintel",
"sig": "4873236c678fd607598489c810ebd9883e2f55b39f8bb06fc58ccc2d2586e6dd513195941a9540373a301ab55e0d1e44473abfe39401257b5eb0469cd2d5761f"
}
