and on the campaign news (again)
Internet / IP-based printer was setup from clintonemail.com domain called, printer.clintonemail.com.
I wonder if it had a config banner that said print to me or please capture packets now… Hacking 101 seeks the obvious is searching for target names (or derivatives – but not needed here, a bit obvious), identify / scanning open and clear-text ports to attain available or vulnerable services; and listen (packet capture / man-in-the-middle), store info. and/or exploit vulnerabilities for exfiltration, extortion, etc. That said, encryption/VPN was not mentioned…Krebs on Security also noted passive DNS records adjacent to:
24.187.234.186 rosencrans.dyndns.ws
24.187.234.187 wjcoffice.com
24.187.234.187 mail.clintonemail.com
24.187.234.187 mail.presidentclinton.com
24.187.234.188 printer.clintonemail.com
24.187.234.188 printer.presidentclinton.com
24.187.234.190 sslvpn.clintonemail.com
No comments:
Post a Comment