 |
Post AxALHASJpt4MO1X4pE by [email protected] |
 |
More posts by [email protected] |
|
Post #Ax8G5xz6yUVAR4n56W by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Pour one out for Colt. |
|
|
|
Post #Ax8GJV1FSrjKefF8Pw by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog does that mean you're pouring yourself a colt one |
|
|
|
Post #Ax8GZkpOSJBQJnRtsu by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog They got owned as well? |
|
|
|
Post #Ax8HIZfYn1YCk3Dmsa by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog Is that Colt as in Colt 45 or Colt as in .45 Colt? |
|
|
|
Post #Ax8Hraev6O0bwkcQnA by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog any news links to follow? What happened? |
|
|
|
Post #Ax8Ib1c9jGbsZvzV56 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Colt disappeared yesterday, their status page says "technical issue"h… |
|
|
|
Post #Ax8IcZNFhHjJZVkxBA by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog |
|
|
|
Post #Ax8IeR7fLYBgYlM8zQ by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog Medic! |
|
|
|
Post #Ax8J5xGrvZDy5KmaBc by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog |
|
|
|
Post #Ax8ZSGKpKNkGqdIDlA by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog we tried 🤷 |
|
|
|
Post #Ax8mntTuHBILkBBWRU by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog probs coincidence, but yesterday I finished integrating and testin… |
|
|
|
Post #Ax9oGs5GqQhOv70Evg by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Colt are dealing with what appears to be an undisclosed cyber incident. They fi… |
|
|
|
Post #Ax9sS4MFwynZzOXiTo by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Oh I was hoping this was the gun manufacturer... |
|
|
|
Post #AxA5hrQX5tPbvDP4Pw by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Colt had ecrime IP addresses talking to a bunch of their Microsoft SharePoint s… |
|
|
|
Post #AxAK2yg8j5CrqtfPVo by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Colt's also started isolating some systems on COLT Technology Services Grou… |
|
|
|
Post #AxAL5pVBOweMDKSwBk by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Puts the "Share" in "Sharepoint". |
|
|
|
Post #AxALHASJpt4MO1X4pE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog oh that's... interesting 😬That's one of two BGP upstrea… |
|
|
|
Post #AxANgfMSGcr9Nz4m2q by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog They just confirmed a cyber incident on their statuspage |
|
|
|
Post #AxAPneVo1SgygguPb6 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Colt have finally confirmed an ongoing cyber incident, after several days of pr… |
|
|
|
Post #AxAQfHw0BIIsInjmYS by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Btw although everything is written in the past tense, the customer facing syste… |
|
|
|
Post #AxBzNlny4mEfHjK0JM by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Colt are being extorted by Warlock ransomware group, they have been for over a … |
|
|
|
Post #AxBzk69n5Y2YmCAyTQ by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Oh, THAT COLT, the telecom, not the gun manufacturer. |
|
|
|
Post #AxC3vtPIiXwcWcJIMS by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog any link to an official annoucement ? Or claim for WL ? |
|
|
|
Post #AxC7sCpww4LLRaGxKS by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Here's the forum post, it's a Russian Tor site. |
|
|
|
Post #AxC8YpJOHFiuvyMm1I by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog I'm shocked. |
|
|
|
Post #AxCDDKX01Tkf9xIi4O by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog any mirror for the filebin txt? |
|
|
|
Post #AxCEKf2qFh1ElLFpPk by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@Sentry23 @GossiTheDog If you go the .zip option, it will allow you to download… |
|
|
|
Post #AxCEY5prxKb1cKajLM by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@pedro @GossiTheDog Ah, I overlooked that one, Thanks! |
|
|
|
Post #AxCKXSb6RSpveBlYUy by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog this is useful. Thanks for sharing. |
|
|
|
Post #AxCKlZHWO45CQqKlxQ by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Argh, I was to late for the filebin. Anyone willing to share or at… |
|
|
|
Post #AxCLN8xCimHBmYkRm4 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Here's Bleeping Computer on the Colt thing: https://www.bleepingcomputer.co… |
|
|
|
Post #AxCMFy2N0j2DqsJ4E4 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@deepthoughts10 @GossiTheDog Noticed that they are also asking to purchase OWA … |
|
|
|
Post #AxCNDl7ABaVH9E3jrE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@Sp1derH4t @GossiTheDog there is mirror of Colt file tree https://file.kiwi/62f… |
|
|
|
Post #AxCOGhZ1wWyOxW3qF6 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog You can tell which ransomware groups Crowdstrike operates by what … |
|
|
|
Post #AxCPTN7pLSHJHuwUe8 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog Apparently, Colt's slogan was missing some punctuation... That… |
|
|
|
Post #AxCXkKDoC0qgq5Kppg by [email protected] |
|
0 likes, 0 repeats |
|
|
|
There's apparently a mirror of the Colt file name tree here, for any orgs l… |
|
|
|
Post #AxCYC3A1DeDW27ma5A by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog Since it's just the tree, if someone could snapshot it safetly… |
|
|
|
Post #AxCf4jqvJ52ZnpJNh2 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog "file.kiwi" is up to 7000%. Is this maths like how someo… |
|
|
|
Post #AxCgC8xmRcIDfAc7Hs by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog that service may be overwhelmed at the moment. Download doesn’t … |
|
|
|
Post #AxCh8ziiS9Pm58d6um by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@nopatience @GossiTheDog likely trying to maintain persistence and maybe burrow… |
|
|
|
Post #AxCi5agBCL3DVKNsqe by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@AnachronistJohn @GossiTheDog thanks, this works! |
|
|
|
Post #AxCkRAEyNSNZmj4bZ2 by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@deepthoughts10 @GossiTheDog I think this is not related directly to Colt acces… |
|
|
|
Post #AxCoo7bqj1Lm6Nya0W by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@tychotithonus @GossiTheDog i am not a security guy, so I am wondering why is t… |
|
|
|
Post #AxCoo7jIHLIyTTSWbw by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@apublicimage Often, the filenames contain important metadata (which companies&… |
|
|
|
Post #AxCs1tt8puj7SnKHZI by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Has Colt confirmed whether CVE-2025-53770 was actually exploited, … |
|
|
|
Post #AxD2fesphU4r6GkEue by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@nopatience @deepthoughts10 @GossiTheDog If the OWA access being sold is legit,… |
|
|
|
Post #AxETiU15S30CBc8YBE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Colt Technology Services are up on the Warlock ransomware group portal. List of… |
|
|
|
Post #AxEUupAgiwGlE54nXE by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog apparently they are have orange.com also |
|
|
|
Post #AxEXvG3x2g2IUTp8KG by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@nieldk @GossiTheDog where do you see that? |
|
|
|
Post #AxEY9NIkvQmuzmToNk by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@RoganDawes @GossiTheDog https://www.ransomlook.io/group/warlock |
|
|
|
Post #AxEYG9TEkMjE7uc71s by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@nieldk @GossiTheDog thanks |
|
|
|
Post #AxEhyA032WF4651L2e by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog there are potentially a lot of passwords that need changing too |
|
|
|
Post #AxEsdrKPqhs5tP4NzE by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Colt also appears in Warlock's FAQ page, it's an echo of their RAMP for… |
|
|
|
Post #AxF5LddJKO2zbpY8PI by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog “yes hello I would like to send $200,000 to some terrorists plea… |
|
|
|
Post #AxG97foT1It1I5KAVc by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog just echoing the authentication of this file list - there are docu… |
|
|
|
Post #AxKf07XE2bWi7LXeKW by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Warlock ransomware/extortion group have moved Colt full data unlock time to a w… |
|
|
|
Post #AxKfBhoPVHtboZ6Vnc by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog only 233 Hits for "passw". I wish the DFIR-Crew all the … |
|
|
|
Post #AxMOF9xnz2a95aTn16 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Colt have setup a cyber incident page, set to noindex so Google etc can’t fin… |
|
|
|
Post #AxMRP1wyvnfwzjUbk8 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog thankfully @internetarchive remembers: https://web.archive.org/web… |
|
|
|
Post #AxMTXv63yvPSFm6hG4 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog I’m worried that they got documentation on their customer networ… |
|
|
|
Post #AxMdm837cVuI1M94IS by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog as for "contact us by phone" hold times have been - for … |
|
|
|
Post #AxMdrAPaGTG8nN3Pcm by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog they've forgotten to mention that they still can't port nu… |
|
|
|
Post #AxMp8pht59wXHyF3AW by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Was momentarily afraid they did not understand my concern. I feel … |
|
|
|
Post #AxOU5WhZZokYkub2rA by [email protected] |
|
0 likes, 0 repeats |
|
|
|
The status updates on Colt's website describing a "technical issue&quo… |
|
|
|
Post #AxOX9f2OpFdHd707u4 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog That's retconning on a George Lucas level. "Somehow, the … |
|
|
|
Post #AxOXc4JISMVK7TRzEG by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Do you by chance know anyone over at MSFT that works in the partne… |
|
|
|
Post #AxQc3HGhAuc6GANp3I by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Colt are now 10 days into their cyber incident (ransomware), systems are still … |
|
|
|
Post #AxQduzGkPZJw1naA8O by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog I had to look up which one:affected is Colt Technology Services (n… |
|
|
|
Post #AxQywCIZYH8FlUr1Bw by [email protected] |
|
0 likes, 0 repeats |
|
|
|
I've written about the Colt Technology Services ransomware incident, with a… |
|
|
|
Post #AxaVa9kTOiNuOadpqK by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Colt are now 15 days into their cyber incident, the same systems are still offl… |
|
|
|
Post #AxaW6JMJCbr5T4fh0y by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Colt’s status page has been revised, removing most of the prior updates, with… |
|
|
|
Post #AxaWKY7H8BUdI9Qefo by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog Image description: Screenshot of the Colt status page saying:"… |
|
|
|
Post #AxaWP61gzqaRcUzB7g by [email protected] |
|
0 likes, 0 repeats |
|
|
|
By repeatedly linking the Colt cyber incident page, I have got it into a Google… |
|
|
|
Post #AxaXHrsDJmqfeWfYpc by [email protected] |
|
0 likes, 0 repeats |
|
|
|
A net side effect of Colt using noindex, btw, is my blog is the top Google hit … |
|
|
|
Post #AxaZy322QBZMKZVO3k by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog out of curiosity: how did you discover the page? |
|
|
|
Post #AxabJnc2WxMYpkHS0O by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog That is a really interesting example of unintended consequences. … |
|
|
|
Post #AxacwADl1OXLuVmQcq by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog thanks! I need to get familiar with it. |
|
|
|
Post #AxafJ1Vzku9nTjL3dw by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog Funny that, as a colt customer, I first read about the incident on… |
|
|
|
Post #Axags694dFCrvduF3w by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Mission accomplished! Thanks. Just read your article as well. Wond… |
|
|
|
Post #AxaktjlVDB6muhuyCu by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog google bombing is still alive and well? |
|
|
|
Post #AxdGiVCkanc9Q2Gldo by [email protected] |
|
0 likes, 0 repeats |
|
|
|
If anybody is wondering, Warlock not publishing Colt Technology Services data i… |
|
|
|
Post #AxdGrrXiuP15J2Xhr6 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Thats colt man |
|
|
|
Post #AxgrriUGrCHEzybKa0 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog ideed they are. They haven't ported since the incident. Theyve… |
|
|
|
Post #AxkysvfknSb4UcKy2K by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Colt are now on day 20 of their ransomware incident. Same services still down. … |
|
|
|
Post #Axl2QZICoJL0n83Rz6 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Do you have any indication that this outage also affects non-UK C… |
|
|
|
Post #Axl5RZ89COFCRMW7xQ by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog Colt is still paralysed, all install activities still at stop. &qu… |
|
|
|
Post #Axl8Mryvyx51Jzezjs by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@christopherkunz yep it’s global |
|
|
|
Post #AxmHQtnuF7T8sPSSbg by [email protected] |
|
0 likes, 2 repeats |
|
|
|
@GossiTheDog my MS teams phone number (bought from MS, not a port in) is a Co… |
|
|
|
Post #AxnFL0htev2NnYfgvI by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@cwatu @GossiTheDog That seems like it has no business not being a health advis… |
|
|
|
Post #AxnTnmXinZRfcpWeHI by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@cwatu @GossiTheDog Is this also why you can't add a phone number to a MS a… |
|
|
|
Post #Axo5aNXwDiHMarf9cW by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Microsoft are one of the many orgs caught up in the Colt ransomware incident. T… |
|
|
|
Post #Axo5zicsz0hJD93mwS by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Colt have updated their cyber incident page to say they are having problems bil… |
|
|
|
Post #Axo6Rqou70Z6jS60no by [email protected] |
|
0 likes, 1 repeats |
|
|
|
@GossiTheDog they do appear to say they'll apply late payment charges IF th… |
|
|
|
Post #Axo6W5QXkGLhC3ilqS by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@tinmouth yeah.. but are they gonna know if they invoiced properly? 😅 |
|
|
|
Post #Axo6iF2Vpf8kTsHE4O by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog yea I agree... that "any issued invoices" is doing a lot… |
|
|
|
Post #Axo7ubFhAirmnjtqe8 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@GossiTheDog this sounds like a great way to tell your long-standing clients to… |
|
|
|
Post #AxrBm3SptTamz36gvg by [email protected] |
|
0 likes, 0 repeats |
|
|
|
@jernej__s @cwatu yep |
|
|
|
Post #AxtzeGWSqJ2FBwCeW0 by [email protected] |
|
0 likes, 0 repeats |
|
|
|
Colt are now on day 24 of their ransomware incident, same systems still down. … |
