1337 Sheets
Sign in Subscribe
  • Home

Writers

  • 1337 Sheets 1337 Sheets
  • Sign up
  • Sign in
security

QRadar Top 3 Offenses Executive Summary for Clarusway's Training Network

1337 Sheets
1337 Sheets
Mar 7, 2026 ·
QRadar Top 3 Offenses Executive Summary for Clarusway's Training Network

Executive Summary

Incident Overview

On April 19, 2024, a security breach was detected in our AWS account, originating from a Russian IP address. The unauthorized access led to the deployment of multiple EC2 instances via the AWS API, indicating that an admin-level account was compromised. Concurrently, suspicious activity related to cryptocurrency mining was observed. Additionally, a Trojan was identified on an internal system, which likely facilitated SSL tunneling to exfiltrate personal data from the Experience Center server to a Chinese IP address.

Key Events

This post is for paying subscribers only

Subscribe now

Already have an account? Sign in

security breach AWS account crypto

Stay up to date

Get notified when we publish something new, and unsubscribe at any time.

Great! Check your inbox and confirm your subscription.

© 2026 1337 Sheets · Powered by 1337sheets