-=AlteredNeon=-
Well-Known Member
- Joined
- Sep 29, 2021
- Messages
- 155
- Reaction score
- 65
Hi all.
I am not sure how “Liberty Life / Liberty Group” communicates to their client base.
As some in the industry may know of the vulnerabilities and attacks on liberty in the past, they seem to have now focused their attention on their suppliers.
Seems like they have subscribed to an outsourced service provider doing security analytics on these domains.
They then send out a security assessment managed by Panorays and then expect a response with either a dispute or recommended fixes on a signed letterhead.
Formal Email request in text below:
----------------------------------------------------
Hi,
Liberty Group has requested that you remediate security gaps for "Company Name" security assessment.
Liberty Group uses Panorays, an automated third-party security platform, to evaluate its suppliers. We are here to help you through this process.
Please join the "COMPANY NAME” account on Panorays to complete the request.
Good Day "MANAGER"
As part of Liberty's continuous monitoring of 3rd parties, we have identified that there are findings from our cyber discovery that have severity of "Critical", "High" and "Medium".
Please have a look at the findings and provide feedback via a formal letter with a company letterhead signed off by senior management.
This will be required to either acknowledge that the findings will be fixed or provide assurance that the particular finding(s) will not put any Liberty data at risk.
If you are already in contact with another member of the Liberty security team, please advise, otherwise, kindly send the letter or remediation plan to
The strange thing is, the report Liberty Security sends out includes every other vulnerability picked up from the scan Panorays did exposing their clients.
This seems highly suspect and seems like a sales scam for Panorays.
---------------------------------------------------
How is this possible that a report can be distributed this showing information across their client base?
The list is amazing: (each of these domains appeared in the list with multiple issues, ranging from the company is not on face book or LinkedIn to other issues).
autoconfig.blackkbird.co.za
autoconfig.irontiger.co.za
autoconfig.irontiger.co.za
autoconfig.loudrabbits.co.za
autoconfig.loudrabbits.com
autoconfig.moonriverhouse.co.za
autoconfig.restioriverhouse.co.za
blackkbird.co.za
chbinspection.com
control.blackkbird.co.za
control.irontiger.co.za
control.loudrabbits.co.za
control.moonriverhouse.co.za
control.restioriverhouse.co.za
ftp.blackkbird.co.za
ftp.irontiger.co.za
ftp.loudrabbits.co.za
ftp.loudrabbits.com
ftp.moonriverhouse.co.za
ftp.restioriverhouse.co.za
imap.blackkbird.co.za
imap.irontiger.co.za
imap.loudrabbits.co.za
imap.loudrabbits.com
imap.moonriverhouse.co.za
imap.restioriverhouse.co.za
irontiger.co.za
loudrabbits.co.za
loudrabbits.com
mail.blackkbird.co.za
mail.irontiger.co.za
mail.loudrabbits.co.za
mail.loudrabbits.com
mail.moonriverhouse.co.za
mail.restioriverhouse.co.za
moonriverhouse.co.za
pop.blackkbird.co.za
pop.chbinspection.com
pop.irontiger.co.za
pop.loudrabbits.co.za
pop.loudrabbits.com
pop.moonriverhouse.co.za
pop.restioriverhouse.co.za
relay.blackkbird.co.za
relay.irontiger.co.za
relay.loudrabbits.co.za
relay.loudrabbits.com
relay.loudrabbits.com
relay.moonriverhouse.co.za
relay.restioriverhouse.co.za
restioriverhouse.co.za
smtp.blackkbird.co.za
smtp.irontiger.co.za
smtp.loudrabbits.co.za
smtp.moonriverhouse.co.za
smtp.moonriverhouse.co.za
smtp.restioriverhouse.co.za
www.blackkbird.co.za
www.chbinspection.com
www.irontiger.co.za
www.loudrabbits.co.za
www.loudrabbits.com
www.moonriverhouse.co.za
www.restioriverhouse.co.za
The domains above above was far more detailed with multiple entries for each finding which seems to be shared across their suppliers for all to see.
Please delete this post if it is not conforming to the rules, but this does not seem right.
*Edit to remove spacing
I am not sure how “Liberty Life / Liberty Group” communicates to their client base.
As some in the industry may know of the vulnerabilities and attacks on liberty in the past, they seem to have now focused their attention on their suppliers.
Seems like they have subscribed to an outsourced service provider doing security analytics on these domains.
They then send out a security assessment managed by Panorays and then expect a response with either a dispute or recommended fixes on a signed letterhead.
Formal Email request in text below:
----------------------------------------------------
Hi,
Liberty Group has requested that you remediate security gaps for "Company Name" security assessment.
Liberty Group uses Panorays, an automated third-party security platform, to evaluate its suppliers. We are here to help you through this process.
Please join the "COMPANY NAME” account on Panorays to complete the request.
Good Day "MANAGER"
As part of Liberty's continuous monitoring of 3rd parties, we have identified that there are findings from our cyber discovery that have severity of "Critical", "High" and "Medium".
Please have a look at the findings and provide feedback via a formal letter with a company letterhead signed off by senior management.
This will be required to either acknowledge that the findings will be fixed or provide assurance that the particular finding(s) will not put any Liberty data at risk.
If you are already in contact with another member of the Liberty security team, please advise, otherwise, kindly send the letter or remediation plan to
The strange thing is, the report Liberty Security sends out includes every other vulnerability picked up from the scan Panorays did exposing their clients.
This seems highly suspect and seems like a sales scam for Panorays.
---------------------------------------------------
How is this possible that a report can be distributed this showing information across their client base?
The list is amazing: (each of these domains appeared in the list with multiple issues, ranging from the company is not on face book or LinkedIn to other issues).
autoconfig.blackkbird.co.za
autoconfig.irontiger.co.za
autoconfig.irontiger.co.za
autoconfig.loudrabbits.co.za
autoconfig.loudrabbits.com
autoconfig.moonriverhouse.co.za
autoconfig.restioriverhouse.co.za
blackkbird.co.za
chbinspection.com
control.blackkbird.co.za
control.irontiger.co.za
control.loudrabbits.co.za
control.moonriverhouse.co.za
control.restioriverhouse.co.za
ftp.blackkbird.co.za
ftp.irontiger.co.za
ftp.loudrabbits.co.za
ftp.loudrabbits.com
ftp.moonriverhouse.co.za
ftp.restioriverhouse.co.za
imap.blackkbird.co.za
imap.irontiger.co.za
imap.loudrabbits.co.za
imap.loudrabbits.com
imap.moonriverhouse.co.za
imap.restioriverhouse.co.za
irontiger.co.za
loudrabbits.co.za
loudrabbits.com
mail.blackkbird.co.za
mail.irontiger.co.za
mail.loudrabbits.co.za
mail.loudrabbits.com
mail.moonriverhouse.co.za
mail.restioriverhouse.co.za
moonriverhouse.co.za
pop.blackkbird.co.za
pop.chbinspection.com
pop.irontiger.co.za
pop.loudrabbits.co.za
pop.loudrabbits.com
pop.moonriverhouse.co.za
pop.restioriverhouse.co.za
relay.blackkbird.co.za
relay.irontiger.co.za
relay.loudrabbits.co.za
relay.loudrabbits.com
relay.loudrabbits.com
relay.moonriverhouse.co.za
relay.restioriverhouse.co.za
restioriverhouse.co.za
smtp.blackkbird.co.za
smtp.irontiger.co.za
smtp.loudrabbits.co.za
smtp.moonriverhouse.co.za
smtp.moonriverhouse.co.za
smtp.restioriverhouse.co.za
www.blackkbird.co.za
www.chbinspection.com
www.irontiger.co.za
www.loudrabbits.co.za
www.loudrabbits.com
www.moonriverhouse.co.za
www.restioriverhouse.co.za
The domains above above was far more detailed with multiple entries for each finding which seems to be shared across their suppliers for all to see.
Please delete this post if it is not conforming to the rules, but this does not seem right.
*Edit to remove spacing
Last edited: