Mastodon Feed: Post

Mastodon Feed

Boosted by slightlyoff@toot.cafe ("Alex Russell"):
briankrebs@infosec.exchange ("BrianKrebs") wrote:

Was reading this Substack post about US gov cloud servers being pointed at AI companies. It observed that a number of US gov cloud servers on AWS are now pointing to IPs at a company called inventry.ai

https://cyberintel.substack.com/p/doge-exposes-once-secret-government

I checked on a few of the IPs mentioned in this writeup, and it checks out. E.g., the IP address 18.253.166.131 from 2020-2024 was tied to us-gov-east-1.compute.amazonaws.com and is part of the gov cloud infrastructure at AWS. Loading that IP into DomainTools Iris, we can see the SSL cert assigned to them is for inventry.ai.

Methinks we need to know more about Inventry.

A domaintools lookup on 18.253.166.131 shows it resolves to us-gov-east-1.amazonaws.com.
A dig into the ip 18.254.175.18 at DomainTool's IRIS platform shows the IP address is tied to an SSL cert for inventry.ai