Home

Red Sky® Alliance has been serving information security professionals for over twelve years. We invite businesses and organizations, from enterprises to small businesses, to learn more about cyber threats and how to avoid them. We provide TLP White and Green cyber threat reporting for targeted industry segments, international reports, and malware/bot analyses.

A privately held USA-owned cyber threat intelligence firm that delivers proprietary cyber threat intelligence datasets and services. Our company provides insightful, actionable intelligence in formats best suited to your strategic, operational, and tactical needs.

Let us better prepare you and your team for new cyber threats.

Redskyalliance.org offers free access to all, and no salesperson will call.

ArcaneDoor Threat Actor Returns

Posted by Bill Schenkelberg on October 4, 2025 at 10:00am

A newly identified cyber-attack campaign has exploited Cisco Adaptive Security Appliance (ASA) devices in a sophisticated operation linked to the espionage-focused ArcaneDoor threat actor. The attacks targeted certain Cisco ASA 5500-X Series devices that were running Cisco Secure Firewall ASA Software with VPN web services enabled. Cisco has assessed with high confidence that this…

Spiders in Las Vegas

Posted by Jim McKee on October 3, 2025 at 12:00pm

On 17 September 2025, the Las Vegas Metropolitan Police Department arrested a suspected Scattered Spider member linked to attacks on Las Vegas casinos for computer intrusion, extortion, and identity theft. Between August and October 2023, multiple Las Vegas casinos suffered network intrusions linked to the cybercrime group “Scattered Spider,” prompting an FBI…

DeerStealer is Not Bambi

Posted by Bill Schenkelberg on October 3, 2025 at 8:05am

A new variant of information-stealing malware, named DeerStealer, has emerged as a significant threat to personal and financial data across infected systems. The malware, identified by cybersecurity researchers at Cyfirma, employs a range of sophisticated techniques to evade detection, maintain persistence, and steal sensitive information from its victims. DeerStealer's primary goal…

Japanese Beer Giant Asahi Hit with Cyber-Attack

Posted by Bill Schenkelberg on October 2, 2025 at 12:00pm

Somehow this just doesn’t seem right. Who wants to stop the flow of beer? Japanese beverage company Asahi said a recent cyber-attack has caused a system failure that is impacting its ability to ship orders and manage its call center.

Asahi published a statement on 29 September that warned customers the cyber incident was affecting its operations in Japan. Due to the system…

Gemini Trifecta Flaws

Posted by CyberDog on October 2, 2025 at 12:00pm

Cybersecurity firm Tenable discovered three critical flaws that allowed for prompt injection and data exfiltration from Google’s Gemini AI. Learn why AI assistants are the new weak link. Researchers have recently discovered three critical security flaws within Google’s Gemini AI assistant suite,[1] which they’ve dubbed the…

Attacker Breakout Time

Posted by Jim McKee on October 1, 2025 at 12:00pm

Attacker Breakout Time refers to the time it takes for an intruder to begin moving laterally outside of the initial beachhead to other systems in the network. Threat actors are accelerating their attacks and adopting innovative new ways to circumvent endpoint detection mechanisms, according to a new report from ReliaQuest. The threat intelligence vendor claimed in its latest Threat…

Brain Implant ‘Pioneers’ & Neural Data Privacy – A Brave New World

Posted by Bill Schenkelberg on October 1, 2025 at 8:10am

It was an easy decision for J. Galen Buckwalter, a 69-year-old quadriplegic living in Southern California, to undergo a craniotomy in 2024. The operation, which involved inserting 384 electrodes in his brain and a large titanium plate in his skull, allows researchers to record data about how his neurons operate, potentially helping future paralysis patients. The hard part, Buckwalter…

Nimbus Manticore in Iran

Posted by Bill Schenkelberg on September 30, 2025 at 12:20pm

A group of Iranian hackers known as Nimbus Manticore is expanding its operations, now focusing on major companies across Europe. According to new research from the cybersecurity firm Check Point Research (CPR), the group is targeting businesses in the defense, telecommunications, and aerospace sectors to steal sensitive information.

Nimbus Manticore, also called UNC1549 or…

REDXRAY

CLICK HERE FOR MORE INFORMATION

In the News

2023 REDSHORTS

REDSHORT Webinars

Please Join our REDSHORT webinars. 'RED' as something important from Red Sky Alliance, and 'SHORT' in 10 minutes or less weekly. We will cover highlights of trending topics.

REGISTER HERE

Cyber Security Blog

You need to be a member of Red Sky Alliance to add comments!

Comments are closed.

Comments

Bill Schenkelberg October 3, 2025 at 2:28pm

https://www.bleepingcomputer.com/news/security/red-hat-confirms-sec...

Red Hat confirms security incident after hackers breach GitLab instance

An extortion group calling itself the Crimson Collective claims to have stolen nearly 570GB of compressed data across 28,000 internal development res…
Bill Schenkelberg October 2, 2025 at 7:07am

https://www.ft.com/content/bb86349f-0ad8-432b-a62a-fdd63b3b76ab

Japan days away from running out of Asahi Super Dry after cyber attack

Vast majority of factories of nation’s most popular beer have stopped work this week
Bill Schenkelberg October 1, 2025 at 8:44am

https://techcrunch.com/2025/09/30/a-breach-every-month-raises-doubt...

A breach every month raises doubts about South Korea's digital defenses | TechCrunch

Known for its blazing fast internet and home to some of the world’s biggest tech giants, South Korea has also faced a string of data breaches and cyb…
Bill Schenkelberg September 25, 2025 at 7:37am

https://www.bbc.com/news/articles/ckgq9dke4e5o

Co-op says cyber-attack cost it £206m in lost sales

The retailer's IT networks were infiltrated by hackers in April, leading to payment problems and shortages of goods in shops.
Bill Schenkelberg September 24, 2025 at 10:27am

https://metro.co.uk/2025/09/24/man-arrested-cyber-attack-grounded-f...

Man arrested over cyber attack that grounded flights at Heathrow and across Europe

The man, in his 40s, was detained in West Sussex, the National Crime Agency said.
Bill Schenkelberg September 23, 2025 at 9:09am

https://www.yahoo.com/news/articles/m-scattered-spider-hackers-comi...

Cyber attacks are now coming for your holiday

If air traffic control strikes, errant drones and climate protesters weren’t enough to contend with, the aviation industry has a new antagonist threa…
Bill Schenkelberg September 22, 2025 at 8:58am

https://www.bbc.com/news/articles/cly66zr1ym3o

Disruption continues at Dublin Airport following cyber-attack

Some airlines in Terminal 2 are still having issues with their check-in and boarding systems.
Bill Schenkelberg September 19, 2025 at 8:45am

https://www.constructionnews.co.uk/tech/morrisroe-suffers-cyber-att...

Morrisroe suffers cyber-attack | Construction News

Morrisroe Ltd has become the latest contractor to suffer a cyber-attack, Construction News can reveal. Founder and chief executive Brian Morrisroe
Bill Schenkelberg September 18, 2025 at 1:19pm

https://www.computerweekly.com/news/366631424/Teen-hackers-charged-...

Teen hackers charged over Scattered Spider attack on TfL | Computer Weekly

Two men have appeared in court in London in connection with the September 2024 cyber attack that disrupted online services at Transport for London.
Bill Schenkelberg September 15, 2025 at 8:55am

https://www.insurancebusinessmag.com/us/news/cyber/jlr-hack-raises-...

JLR hack raises prospect of COVID-style bailout - and questions for cyber cover

Is this enough to make clients see how much they need cyber coverage?