Red Sky Alliance

Wapack Labs has operated Red Sky Alliance for over seven years. We are a trusted group of organizations, large and small, sharing information about targeted, advanced, and emerging cyber threats in a private secure portal. 
Red Sky Alliance offers TLP White and Green reporting that can satisfy most any situational awareness need, with reports, forums and people to ask questions of - Sign up Now for FREE Membership and Access to all Content.

Get Advice, Intelligence, & Help.

The Red Sky Alliance portal offers cyber security reporting and training materials that can help your company meet the cyber threat challenges of today.

Sign up Now for FREE Membership and Access to all Content.


Blackout in Kashmir

3572707688?profile=RESIZE_710xOn 6 August 2019, the Government of India struck down “Article 370A and 35A” from its constitution.  Article 370 is a constitutional provision that grants special status and allows the Indian state of Jammu and Kashmir to make its own laws.  The State of Jammu and Kashmir defined these privileges to include the ability to purchase land and unmovable property, the ability to vote and…

Read more…

“Lagtime” Chinese APT Campaign

In July 2019, Proofpoint reported a new malware campaign named, “Operation Lagtime IT.” The campaign is targeti3532606595?profile=RESIZE_710xng government agencies in East Asia and leveraging malicious RTF documents to deliver multiple payloads, including a new custom malware payload dubbed, “Cotx RAT.”  Based on observed infrastructure and attacker TTPs, analysts have attributed the campaign to a Chinese APT group…

Read more…
Comments: 0


Figure 1. Internet blackout area during Moscow opposition protests 

Governments, especially authoritarian ones, consider cutting the Internet as one of the ways to deal with political opposition and separatists.  Major Internet disruptions were recently detected in India (Kashmir), Indonesia (Papua), Sudan, and, on a smaller scale, in Russia. Severing or completely…

Read more…


Recent Western analysis has identified a new series of military unit cover designators for the new Chinese military entity called the Strategic Support Force (SSF).  Elements of the SSF have reportedly been assigned cover designators in the series 32001-32099 Unit.  Because the SSF is the parent organization for China’s new cyber force,…

Read more…

Threat Recon

The Only FREE Botnet & Sinkhole Search Engine on the Internet!

Did you know that over the past 7 days, Wapack Labs identified 1.6 million NEW sinkhole & botnet connections.

Threat Recon is a free search service provided by Wapack Labs. The information on this site is FREE and derived from proprietary botnet tracking and sinkhole operations. API available.

Check your IP now, its FREE https://threatrecon.wapacklabs.com/

Wapack Labs in the News

On - Demand, Red Sky Alliance Threat Brief Broadcast.

Please join us every week for an, on demand, rebroadcast of our Weekly Red Sky Alliance Threat Brief, a succinct summary of current threat activities designed to inform your decision-making. Listen in on what our Wapack Labs analysts have been working on.

Register Here, Watch Now
See you online!

Cyber Security Blog

You need to be a member of Red Sky Alliance to add comments!

Join Red Sky Alliance


  • Oil ans Gas brief 09 20 2019, in Industries-Transportation Section
  • High-jacking on the Red Sea, in the Industries, Transportation section.
  • Lessons from the ransomware attack on 22 Texas municipalities:
    If your servers or computer systems are remotely administered by internal IT staff or by a managed service provider (MSP):
    - Only allow authentication to remote access software from inside the provider’s network
    - Use two-factor authentication on remote administration tools and Virtual Private Network tunnels (VPNs) rather than remote desktop protocols (RDPs)
    - Block inbound network traffic from Tor Exit Nodes
    - Block outbound network traffic to Pastebin
    - Use Endpoint Detection and Response (EDR) to detect Powershell (PS) running unusual processes.
    Source: dir.texas[.]gov/View-About-DIR/Article-Detail.aspx?id=213
  • Oil and Gas brief for 09 13 2019 - in Oil & Gas industries drop down section.
  • Decarbonization of Ships in Trans. Section
  • Recently Wapack Labs discovered breach data from two major league sports teams in the same geographical area. Read more in the Commercial > Markets section.
  • At the beginning of September 2019, Wapack Labs significantly increased the available collection of breached credentials by adding over 200 Million new breach data lines. This data allows our clients to check for potential compromise and to protect themselves against compromised password reuse.
  • Top Indicators for 09 10 2019 in Indicators section.
  • Dryad Maritime update 09 04 2019, in Transportation section.
  • Oil & Gas Brief for 09 06 2019 in Oil and Gas Section
This reply was deleted.