Home

Red Sky® Alliance has been serving information security professionals for over twelve years. We invite businesses and organizations, from enterprises to small businesses, to learn more about cyber threats and how to avoid them. We provide TLP White and Green cyber threat reporting for targeted industry segments, international reports, and malware/bot analyses.

A privately held USA-owned cyber threat intelligence firm that delivers proprietary cyber threat intelligence datasets and services. Our company provides insightful, actionable intelligence in formats best suited to your strategic, operational, and tactical needs.

 

Let us better prepare you and your team for new cyber threats.

Redskyalliance.org offers free access to all, and no salesperson will call.

NordDragon Scan

NordDragonScan

13658112496?profile=RESIZE_400x Researchers from FortiGuard Labs recently uncovered an active delivery site that hosts a weaponized HTA script and silently drops the infostealer “NordDragonScan” into victims’ environments.  Once installed, NordDragonScan examines the host and copies documents, harvests entire Chrome and Firefox profiles, and takes screenshots.  The package is…

Read more…

Attack on Canadian Power Meters

13658129877?profile=RESIZE_400x Nova Scotia Power says the cyber-attack on the utility in the spring means the company needs to collect power usage information on foot rather than digitally for now.  It said meters have continued to function since the attack was discovered on 25 April, but that information can’t be sent digitally to the company.  “As a result, we initially paused customer billing and have recently…

Read more…

Prime Day Scams

13650457884?profile=RESIZE_400x Security researchers have warned bargain-hunting shoppers to be on the lookout for scams this Amazon Prime Day, after discovering many lookalike domains.  Check Point said that, in June alone, it recorded more than 1000 domains with names resembling “Amazon” and “Amazon Prime,” 87% of which have been flagged as malicious or suspicious.

The security vendor warned that big-name…

Read more…

NATO Attack

13650201278?profile=RESIZE_400x The International Criminal Court (ICC) suffered a sophisticated cyber-attack coinciding with the Hague NATO summit attended by US President Donald J. Trump, who pushed for increased defense spending among member countries.  Ironically, besides defense spending, the NATO summit also aimed to address measures to address cyber attacks. Meanwhile, Hague-based ICC said it immediately…

Read more…

Independent Ransomware Actors

13645379484?profile=RESIZE_400x Bridewell, a UK-based cybersecurity services company, has released its latest CTI Annual Report, a comprehensive deep dive into ransomware trends.  It highlighted a significant shift in attack strategies, payment dynamics, and threat actor behaviors, revealing that data theft and extortion have overtaken traditional encryption-only ransomware as the most successful approach for…

Read more…

The US Green Energy Security Risks

13645337887?profile=RESIZE_400x Over the past decade, many state governments have set aggressive renewable energy mandates regarding the adoption of grid-scale wind and solar power generation systems and the shuttering of fossil fuel generators.  Whether these policy mandates were well-intentioned or the result of foreign influence operations designed to undermine US energy security, most states are meeting their…

Read more…

13644803664?profile=RESIZE_400x Since 9 June 2025, Internet users located in Russia and connecting to web services protected by Cloudflare have been throttled by Russian Internet Service Providers (ISPs).  As the throttling is being applied by local ISPs, the action is outside of Cloudflare’s control and we are unable, at this time, to restore reliable, high-performance access to Cloudflare products and protected…

Read more…

13645378467?profile=RESIZE_400x Threat actors are abusing the ConnectWise ScreenConnect installer to build signed remote access malware by modifying hidden settings within the client’s Authenticode signature.  ConnectWise ScreenConnect is a remote monitoring and management (RMM) software that enables IT administrators and managed service providers (MSPs) to troubleshoot devices remotely.  When a ScreenConnect…

Read more…

In the News

2023 REDSHORTS

REDSHORT Webinars

Please Join our REDSHORT webinars. 'RED' as something important from Red Sky Alliance, and 'SHORT' in 10 minutes or less weekly. We will cover highlights of trending topics.

REGISTER HERE

Cyber Security Blog

You need to be a member of Red Sky Alliance to add comments!

Comments are closed.

Comments

This reply was deleted.

Red Sky Alliance

For more information about Red Sky Alliance, follow the link, ABOUT