Home

Red Sky® Alliance has been serving information security professionals for over twelve years. We invite businesses and organizations, from enterprises to small businesses, to learn more about cyber threats and how to avoid them. We provide TLP White and Green cyber threat reporting for targeted industry segments, international reports, and malware/bot analyses.

A privately held USA-owned cyber threat intelligence firm that delivers proprietary cyber threat intelligence datasets and services. Our company provides insightful, actionable intelligence in formats best suited to your strategic, operational, and tactical needs.

 

Let us better prepare you and your team for new cyber threats.

Redskyalliance.org offers free access to all, and no salesperson will call.

LLM Vulnerabilities

13104873684?profile=RESIZE_400x Researchers at Google said last week that they have discovered the first vulnerability using a large language model.  In a blog post, Google said it believes the bug is the first public example of an AI tool finding a previously unknown exploitable memory-safety issue in widely used real-world software.  The vulnerability was found in SQLite, an open-source database engine popular…

Read more…

New LightSpy Spyware

13107666684?profile=RESIZE_400x Known for targeting iOS devices, it has been expanded to include capabilities for compromising device security and stability. ThreatFabric, who discovered the malware, initially published a report on LightSpy for macOS in May 2024. During that investigation, the analysts found that the same server managed both macOS and iOS versions of LightSpy. This discovery allowed ThreatFabric to…

Read more…

Know Your Help Desk

13105282855?profile=RESIZE_400x The Black Basta group is a Ransomware-as-a-Service (RaaS) provider that has been in operation since at least April of 2022.  The group is believed to be comprised of former members of the ransomware groups Conti and REvil.  The reason for this belief is driven by several factors, such as the similarities in their tactics and their rapid integration into the cybercriminal…

Read more…

Redline and Meta Infostealers are off the Air

13104605869?profile=RESIZE_400x A global law enforcement operation has disrupted infrastructure for the Redline and Meta info stealers, malware tools that cybercriminal groups use to steal sensitive personal data. Operation Magnus took place on 28 October 2024, with law enforcement shutting down three servers used to run the malware in the Netherlands and the seizure of two domains. This means the malware no longer…

Read more…

13085818868?profile=RESIZE_400x A subtle shift in rhetoric has seen IMO secretary-general Arsenio Dominguez turn the tables on industry demands for regulatory clarity and highlight the reciprocal requirement for private partnership and proactive engagement.  Dominguez, ‘It’s now [every single actor’s] turn to take actions in how they define their own goals in decarbonizing.’  Regulation alone will not be sufficient…

Read more…

Supply Chain Report / October 2024

13095474273?profile=RESIZE_400x

 

Red Sky Alliance monthly queries our backend databases, identifying all new data containing supply chain keywords in the subject line of malicious emails.  Malicious actors use emails with various supply chain related keywords as a lure to entice users in the maritime industry to open emails containing malicious attachments.  The identified emails attempted to deliver…

Read more…

EmeraldWhale

13095046264?profile=RESIZE_400x A criminal operation called Emeraldwhale has been discovered after it dumped more than 15,000 credentials belonging to cloud service and email providers in an open AWS S3 bucket, according to security researchers.  The unknown data thieves embarked on a "massive scanning campaign" between August and September, looking for servers with exposed Git configuration and Laravel environment…

Read more…

HISAA & Cyber

13085714290?profile=RESIZE_400x In February 2024, Change Healthcare, a subsidiary of UnitedHealth Group (UHG), was the victim of a significant ransomware attack carried out by the ALPHV/BlackCat ransomware group.  The attackers gained access to Change Healthcare's systems for over a week between February 12 and 20 February 2024, stealing around 4 terabytes of data, including protected health information (PHI) in the…

Read more…

In the News

2023 REDSHORTS

REDSHORT Webinars

Please Join our REDSHORT webinars. 'RED' as something important from Red Sky Alliance, and 'SHORT' in 10 minutes or less weekly. We will cover highlights of trending topics.

REGISTER HERE

Cyber Security Blog

You need to be a member of Red Sky Alliance to add comments!

Comments are closed.

Comments

This reply was deleted.

Red Sky Alliance

For more information about Red Sky Alliance, follow the link, ABOUT