Home

Red Sky Alliance

Wapack Labs has operated Red Sky Alliance for over seven years. We are a trusted group of organizations, large and small, sharing information about targeted, advanced, and emerging cyber threats in a private secure portal. 
 
Red Sky Alliance offers TLP White and Green reporting that can satisfy most any situational awareness need, with reports, forums and people to ask questions of - Sign up Now for FREE Membership and Access to all Content.
 

Get Advice, Intelligence, & Help.

The Red Sky Alliance portal offers cyber security reporting and training materials that can help your company meet the cyber threat challenges of today.

Sign up Now for FREE Membership and Access to all Content.

X-Industry

Blackout in Kashmir

Posted by Omkar Barve on September 19, 2019 at 1:34pm

3572707688?profile=RESIZE_710xOn 6 August 2019, the Government of India struck down “Article 370A and 35A” from its constitution.  Article 370 is a constitutional provision that grants special status and allows the Indian state of Jammu and Kashmir to make its own laws.  The State of Jammu and Kashmir defined these privileges to include the ability to purchase land and unmovable property, the ability to vote and…

Read more…

“Lagtime” Chinese APT Campaign

Posted by Aureanna Hakenson on September 5, 2019 at 12:53pm

In July 2019, Proofpoint reported a new malware campaign named, “Operation Lagtime IT.” The campaign is targeti3532606595?profile=RESIZE_710xng government agencies in East Asia and leveraging malicious RTF documents to deliver multiple payloads, including a new custom malware payload dubbed, “Cotx RAT.”  Based on observed infrastructure and attacker TTPs, analysts have attributed the campaign to a Chinese APT group…

Read more…
Comments: 0
Tags:

Severing Internet as a Popular Move Against Civil Unrest

Posted by Yury Polozov on September 3, 2019 at 3:56pm

3516858995?profile=RESIZE_710x

Figure 1. Internet blackout area during Moscow opposition protests 

Governments, especially authoritarian ones, consider cutting the Internet as one of the ways to deal with political opposition and separatists.  Major Internet disruptions were recently detected in India (Kashmir), Indonesia (Papua), Sudan, and, on a smaller scale, in Russia. Severing or completely…

Read more…

Sorting Out Units in the PLA Strategic Support Forces

Posted by Bill Schenkelberg on September 3, 2019 at 11:58am

3515788092?profile=RESIZE_710xSUMMARY

Recent Western analysis has identified a new series of military unit cover designators for the new Chinese military entity called the Strategic Support Force (SSF).  Elements of the SSF have reportedly been assigned cover designators in the series 32001-32099 Unit.  Because the SSF is the parent organization for China’s new cyber force,…

Read more…

Threat Recon

The Only FREE Botnet & Sinkhole Search Engine on the Internet!

Did you know that over the past 7 days, Wapack Labs identified 1.6 million NEW sinkhole & botnet connections.

Threat Recon is a free search service provided by Wapack Labs. The information on this site is FREE and derived from proprietary botnet tracking and sinkhole operations. API available.

Check your IP now, its FREE https://threatrecon.wapacklabs.com/

Wapack Labs in the News

On - Demand, Red Sky Alliance Threat Brief Broadcast.

Please join us every week for an, on demand, rebroadcast of our Weekly Red Sky Alliance Threat Brief, a succinct summary of current threat activities designed to inform your decision-making. Listen in on what our Wapack Labs analysts have been working on.

Register Here, Watch Now
See you online!

Cyber Security Blog

You need to be a member of Red Sky Alliance to add comments!

Join Red Sky Alliance

Comments

  • Bill Schenkelberg September 20, 2019 at 8:22am
    Oil ans Gas brief 09 20 2019, in Industries-Transportation Section
  • Bill Schenkelberg September 19, 2019 at 6:15pm
    High-jacking on the Red Sea, in the Industries, Transportation section.
  • Yury Polozov September 16, 2019 at 11:38am
    Lessons from the ransomware attack on 22 Texas municipalities:
    If your servers or computer systems are remotely administered by internal IT staff or by a managed service provider (MSP):
    - Only allow authentication to remote access software from inside the provider’s network
    - Use two-factor authentication on remote administration tools and Virtual Private Network tunnels (VPNs) rather than remote desktop protocols (RDPs)
    - Block inbound network traffic from Tor Exit Nodes
    - Block outbound network traffic to Pastebin
    - Use Endpoint Detection and Response (EDR) to detect Powershell (PS) running unusual processes.
    Source: dir.texas[.]gov/View-About-DIR/Article-Detail.aspx?id=213
  • Bill Schenkelberg September 14, 2019 at 3:25pm
    Oil and Gas brief for 09 13 2019 - in Oil & Gas industries drop down section.
  • Bill Schenkelberg September 13, 2019 at 1:52pm
    Decarbonization of Ships in Trans. Section
  • Jonathon Sweeney September 11, 2019 at 10:35am
    Recently Wapack Labs discovered breach data from two major league sports teams in the same geographical area. Read more in the Commercial > Markets section.
  • Yury Polozov September 10, 2019 at 3:16pm
    At the beginning of September 2019, Wapack Labs significantly increased the available collection of breached credentials by adding over 200 Million new breach data lines. This data allows our clients to check for potential compromise and to protect themselves against compromised password reuse.
  • Bill Schenkelberg September 10, 2019 at 2:13pm
    Top Indicators for 09 10 2019 in Indicators section.
  • Bill Schenkelberg September 6, 2019 at 3:01pm
    Dryad Maritime update 09 04 2019, in Transportation section.
  • Bill Schenkelberg September 6, 2019 at 2:42pm
    Oil & Gas Brief for 09 06 2019 in Oil and Gas Section
This reply was deleted.