Home

Red Sky® Alliance has been serving information security professionals for over twelve years. We invite businesses and organizations, from enterprises to small businesses, to learn more about cyber threats and how to avoid them. We provide TLP White and Green cyber threat reporting for targeted industry segments, international reports, and malware/bot analyses.

A privately held USA-owned cyber threat intelligence firm that delivers proprietary cyber threat intelligence datasets and services. Our company provides insightful, actionable intelligence in formats best suited to your strategic, operational, and tactical needs.

Let us better prepare you and your team for new cyber threats.

Redskyalliance.org offers free access to all, and no salesperson will call.

NordDragon Scan

Posted by CyberDog on July 9, 2025 at 12:00pm

NordDragonScan

Researchers from FortiGuard Labs recently uncovered an active delivery site that hosts a weaponized HTA script and silently drops the infostealer “NordDragonScan” into victims’ environments. Once installed, NordDragonScan examines the host and copies documents, harvests entire Chrome and Firefox profiles, and takes screenshots. The package is…

Attack on Canadian Power Meters

Posted by Bill Schenkelberg on July 9, 2025 at 9:48am

Nova Scotia Power says the cyber-attack on the utility in the spring means the company needs to collect power usage information on foot rather than digitally for now. It said meters have continued to function since the attack was discovered on 25 April, but that information can’t be sent digitally to the company. “As a result, we initially paused customer billing and have recently…

Prime Day Scams

Posted by Bill Schenkelberg on July 8, 2025 at 8:38am

Security researchers have warned bargain-hunting shoppers to be on the lookout for scams this Amazon Prime Day, after discovering many lookalike domains. Check Point said that, in June alone, it recorded more than 1000 domains with names resembling “Amazon” and “Amazon Prime,” 87% of which have been flagged as malicious or suspicious.

The security vendor warned that big-name…

NATO Attack

Posted by Bill Schenkelberg on July 7, 2025 at 9:41am

The International Criminal Court (ICC) suffered a sophisticated cyber-attack coinciding with the Hague NATO summit attended by US President Donald J. Trump, who pushed for increased defense spending among member countries. Ironically, besides defense spending, the NATO summit also aimed to address measures to address cyber attacks. Meanwhile, Hague-based ICC said it immediately…

Independent Ransomware Actors

Posted by Jim McKee on July 4, 2025 at 12:00pm

Bridewell, a UK-based cybersecurity services company, has released its latest CTI Annual Report, a comprehensive deep dive into ransomware trends. It highlighted a significant shift in attack strategies, payment dynamics, and threat actor behaviors, revealing that data theft and extortion have overtaken traditional encryption-only ransomware as the most successful approach for…

The US Green Energy Security Risks

Posted by Bill Schenkelberg on July 4, 2025 at 8:00am

Over the past decade, many state governments have set aggressive renewable energy mandates regarding the adoption of grid-scale wind and solar power generation systems and the shuttering of fossil fuel generators. Whether these policy mandates were well-intentioned or the result of foreign influence operations designed to undermine US energy security, most states are meeting their…

Russian Internet users are Unable to Access the Open Internet

Posted by Bill Schenkelberg on July 3, 2025 at 12:05pm

Since 9 June 2025, Internet users located in Russia and connecting to web services protected by Cloudflare have been throttled by Russian Internet Service Providers (ISPs). As the throttling is being applied by local ISPs, the action is outside of Cloudflare’s control and we are unable, at this time, to restore reliable, high-performance access to Cloudflare products and protected…

Turning an RMM into Malware - Using Authenticode Stuffing

Posted by Jim McKee on July 3, 2025 at 8:00am

Threat actors are abusing the ConnectWise ScreenConnect installer to build signed remote access malware by modifying hidden settings within the client’s Authenticode signature. ConnectWise ScreenConnect is a remote monitoring and management (RMM) software that enables IT administrators and managed service providers (MSPs) to troubleshoot devices remotely. When a ScreenConnect…

REDXRAY

CLICK HERE FOR MORE INFORMATION

In the News

2023 REDSHORTS

REDSHORT Webinars

Please Join our REDSHORT webinars. 'RED' as something important from Red Sky Alliance, and 'SHORT' in 10 minutes or less weekly. We will cover highlights of trending topics.

REGISTER HERE

Cyber Security Blog

You need to be a member of Red Sky Alliance to add comments!

Comments are closed.

Comments

Bill Schenkelberg July 9, 2025 at 9:56am

https://thehackernews.com/2025/07/chinese-hacker-xu-zewei-arrested-...

Chinese Hacker Xu Zewei Arrested for Ties to Silk Typhoon Group and U.S. Cyber Attacks

Chinese national Xu Zewei arrested in Milan for links to Silk Typhoon and cyber attacks on U.S. agencies, including Microsoft Exchange breaches
Bill Schenkelberg July 8, 2025 at 7:56am

https://www.thesun.co.uk/money/35743683/mands-boss-cyber-attack-cri...

Major M&S boss reveals criminal gang behind crippling cyber attack

MARKS & Spencer has revealed that hacker group “DragonForce” was behind the cyberattack that shut down its online shopping for six weeks. Chairman Ar…
Bill Schenkelberg July 7, 2025 at 9:06am

https://www.csoonline.com/article/4018040/ingram-micro-confirms-ran...

Ingram Micro confirms ransomware attack after days of downtime

The multi-day outage has disrupted order processing, delayed shipments, and highlighted weak links across the global tech distribution ecosystem.
Bill Schenkelberg July 3, 2025 at 9:24am

https://www.infosecurity-magazine.com/news/ahold-delhaize-data-brea...

Food Retailer Ahold Delhaize Discloses Data Breach Impacting 2.2m

Ahold Delhaize has confirmed a cyber-attack exposed personal data of over 2.2 million individuals in the US
Bill Schenkelberg July 2, 2025 at 7:20am

https://www.newstalkzb.co.nz/news/business/qantas-cyber-attack-mill...

Qantas cyber attack: Millions affected as names, contact details stolen

Qantas says millions of customers are caught up in a major cyber incident at one of its contact centres.
Bill Schenkelberg June 30, 2025 at 9:39am

https://krebsonsecurity.com/2025/05/u-s-sanctions-cloud-provider-fu...

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams

The U.S. government today imposed economic sanctions on Funnull Technology Inc., a Philippines-based company that provides computer infrastructure fo…
Bill Schenkelberg June 27, 2025 at 8:38am

https://thehackernews.com/2025/06/iranian-apt35-hackers-targeting-i...

Iranian APT35 Hackers Targeting Israeli Tech Experts with AI-Powered Phishing Attacks

Iranian hackers linked to APT35 target Israeli professionals using AI-driven phishing, fake Gmail pages, and 2FA bypass.
Bill Schenkelberg June 26, 2025 at 8:33am

https://www.bitdefender.com/en-us/blog/hotforsecurity/revil-hackers...

Four REvil Hackers Freed After Time Served in Russian Custody

A Russian court has sentenced cybercriminals tied to the REvil ransomware gang to time already served, which means they have been released.
Bill Schenkelberg June 25, 2025 at 7:33am

https://news.bloomberglaw.com/privacy-and-data-security/iran-cyber-...

Iran Cyber Threats Push US Companies to Shore Up Core Defenses

A potential spike in cyberattacks from Iran against US networks is putting companies on alert to test their most basic cybersecurity defenses and sca…
Bill Schenkelberg June 24, 2025 at 8:44am

https://www.infosecurity-magazine.com/news/us-risk-iranian-cyber-at...

US Warns of Heightened Risk of Iranian Cyber-Attacks After Military St

The DHS warned of a heightened risk of cyber and physical attacks on US targets by Iran in retaliation for strikes on Iranian nuclear facilities over…

of 114

This reply was deleted.

Red Sky Alliance

For more information about Red Sky Alliance, follow the link, ABOUT

#xg { position:relative;top:120px; } #xn_bar { top:120px; }

Hello, you need to enable JavaScript to use Red Sky Alliance.

Please check your browser settings or contact your system administrator.

Home

TRENDING

NordDragon Scan

Attack on Canadian Power Meters

Prime Day Scams

NATO Attack

Independent Ransomware Actors

The US Green Energy Security Risks

Russian Internet users are Unable to Access the Open Internet

Turning an RMM into Malware - Using Authenticode Stuffing

Note: this page contains paid content.

REDXRAY

In the News

2023 REDSHORTS

REDSHORT Webinars

Cyber Security Blog

Comments

Red Sky Alliance