Home

Red Sky® Alliance

Wapack Labs has been serving information security professionals for over eight years. We invite businesses and organizations, enterprise to small businesses to learn more about cyber threats and how to avoid them. We provide reports, indicators, references and training about targeted, advanced, and emerging cyber threats in our private portal.

Red Sky® Alliance offers TLP White and Green cyber threat reporting for targeted industry segments, international reports and malware/bot analyses.

Let us better prepare you and your team for new cyber threats.

Signing up for access to all content is simple, just enter your name and email address. Redskyalliance.org is free to members and no salesperson will call.

TRENDING

INTELLIGENCE REPORT: ALL SECTORS

Posted by Bill Schenkelberg on May 14, 2021 at 8:35am

8929187069?profile=RESIZE_400x Activity Summary - Week Ending 14 May 2021:

  • Red Sky Alliance observed 78 unique email accounts compromised with Keyloggers
  • Analysts identified 23,596 connections from new unique IP Addresses
  • 1,802 new IP addresses are participating in various Botnets
  • COVID-19 Lures Continue
  • RotaJakiro
  • Lemon Duck
  • Colonial Pipeline and…
Read more…

Social Media Disinformation Targeting NATO

Posted by Jim McKee on May 13, 2021 at 12:55pm

8925820866?profile=RESIZE_400x An ongoing disinformation campaign called "Ghostwriter," which leverages compromised social media accounts is targeting several NATO member countries in Europe.  Ghostwriter is attempting to undermine confidence in the defensive organization as well as spread discord in Eastern Europe.  Researchers who uncovered the campaign in July 2020, have now documented an additional 20 incidents…

Read more…

REvil = LV?

Posted by Davide Emanuele Saturno on May 13, 2021 at 12:01pm

8925651266?profile=RESIZE_400x The REvil ransomware community is one of a new generation of 'Ransomware-as-a-Service' (Raas) businesses. Their core team of developers creates the ransomware, while their "affiliates" spread it to the devices. The developers receive a 20-30% share of any good ransomware attack's earnings, while associates receive a 70-80% payout.Groupe Reorev claims to have had 400GB of confidential data…

Read more…

Another Cyber Shot Heard Around the World

Posted by Bill Schenkelberg on May 13, 2021 at 11:05am

8925521275?profile=RESIZE_400x Critical infrastructure in any country relies on energy sources and transmission for proper and safe national operations.  A direct cyber shot was delivered to the US oil and gas industry, allegedly by a Russian criminal group known as DarkSide.  DarkSide is suspected in the ransomware attack that shut down the US-Georgia based Colonial Pipeline, which immediately created fuel shortages…

Read more…

Dark Web Deep-Dive,Trends, & DarkSide/Colonial Pipeline

Posted by Matt Weidner on May 12, 2021 at 11:14am

8920606657?profile=RESIZE_400x

What is RedPane?

RedPane is a dark web search engine tool that has been developed by Red Sky Alliance since late January 2021. With RedPane we are able to make dark web content available without the need for analysts to touch the dark web to visit Tor .onion sites. To date, we have over 300,000 data points on over 50…

Read more…

This Telegram is Not from Western Union

Posted by Jim McKee on May 11, 2021 at 1:05pm

8913741485?profile=RESIZE_400x Cyber threat actors are increasingly using and abusing Telegram as a "command-and-control" system to distribute malware into organizations that could then be used to capture sensitive information from targeted systems.  Telegram is a cloud-based instant messaging and voice-over IP service. Telegram client apps are available for Android, iOS, Windows Phone, Windows NT, macOS, and Linux. …

Read more…

Supply Chains Under Attack

Posted by Mac McKee on May 10, 2021 at 3:07pm

8910810901?profile=RESIZE_400x The U.S. Cybersecurity and Infrastructure Security Agency and the National Institute of Standards and Technology have released a report providing insights on how to enhance supply chain security in the wake of the SolarWinds attack.

The guidance released 28 April 2021, "Defending Against Software Supply…

Read more…

US Pipeline Attacked with Ransomware

Posted by Bill Schenkelberg on May 10, 2021 at 11:12am

8910336854?profile=RESIZE_400x US Atlanta based Colonial Pipeline Company said in a statement last Friday that it was the victim of a cybersecurity attack, and so "proactively took certain systems offline to contain the threat, which has temporarily halted all pipeline operations, and affected some of our IT systems."  An updated statement over the weekend it said it had "determined that this incident involves…

Read more…

REDXRAY® TWO WEEK FREE TRIAL! SIGN UP TODAY

REDXRAY® DISCOVERY -- Daily Notification report of threats against your network. Two Week FREE TRIAL. Sign Up Today, We will get you started!

Schedule Your Demo Now 888-RedXray (888-733-9729)

2021 SMART4SEA Talk - Becoming cyber resilient: Past, Present,Future

Botnet Detection With Red Sky Alliance & IPinfo

Identify possible malware installations using either our botnet tracker collection or our sinkhole traffic collection. In many cases, it can also identify the malware protocol resulting in high confidence hits. This threat intelligence includes source IP addresses, destination IP addresses, domains, or URLs. DEMO SIGNUP

Webinars

Please Join our REDSHORT webinar. 'RED' as in something important from Red Sky Alliance and 'SHORT' as in 10 minutes or less twice a month. We will cover highlights of 1-2 trending topics, Trending Cyber Indicators, and include a link to a detailed report we will share. Our Encore presentations, also twice a month, same place & time, we will present previous webinars. Questions on any of these webinars can be answered in our redskyalliance.org Cyber Security Blog.

REGISTER HERE

In the News

Red Sky Alliance

For more information about Red Sky Alliance, follow the link, ABOUT

Cyber Security Blog

You need to be a member of Red Sky Alliance to add comments!

Join Red Sky Alliance

Comments

  • Jim McKee May 10, 2021 at 9:10am
    It is early in the MDT time zone and I just finished taping the Smart4Sea Virtual Talk. The panel discussion will be broadcasted on Wednesday 12 May 2021. Here is the link: events.safety4sea.com/smart4sea-talk
  • Jim McKee April 27, 2021 at 3:44pm
    New access to RedPane our Dark Web Search Engine. Read all about it: https://www.wapacklabs.com/news/2021/4/21/redpane-access
    Red Sky Alliance — Wapack Labs
  • Bill Schenkelberg April 15, 2021 at 9:03am
    On 15 April the Houston Rockets of the National Basketball Association (NBA) reported they are investigating a cyber-attack against their networks from a relatively new ransomware group that claims to have stolen internal business data. The hacking group: Babuk
  • Jim McKee April 7, 2021 at 5:45pm
    Did you ever wonder what my office looks like? Take a look and listen to one of of my recent interviews. https://www.linkedin.com/feed/update/urn:li:activity:67854831587259...
  • Jim McKee March 10, 2021 at 5:15pm
    Red Pane Released to the public this week: https://www.linkedin.com/feed/update/urn:li:activity:67751531235446...
    Jim McKee on LinkedIn: Targeted Dark Web Analysis Engine for Your Cyber Threat Intelligence
    https://lnkd.in/ez9q7Gv The targeted Dark Web intelligence provided by our REDPANE product is an Analysis Engine for your Cyber Threat Intelligence T…
  • Bill Schenkelberg March 9, 2021 at 3:26pm
    US CISA has two new publications related to Microsoft Exchange vulnerabilities; details are provided below.
    CISA page: Remediating Microsoft Exchange Vulnerabilities (TLP:WHITE) https://us-cert.cisa.gov/remediating-microsoft-exchange-vulnerabili...
    CISA Current Activity: CISA Strongly Urges All Organizations to Immediately Address Microsoft Exchange Vulnerabilities (TLP:WHITE) https://us-cert.cisa.gov/ncas/current-activity/2021/03/08/cisa-stro...
    Remediating Microsoft Exchange Vulnerabilities | CISA
    Note: CISA will update this web page as we have further guidance to impart.
  • Bill Schenkelberg March 9, 2021 at 11:48am
    You Can Run, but you Can't Hide - South Korean national police have announced today the arrest of a 20-year-old suspect on charges of distributing and infecting victims with the GandCrab ransomware.
    The suspect, whose name was not released, operated as a customer of the GandCrab Ransomware-as-a-Service (RaaS) cybercrime operation.
    Known as an affiliate — or a distributor— police say the suspect operated by taking copies of the GandCrab ransomware and distributing them via email to victims across South Korea.
  • Jim McKee March 8, 2021 at 5:08pm
    More news on our RedPane Dark Web search engine coming out this week. Please visit https://www.wapacklabs.com/redpane
    RedPane — Wapack Labs
  • Jim McKee March 1, 2021 at 6:18pm
    The Rise of the Data Marketplaces. I was interviewed by Micaela Mengan and here is the link: https://www.linkedin.com/feed/update/urn:li:activity:67722830322180...
  • Bill Schenkelberg February 26, 2021 at 12:58pm
    If you read about CityBee, hacks can happen; anywhere and at any time - Regardless of location. The legitimate and illegitimate Internet has no borders. All companies and businesses need a reasonable level of network protection and sound cyber security procedures and training. Is that all a network needs? No. Had the big-mouthed hacker not announced the CityBee breach and subsequent on-line sale of data – the victims would not know what happened. Enter Red Sky Alliance and CTAC/RedXray and it RedPane dark web collection and analysis component. Our products help further protect your network against hacking and later anguish. Our tools and services are an excellent complement to a network defense for any foreign or domestic cyber threat (even in Lithuania). In addition to offering cyber protection, we offer cyber insurance through Cysurance. Call today for a quote.
This reply was deleted.
E-mail me when people leave their comments –
Follow