Home

Red Sky® Alliance

Wapack Labs has been serving information security professionals for over eight years. We invite businesses and organizations, enterprise to small businesses to learn more about cyber threats and how to avoid them. We provide reports, indicators, references and training about targeted, advanced, and emerging cyber threats in our private portal.

Red Sky® Alliance offers TLP White and Green cyber threat reporting for targeted industry segments, international reports and malware/bot analyses.

Let us better prepare you and your team for new cyber threats.

Signing up for access to all content is simple, just enter your name and email address. Redskyalliance.org is free to members and no salesperson will call.

Trending

CMA CGM hit with Ragnar

Posted by Bill Schenkelberg on September 29, 2020 at 6:07pm

7983768092?profile=RESIZE_400x French container shipping company CMA CGM was hit by a major cyber-attack on 27 September 2020, which disrupted its daily operations.  According to Lloyd’s of London Intelligence sources, several of the company’s Chinese offices were affected by Ragnar Locker ransomware.   CMA CGM initially claimed that their booking system was disabled by an internal IT issue, but later confirmed…

Read more…

Iranian Hackers Indicted and Will Never Serve Time in Prison

Posted by Jim McKee on September 29, 2020 at 12:13pm

7982907887?profile=RESIZE_400x Last week, the US Department of Justice (DOJ) indicted three Iranian hackers for their role in a campaign intended to steal critical data related to US' aerospace and satellite technology and resources.  Said Pourkarim Arabi, 34; Mohammad Reza Espargham, 25; and Mohammad Bayati, 34; are all residents and nationals of Iran and allegedly participated in a coordinated campaign of identity…

Read more…

Cyberattacks Are Going To Reach All-Time Highs In 2020

Posted by Jim McKee on September 25, 2020 at 3:53pm

7969666096?profile=RESIZE_400x In a recent study by CrowdStrike regarding cyber threat activity show more intrusion attempts in the first six months of this year than in all of 2019.  The pandemic-related shift to remote work and the growing availability of Ransomware-as-a-Service (RaaS) were two major drivers.  Red Sky Alliance has reported on many of these ransomware groups and actors in detail in 2020.  These…

Read more…

OldGremlin Ransomware Group Attacks Russian Businesses

Posted by Mac McKee on September 25, 2020 at 3:04pm

7969571052?profile=RESIZE_400x A new cybercriminal group called OldGremlin has been targeting Russian companies including banks, industrial enterprises and medical firms with ransomware attacks.

Researchers have said that OldGremlin’s first activities began between late March and early April 2020.  The group took advantage of the COVID-19 pandemic in early lures (a common theme for ransomware strains during…

Read more…

Artem Lifshits And Russia’s Election Disinformation

Posted by Yury Polozov on September 25, 2020 at 10:47am

7968972674?profile=RESIZE_400x Artem Lifshits is allegedly a part of Project Lakhta/IRA: the ongoing disinformation campaign targeting the upcoming US election.  Lifshits is facing US criminal charges to commit wire fraud as he was accessing cryptocurrency exchange accounts created using stolen US persons’ personal data.

 

Artem Lifshits…

Read more…

Oil and Gas Brief 09 25 2020

Posted by Bill Schenkelberg on September 25, 2020 at 8:50am

7968702886?profile=RESIZE_400x Activity Summary - Week Ending 25 September 2020:

  • Analysts identified 3,021 new IP addresses participating in various Botnets
  • Red Sky Alliance observed 56 unique email accounts compromised with Keyloggers
  • RSAC identified 46,283 connections from new unique IP addresses
  • Winnti Group and the Shadowpad Backdoor
  • Baka JavaScript Skimmer…
Read more…

Maritime Cyber Security is Updating; Good !!

Posted by Bill Schenkelberg on September 23, 2020 at 12:43pm

7962214498?profile=RESIZE_400x The current US administration is signaling it will be updating the US government’s approach to its maritime cybersecurity strategy.  Cyber security priorities are being discussed to enhance and secure the US’ ability to ‘project power at sea and defend against adversarial cyberattacks.’  The plan involves a re-examination of the national approach to information sharing and better…

Read more…

Raccoon Attack: Exposes Secret Key

Posted by Jim McKee on September 22, 2020 at 2:48pm

7957276054?profile=RESIZE_400x A group of researchers has detailed a new timing vulnerability in Transport Layer Security (TLS) protocol that could potentially allow an attacker to break the encryption and read sensitive communication under specific conditions.  Dubbed "Raccoon Attack," the server-side attack exploits a side-channel in the cryptographic protocol (versions 1.2 and lower) to extract the shared secret key…

Read more…

REDXRAY® TWO WEEK FREE TRIAL! SIGN UP TODAY

REDXRAY® DISCOVERY -- Daily Notification report of threats against your network. Two Week FREE TRIAL. Sign Up Today, We will get you started!

Schedule Your Demo Now 888-RedXray (888-733-9729)

Webinars

The next Wednesday Threat Brief is September 30th, at 9:30AM. Every other Wednesday, we review cyber activities, and in 10 minutes or less, you are up to date.

REGISTER HERE

Weekly Briefs Archive. Did you miss previous Cyber Briefs? To catch up, click the playlist link below. Subscribe and be notified when a new video has been added.

WATCH & SUBSCRIBE

In the News

Red Sky Alliance

For more information about Red Sky Alliance, follow the link, ABOUT

RedXray® Compose

Have a writing assignment? Writer's block? Looking for some ideas? Have an idea but need to flush it out some? Have you tried our RedXray® Compose tool? CLICK HERE. Give it a try, you won't be disappointed.

Cyber Security Blog

You need to be a member of Red Sky Alliance to add comments!

Join Red Sky Alliance

Comments

  • Bill Schenkelberg September 14, 2020 at 11:29am
    Hiring Ship Security & Armed Guards - What You need to Know, from our friends at Dryad Global (see Transportation room). Red Sky Alliance works close with Dryad to show the importance of both maritime physical and cyber security. Piracy and kidnapping remains a transportation challenge.
  • Jim McKee September 11, 2020 at 5:12pm
    You have humans on your network. They are all over your network doing all sorts of things with company data. Most of them are doing exactly what they are supposed to be doing. Nothing new to report there but do you know who they all are? Should they have that level of access? Why is someone in accounting downloading 1 TB of data? Did that new salesperson just send the competitors a price list? When is the last time you REALLY did some security awareness training besides that one video you sent 6 months ago?

    Now people are working from home. Who is using this corporate device? Where did this Chromebook come from on the network? We have people working at home from China?

    We have a lot of questions and a lot of work ahead of us as it relates to the human element and Information Security. Some say there is are technical controls we need to put in place. Some say it is merely adopting a company culture shift toward security. The truth is probably somewhere in the middle. Discover Recover RedXray
  • Yury Polozov September 10, 2020 at 12:29pm
    New sanction against Russian cyber actors lists virtual currency wallets that they were using! "Cyber-related Designations; ​​​​Foreign Interference in U.S. Election Designations" https://home.treasury.gov/policy-issues/financial-sanctions/recent-...
    Cyber-related Designations; ​​​​Foreign Interference in U.S. Election Designations | U.S. Departmen…
  • Bill Schenkelberg September 2, 2020 at 2:43pm
    Slack has patched a critical remote code execution vulnerability that could enable an attacker to execute arbitrary code in the desktop version of its collaboration software, researchers report. The remote code execution flaw could allow a successful attacker to fully control the Slack desktop app on a target machine. https://www.darkreading.com/vulnerabilities---threats/slack-patches...
    Slack Patches Critical Desktop Vulnerability
    The remote code execution flaw could allow a successful attacker to fully control the Slack desktop app on a target machine.
  • Bill Schenkelberg August 28, 2020 at 10:40am
    Our friends from Dryad Global are reporting that a Marshall Islands flagged Oil tanker PIKE IMO: 9396672 was approached by a small craft approximately 12-14m long. There were 6-8 persons onboard as well as a metal ladder. They attempted to board but aborted after avoidance maneuvers were made by the vessel. The vessel and crew are safe and have continued on route." This demonstrates the persistent perils of shipping off the coast of West Africa. https://channel16.dryadglobal.com
    Channel 16
    The latest global news relating to security and risk, specific to commercial maritime and private yacht operations.
  • Bill Schenkelberg August 28, 2020 at 9:20am
    RedXray® DISCOVERY - 2 Week Free trial.....check it out.
  • Pamela Bierau August 20, 2020 at 1:12pm
    Nibbi : The very active APT group of unknown origins. Learn More. Register for our August 27, 2020 CIB Webinar. More topics to come. We will keep you updated. https://global.gotowebinar.com/join/8782169210544615949/854841547
  • Bill Schenkelberg July 2, 2020 at 9:46am
    Check out the current issue of Phish & Ships for July 2020 - from our friends at Be Cyber Aware at Sea. In the Transportation Section.
  • Jonathon Sweeney June 15, 2020 at 3:32pm
    Indicators from around the world. Take a look at this week's indicators and see how malicious emails have no problem crossing international borders.
  • Jonathon Sweeney June 10, 2020 at 8:50am
    Shanghai is the busiest shipping port in the world... Which also makes it one of the largest targets in the maritime sector. Take a look at the top indicators in the Indicators channel this week!
This reply was deleted.
E-mail me when people leave their comments –
Follow