Red Sky Alliance

Wapack Labs has operated Red Sky Alliance for over seven years. We are a trusted group of organizations, large and small, sharing information about targeted, advanced, and emerging cyber threats in a private secure portal. 
Red Sky Alliance offers TLP White and Green reporting that can satisfy most any situational awareness need, with reports, forums and people to ask questions of - Sign up Now for FREE Membership and Access to all Content.

Get Advice, Intelligence, & Help.

The Red Sky Alliance portal offers cyber security reporting and training materials that can help your company meet the cyber threat challenges of today.

Sign up Now for FREE Membership and Access to all Content.


Figure 1. AS-12/AS-31 Losharik tentative schema.

On 1 July 2019, fourteen Russian sailors died in a fire during the testing of a secret Russian military submarine.   The type of vessel is believed to be an AS-12/AS-31 “Losharik” deep-diving nuclear sub.  While the Russian government insists, they were just surveying the ocean floor for science, the high military ranks of the participating sailors show that the spy capabilities to include taping and severing undersea communication…

Read more…

CVE-2017-11882 Email Campaign

In July 2019, Wapack Labs identified a large email campaign using malicious word documents to deliver a variety of malware.  The emails are presumed related by way of similar social engineering, the same URL shortening tactic and shared office exploit for CVE-2018-11882.  In several cases, the emails were sent from legitimate organizations indicating a prior infection was leveraged as a launching point to attack additional entities.…

Read more…
Comments: 0

3193233386?profile=RESIZE_710xThe Hong Kong government’s attempt to enact an extradition agreement with mainland China sparked mass demonstrations in Hong Kong in June 2019.  Protesters took to the streets in record numbers, with as many as two million protesters reported at the peak of the demonstrations.  By 23 June, Hong Kong’s Chief Executive had suspended action on the extradition bill.


Read more…


RedXray, Daily Cyber Risk Management Reporting

How do you know if your supplier, customer, partner, member or subsidiary is in cyber trouble? Is your organization at business risk due to unreported cyber threats? What about your subsidiary locations, members or suppliers? Can they recover from the financial losses suffered by a business interruption, financial loss or ransomware? RedXray notifies you of nine (9) cyber threat categories in your enrolled named entities for any industry segment. For use in supply chains, you can see who is at risk on daily basis to help you comply with NIST 800-171 rules. There are multiple use applications; Banking & Finance, INFOSEC Firms, Insurance, Auto Dealerships, Manfacturing.

If a supplier, customer or partner is having cyber issues, you can identify the problem quickly and easily and mitigate losses immediately.For more information and how to order, please visit https://www.wapacklabs.com/redxray

Wapack Labs in the News

On - Demand, Red Sky Alliance Threat Brief Broadcast.

Please join us every week for an, on demand, rebroadcast of our Weekly Red Sky Alliance Threat Brief, a succinct summary of current threat activities designed to inform your decision-making. Listen in on what our Wapack Labs analysts have been working on.

Register Here, Watch Now
See you online!

Cyber Security Blog

You need to be a member of Red Sky Alliance to add comments!

Join Red Sky Alliance


  • Oil and Gas Brief 07 12 2019 posted in Oil/Gas Section: oilfield services company targeted in phishing campaign,
    Mimikatz and oil, and other topics!
  • The maritime watch list and Vessel Impersonation reports for the week of 07 10 2019 are now posted in the Transportation Section.
  • ISO 26262 in Automotive section.
  • Smart Cars and their cyber vulnerabilities - Automotive Section
  • China and the Strait of Malacca report in Transportation Section
  • Oil and Gas Report 07 05 2019 in Oil/Gas Section
  • Accounting Service Hit with Cyber-Attack in Banking & Finance Section
  • Georgia's courts, Florida cities hit with Ryuk ransomware attacks. Ryuk infection often starts with Emotet botnet distributing Trickbot which brings Mimikatz and PowerShell Empire modules. After hackers expanded laterally and found the victim worth ransoming, they deploy Ryuk to encrypt non-executable files on the infected systems and shared resources. In June 2019, Wapack Labs provided our clients with a detailed description of new Trickbot campaigns.
  • Airport Hacking in Transportation Section.
  • July 2019 Issue of Phish and Ships in Transportation Section.
This reply was deleted.