Home

Red Sky Small Business Alliance

Wapack Labs has operated Red Sky Alliance for almost seven years, and while much of Red Sky Alliance is large enterprise, we see the need to make some of our stuff available for others.

Welcome to Red Sky Alliance for others.

Help When You Need It -- Members help each other. Have a question on which product(s) you should be buying? Ask the question of the community.

Get Advice, Intelligence, & Help.

Finished Analysis

Payday Lender – HIDDEN COBRA and FASTCash

Posted by Bill Schenkelberg on October 10, 2018 at 1:43pm

Multiple Vulnerabilities in Mozilla Thunderbird Could Allow for Arbitrary Code Execution

Posted by Bill Schenkelberg on October 10, 2018 at 12:50pm

Credit Cards and Deep Feature Synthesis

Posted by Yury Polozov on October 4, 2018 at 1:28pm

Unwiped Drives and Servers from Netlink Computer Inc. for Sale on Craigslist

Posted by Bill Schenkelberg on October 4, 2018 at 12:31pm

LoJax Malware

Posted by Bill Schenkelberg on October 1, 2018 at 12:25pm

Magecart Attacks on the Rise

Posted by Bill Schenkelberg on September 30, 2018 at 2:17pm

Comment Wall

You need to be a member of Red Sky Alliance to add comments!

Join Red Sky Alliance

Comments

Jeff Stutzman (admin) August 11, 2018 at 6:02pm

Just posted Silkworm's newest product "How Xin Ping is Transforming China". Enjoy!
https://redsky-sba.ning.com/finished-analysis/how-xi-jinping-is-tra...
Bill Schenkelberg August 9, 2018 at 8:35pm

Check out the new report (Finished Analysis) on the SamSam malware. This ransomware was used to take out the City of Atlanta.
Bill Schenkelberg July 30, 2018 at 2:29pm

Wapack Labs just shared a report on the Predator Pain and Hawkeye keyloggers. These are dated tools, yet are still being used and seen through our monitoring services. Let us know if you would like a more details report - feedback@wapacklabs.com
Bill Schenkelberg July 24, 2018 at 12:32pm

A Red Sky Alliance member passed an old, yet disturbing on-line hoax. Bad actors obtain email and passwords from the underground and send a threat out to the victim's email. The threat is an effort to extort money via a suspect Bitcoin address. Check out the report for details, indicators and mitigation.
Bill Schenkelberg July 18, 2018 at 10:46am

Hello all........we have just added a warning type report on the Persistent XSS Vulnerability in Multiple Asus Routers. A concern to be addressed if using these routers. Also see: CVE-2018-13154. We here at Wapack Labs hope you are having a safe and enjoyable summer.
Bill Schenkelberg July 9, 2018 at 1:20pm

Check out the new intel report on the Rancor Hacking Group.
Bill Schenkelberg July 5, 2018 at 10:31am

We recently helped a company who was hit with Dridex malware. In the analysis we found the a new code injection technique call Atom Bombing was used in the attack. We are currently conducting further technical analysis on Dridex, but in the meantime posted a situational awareness report in our Small Business Alliance portal. If you have any amplifying information on Dridex and or Atom Bombing, please share with our group. Thanks and we hope everyone had a happy and safe 4th of July.
Bill Schenkelberg June 27, 2018 at 3:43pm

Hey all, we just posted a tactical report on the Mylobot. Scary thing about Mylobot, is that is lays wait in your system up to 14 days until it is ready to be activated. We are actively searching for current intelligence on this malware.
Jeff Stutzman (admin) June 22, 2018 at 8:02am

Hello Members. We just posted a report on the top 10 cyber threats small businesses face today. We here at Wapack Labs and Trusted Internet can help with any prevention, support and, or incident response. Give us a holler at feedback@wapacklabs.com or call direct at: (603) 606-1246.
Jeff Stutzman (admin) April 10, 2018 at 7:13am

This is worth calling out…

DHS's National Cybersecurity and Communications Integration Center (NCCIC) is calling out an increase and ongoing threat of ransomeware.

NCCIC has observed an increase in ransomware attacks across the world. Ransomware is a type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid. Ransomware typically spreads through phishing emails or by unknowingly visiting an infected website.
Ransomware can be devastating to an individual or an organization. Anyone with important data stored on their computer or network is at risk, including government or law enforcement agencies and healthcare systems or other critical infrastructure entities. Throughout different ransomware events, NCCIC's best practices and guidance remain the same:

-create system back-ups
-be wary of opening emails and attachments from unknown or unverified senders
-ensure that systems are updated with the latest patches
-NCCIC encourages users and administrators to review its Ransomware page and the U.S. Government Interagency Joint Guidance for further information.

Comments: We realize this this guidance can both be confusing, and in many cases, outside of the reach of many small businesses. If you need assistance, contact Wapack Labs. If we can't help you, we'll refer you out to one of our many trusted local or national partners who can.

—Jeff Stutzman

of 2

This reply was deleted.

Red Sky Alliance