Sort by
Activity Summary - Week Ending on 1 August 2025
- Red Sky identified 8,344 connections from ‘new’ and unique, compromised IP addresses
- FBW NETWORKS SAS in France hit 1,915x
- CISA Alert - LG Innotek CCTV Cameras
- CVE-2025-7742
- Network Thermo
Activity Summary - Week Ending on 25 July 2025
- Red Sky identified 5,440 connections from ‘new’ and unique, compromised IP addresses
- KPROHOST LLC in the Netherlands hit 102
- CISA Alert – Interlock Ransomware
- ClickFix Social Engineering
- Co
Activity Summary - Week Ending on 18 July 2025
- Red Sky identified 9,680 connections from ‘new’ and unique, compromised IP addresses
- NortonLifeLock in Australia hit 113
- CISA Alert – FRED
- CVE-2025-1727
- The Association of American Railroads
Activity Summary - Week Ending on 11 July 2025
- Red Sky identified 5,698 connections from ‘new’ and unique, compromised IP addresses
- FBW Networks in France hit 461
- CISA Alert – Value Link
- CVE-2025-52579
- CVE-2025-50109
- Android User Warning
- P
Activity Summary - Week Ending on 4 July 2025
- Red Sky identified 10,162 connections from ‘new’ and unique, compromised IP addresses
- DataCamp in France hit 1,665
- CISA Alert – Hitachi Energy
- CVE-2020-11022
- RedXray 90-day Collection and Analys
Activity Summary - Week Ending on 27 June 2025:
- Red Sky identified 11,448 connections from ‘new’ and unique, compromised IP addresses
- CyberZone in US hit 88x 2nd week
- CISA Alert – Schnieder Electric
- CVE-2025-3905, CVE-2025-3116, CVE-2025-3117
Activity Summary - Week Ending on 20 June 2025:
- Red Sky identified 7,274 connections from ‘new’ and unique, compromised IP addresses
- CyberZone in US hit 88x
- CISA Alert – ProGauge MagLink LX
- CVE-2025-5310
- Fake CAPTCHAs
- Russian Doppelganger
- Lo
Activity Summary - Week Ending on 6 June 2025:
- Red Sky identified 18,890 connections from ‘new’ and unique, compromised IP addresses
- Contabo[.]com in Germany hit 1,714x
- RedSky DarkWeb Data Collection – last 90 Days
- CISA Alert – Santesoft
- Color
Activity Summary - Week Ending on 30 May 2025:
- Red Sky identified 18,890 connections from ‘new’ and unique, compromised IP addresses
- Contabo[.]com in Germany hit 1,714x
- RedSky Malicious E-mails Data Collection – last 7 Days
- CISA Alert – Best Practi
Activity Summary - Week Ending on 23 May 2025:
- Red Sky identified 16,345 connections from ‘new’ and unique, compromised IP addresses
- Proton[.]me in France hit 1,196x 2nd week
- RedSky Malicious OSINT Data Collection – last 7 Days
- CISA Alert – DEEBOT V
Activity Summary - Week Ending on 16 May 2025:
- Red Sky identified 16,345 connections from ‘new’ and unique, compromised IP addresses
- Proton[.]me in France hit 1,164x
- RedSky Malicious E-mail Data Collection – last 7 Days
- CISA Alert – Hitachi Energy
Activity Summary - Week Ending on 9 May 2025:
- Red Sky identified 18,203 connections from ‘new’ and unique, compromised IP addresses
- Netutils[.]io in France hit 15x
- RedSky Malicious E-mail Data Collection – last 30 Days
- CISA Alert – BrightSign
- CVE-2
Activity Summary - Week Ending on 2 May 2025:
- Red Sky identified 18,203 connections from ‘new’ and unique, compromised IP addresses
- Netutils[.]io in France hit 15x
- RedSky Source Code Secrets Data Collection – last 90 Days
- CISA Alert – Delta Electro
Activity Summary - Week Ending on 25 April 2025:
- Red Sky identified 13,055 connections from ‘new’ and unique, compromised IP addresses
- HostBaltic in Lithuania hit 171x
- RedSky ThreatRecon – last 365 Days
- CISA Alert – Yokogawa
- CVE-2025-1863
- APT29/
Activity Summary - Week Ending on 18 April 2025:
- Red Sky identified 20,392 connections from ‘new’ and unique, compromised IP addresses
- Netiface in France hit 1,051x
- RedSky Store & Share Data Collection – last 90 Days
- CISA Alert – Mitsubishi Electri
Activity Summary - Week Ending on 11 April 2025:
- Red Sky identified 19,848 connections from ‘new’ and unique, compromised IP addresses
- BullRDP in Germany hit 118x
- RedSky Malicious Email Data Collection – last 30 Days
- CISA Alert – Fast Flux
- PDNS pro
Activity Summary - Week Ending on 4 April 2025:
- Red Sky identified 12,395 connections from ‘new’ and unique, compromised IP addresses
- Layerstack Cloud in Hong Kong hit 24x 2nd week
- RedSky Sinkhole Traffic – 1 Year
- CISA Alert – Supply Chain Integrity
Activity Summary - Week Ending on 28 March 2025:
- Red Sky identified 16,964 connections from ‘new’ and unique, compromised IP addresses
- Layerstack Cloud in Hong Kong hit 19x
- CISA Alert – CVE’s: 2025-24472 & 2025-30066
- RansomHub Affiliates
- Custom
Activity Summary - Week Ending on 21 March 2025:
- Red Sky identified 13,150 connections from ‘new’ and unique, compromised IP addresses
- RouterHosting LLC in Netherlands hit 200x
- CISA Alert – RaaS Medusa Ransomware
- Rclone
- TinyShell Back Door
- Junipe
Activity Summary - Week Ending on 14 March 2025:
- Red Sky identified 18,920 connections from ‘new’ and unique, compromised IP addresses
- PureVPN in Netherlands hit 206x
- CISA Alert - BACnet Capture Tool
- Impersonation of Official Emails
- Taiwan's Nation