All Articles (193)

3887263688?profile=RESIZE_710xFrom our Friends at the US Multi-State (MS)-ISAC:

OVERVIEW  Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow for arbitrary code execution.  PHP is a programming language originally designed for use in web-based applications with HTML content.  PHP supports a wide variety of platforms and is used by numerous web-based software applications. Successfully exploiting the most severe of these vulnerabilities could allow for arbitrary code execution in the con

3865353138?profile=RESIZE_710xRansomware attacks have matured over the years, adopting more stealthy and sophisticated techniques, while at the same time fixing many of the implementation errors that earlier iterations had.  Many attacks are now gaining a new data leak component, which exposes companies to more than the traditional data loss associated with ransomware.  The trends observed by researchers over the past year indicate that these attacks are not going away and are likely to increase in frequency.  With the adven

3859747658?profile=RESIZE_710xThe FBI’s Internet Crime Complaint Center (IC3) published its 2019 Internet Crime Report which stated that cybercrime was behind individual and business losses of $3.5 billion, represented by 467,361 reported complaints received last year.  Under the subsection titled: “Reported Complaints,” many individuals and businesses did not report their losses and this dollar amount of losses is under reported.  IC3 says that it has received 4,883,231 complaints since its inception in May 2000, with an av

3772879530?profile=RESIZE_710xFrom our Friends and Colleagues at Dryad:
The coronavirus outbreak in China has forced several countries to resort to stringent quarantine checks in their battle to contain the spread and the measures are starting to have a knock-on effect on the global commodities shipping market.

3852293469?profile=RESIZE_710xDelays in loading and delivery of cargoes in the tanker, dry bulk and container shipping segments are being reported due to ships being forced to sit idle amid a lack of crew availability.
Merchant ships arriving in A

3841674407?profile=RESIZE_710x

 

As of January 1, 2020, California became the first state to permit residents whose personal information is exposed in a data breach to seek statutory damages in amounts ranging from $100-$750 per incident, even in the absence of any actual harm, with the passage of the California Consumer Privacy Act (“CCPA”).  The class actions that follow are not likely to be limited to California residents, but will also include non-California residents pursuing claims under common law theories.  At Red Sk

3839435339?profile=RESIZE_710x

In daily business, you use strong passwords, change them often, update your anti-virus software and use common sense to protect yourself from malicious attacks that could harm your home computer.  But what else can you do when you travel?

When you are traveling, you are unaware of many types of threats, how can you keep your communications gear safe when you are not in the office or your own home?  According to a recent report, loses related to cybercrime is projected to exceed $6 trillion by 2

3838028473?profile=RESIZE_710xIt is getting more expensive for organizations that are victims of ransomware attacks to recover.  The average cost more than doubled in the final quarter of 2019.  According to a recent report, an average total cost of negotiation, remediation and ransom payment is $84,116.  This amount is almost double the previous figure of $41,198.

This increase is not only the result of cybercriminals demanding higher ransom amounts, but the increase in the number of victims who are willing to pay the ranso

3836726219?profile=RESIZE_710xDoes your company have $50 million to spare? That is how much a ransomware attack cost Norsk Hydro in the first quarter of 2019.  A total of 22,000 computers had their files forcibly encrypted across 40 countries in which the aluminum producer operates. Employees were using typewriters and manual production lines where possible to operate the business.  Norsk Hydro did not pay the hackers’ ransom and was completely honest about what happened. Its approach was praised by both law enforcement and

3831989632?profile=RESIZE_710xEuropol.com

The new 2020 decade started with many twists and turns inside the Geo-Political (GEOPOL) World; specifically, the current Iran / US escalation of tensions and associated US sanctions.  This has raised cyber concerns with international governments and private sectors alike.  Researchers are providing various “warnings” to keep in mind when dealing with international political, business affairs, and hybrid terrorism.  The new attack phenomenon is the convergence of physical and cyber-a

3772879530?profile=RESIZE_710x

Our friends and colleagues at Dryad Global, Experts in Global Issues and Maritime Security Risk Management, has provided us with their 2019 Global Security Review and 2020 risk assessment for the Shipping Industry.  Red Sky Alliance has been working close with Dryad this past year and we have observed and appreciated their timely and actionable maritime intellgience reports.  This information is of extreme valuable to our members who operate in the Transportation Sector. 

From Dryad: "Managed b

3821144092?profile=RESIZE_710xSUMMARY

On 27 Dec 2019, the United Nations General Assembly approved a resolution proposed by Russia for the formation of an “ad hoc intergovernmental committee of experts to elaborate a comprehensive international convention on countering the use of information and communications technologies for criminal purposes.” The first meeting of this committee is scheduled for August 2020.

The US has objected to this effort, and many democratic countries have also spoken against this proposal yet is als

3810783521?profile=RESIZE_710xAfter the Russians were banned from the Olympics for another four years in a unanimous decision from the World Anti-Doping Agency (WADA), the immediate reaction from Russia was fury and denial.  So now everyone is waiting to see how Russia will respond.

In 2016, Red Sky Alliance analysts reported on the Russian retaliation when Russia was banned from the Olympics for steroid use.  2016 saw unprecedented Russian physical, cyber and physiological interference into the US presidential election, but

3804164883?profile=RESIZE_710xSummary

Red Sky Alliance recently learned of the defacement of multiple American websites by a self-proclaimed Iranian hacker as apparent revenge for the fatal US drone strike on Iranian General Qasem Soleimani.  Evidence indicates that these are low level attacks looking to target convenient and insecure targets.  The attacker, identifying as an Iranian hacker, posted a picture of General Soleimani on all of the defaced pages along with multiple social media accounts and a Gmail account; likely

3796993568?profile=RESIZE_710xA class action lawsuit was filed in California against TikTok, the Chinese social media platform developer, in November 2019.  The lawsuit claimed that the TikTok app was designed to “covertly tap into a massive array of private and personally-identifiable information” and used “non-standard encryption to conceal the transfer of such data from users’ devices to Defendants.”

The 46-page lawsuit text contained details about the data types that TikTok was collecting, including user-generated video

3794386206?profile=RESIZE_710xFBI Flash Bulletin / TLP GREEN

Unknown cyber actors have targeted multiple US and international businesses with Maze ransomware since early 2019.  Maze encrypts files on an infected computer’s file system and associated network file shares.  Once the victim has been compromised, but prior to the encryption event, the actors exfiltrate data.  After the encryption event, the actors demand a victimspecific ransom amount paid in Bitcoin (BTC) in order to obtain the decryption key.  An international

3780585643?profile=RESIZE_710xHong Kong conducted District Council elections on 24 November 2019.  These local councils handle quality-of-life issues for their constituents, but the elections were seen as a referendum on the anti-Beijing protests that have rocked Hong Kong for several months.  The election results strongly favored pro-democracy forces.  Of the 452 seats contested, 388 were won by pro-democracy candidates and only 62 went to pro-establishment parties.

The clear message that most Hong Kong citizens supported w

3768494995?profile=RESIZE_710xSummary

RedXray is cyber threat notification service that simplifies monitoring for organizations and supply chains.  

In 2016, the World Anti-Doping Agency (WADA) commissioned an investigation into reports that the Russian government was sponsoring blood doping of Russian Athletes. Cybersecurity analysts worldwide witnessed cyber-attacks originating from the GRU-linked APT28, better known as “Fancy Bear,” aimed at anti-doping agencies such as the WADA. These attacks were carried out against age

3762570835?profile=RESIZE_710xCalifornia has recently created a law known as the California Consumer Privacy Act (CCPA) which will go into effect on January 1, 2020.  Similar to Europe’s GDPR regulations, the act aims to inform consumers about the information being collected about them, while giving them the power to decide how that information is handled.  This law only protects California consumers and exclusive to the following companies:

  • Companies with an annual revenue >$25 Million
  • Companies which buy, receive, or sell th

3752022765?profile=RESIZE_710xRed Sky Alliance information sharing portal provided data about a member falling for a business email compromise (BEC).  Attackers sent a payment request spoofing a well-known local contractor by changing TLD from .COM to .US.  In total, 113 additional domains were registered by the same actors in August-November 2019.

Details

On 26 November 2019, a Red Sky Alliance member shared a fraud report regarding a local construction company email which was spoofed.  The attackers convinced the member’s pr