All Articles (1931)

Sort by

12434588286?profile=RESIZE_400xSince March 2023, Akira ransomware has impacted a wide range of businesses and critical infrastructure entities in North America, Europe, and Australia.  In April 2023, following an initial focus on Windows systems, Akira threat actors deployed a Linux variant targeting VMware ESXi virtual machines. As of 1 January 2024, the ransomware group has impacted over 250 organizations and claimed approximately $42 million USD in ransomware proceeds.

Early versions of the Akira ransomware variant were wr

12432960080?profile=RESIZE_400xThere are many factors affecting downtime that manufacturers must consider minimizing disruption to the production line.  While unplanned maintenance is one of the main elements posing a risk to streamlined operations, another growing issue is cyber-attacks and ransomware.

Cyber security has long been a threat to industrial organizations, but the risk, and indeed incident rate, is growing.  According to a report by cybersecurity technology specialists Dragos, ransomware attacks alone against ind

12432194874?profile=RESIZE_400xChinese-linked hackers have snooped around critical US infrastructure and have put themselves in a position to attack at “the right moment,” FBI director Christopher Wray ominously warned.  Speaking at the 2024 Vanderbilt Summit on Modern Conflict and Emerging Threats, Wray underscored that the bureau and other federal authorities have been scrambling behind the scenes to counter the threat, which he said is “upon us now.”  “The PRC [People’s Republic of China] has made it clear that it consider

12429058260?profile=RESIZE_400xAs automotive engineering progresses and moves away from traditional mechanism, the integration of Artificial Intelligence (AI) and Machine Learning (ML) is not just a futuristic possibility; it is increasingly becoming a reality.  These technologies are not only reshaping how vehicles operate but are also enhancing safety, efficiency, and performance.

Dr. Vish Vadari, Senior Technical Specialist Noise, Vibration and Harshness (Global) at ZF Group, explains the potential of AI and ML in optimizi

12429050280?profile=RESIZE_400xWho wants to mess with the food supply?  Foreign adversaries and crooks, that’s who.  The US food and agriculture sector dealt with at least 167 ransomware attacks last year, according to a leading industry group.  In its first annual report, the Food and Agriculture-Information Sharing and Analysis Center (Food and Ag-ISAC) said the industry was the seventh most targeted sector in the country, behind manufacturing, financial services and others.  Thus far in the first quarter of 2024, the secto

12428766264?profile=RESIZE_400xThe UN Security Council’s (UNSC) most recent Arria-formula meeting on a cyber-related topic took place on 4 April 2024.  Organized by the Republic of Korea (ROK) and co-hosted by Japan and the United States (US) the session focused on the “Evolving Cyber Threat Landscape and Its Implications for The Maintenance of International Peace And Security.”  The informal meeting included interventions from more than 30 delegations preceded by technical briefings from Deputy to the High Representative for

12428405482?profile=RESIZE_400xPalo Alto Networks has released fixes for a zero-day vulnerability affecting its GlobalProtect VPN product that is being targeted following its disclosure last week.  Hotfixes for the vulnerability labeled: CVE-2024-3400, were recently published, as promised in an urgent notice about the bug on 12 April.  The zero-day carries the highest severity score possible of 10.[1]

Security company Volexity, which Palo Alto credited with discovering the bug, said it “is highly likely” the attacker behind t

12428818057?profile=RESIZE_400xThe Sysdig Threat Research Team (Sysdig TRT) recently discovered a long-running botnet operated by a Romanian threat actor group, which we call RUBYCARP.  Evidence suggests that this threat actor has been active for at least 10 years.  Its primary method of operation leverages a botnet deployed using a variety of public exploits and brute force attacks.  This group communicates via public and private IRC networks, develops cyber weapons and targeting data, and uses its botnet for financial gain

12057871866?profile=RESIZE_400xRed Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associated

12428815270?profile=RESIZE_400xHundreds of musicians have joined with the Artist Rights Alliance (ARA) to condemn the excessive use of Artificial Intelligence (AI) in the music industry.  As well as they should.  In an open letter organized by campaign group the Artists' Rights Alliance, AI will "infringe upon our rights and devalue the rights of human artists" if used irresponsibly.  American singer Billie Eilish, Katy Perry, Elvis Costello, and UK star Engelbert Humperdinck are among 200 artists calling for the "predatory"

12428378480?profile=RESIZE_400xSome smart locks controlled by Chirp Systems' software can be remotely unlocked by strangers thanks to a critical security vulnerability.  This remote exploitation is possible due to passwords and private keys being hard-coded in Chirp's Android app. Anyone who knows or finds these credentials can use them with an API maintained by smart lock supplier August to remotely open someone's Chirp-powered lock and thus unlock whatever door it is supposed to be protecting.  Chirp has claimed its system

12428175857?profile=RESIZE_400xAs if things were not messy enough in the Change Healthcare attack, a second cybercriminal gang RansomHub is trying to exhort the company's parent, UnitedHealth Group, and have it pay another ransom for data that an affiliate of Ransomware-as-a-Service group BlackCat claims to have stolen in February 2024.   Threat intelligence firm SOCRadar in a recent blog post said RansomHub is threatening to sell "to the highest bidder" 4 terabytes of "highly sensitive data" stolen in the Change Healthcare a

12428366687?profile=RESIZE_400x

Have you noticed that the latest cyberattacks are threatening the very existence of many smaller medical clinics and their doctor's ability to deliver care? The recent cyberattack that took offline the largest US billing and electronic payment system operated by Change Healthcare (https://www.changehealthcare.com), a significant division of UnitedHealth Group, is only the latest, but maybe the current great example.

See:  https://redskyalliance.org/redshorts2023/15-healthcare-cyber-security

The

12428105877?profile=RESIZE_400xAdobe is recruiting help from its network of photographers and videographers to train its new AI text-to-video generator, but is the company paying enough?   To catch up with other AI video generators like Google's Lumiere and OpenAI's Sora, Adobe is purchasing videos that show people engaging in everyday activities like walking, running, using a cell phone, and working out, and other videos showing emotions like sadness, excitement, or rage.  Adobe also requests simple videos of human anatomy l

12428094095?profile=RESIZE_400xBusinesses are constantly seeking new ways to gain a competitive edge and drive growth. However, amid the vast volumes of data generated daily, there lies a hidden treasure trove of information often overlooked - dark data.  According to Gartner, dark data refers to the wealth of information assets that organizations collect, process, and store during regular business activities but fail to utilize effectively.
 
One needs to understand the untapped potential of dark data and the transformative

12428093060?profile=RESIZE_400xDespite the LockBit Ransomware-as-a-Service (RaaS) gang claiming to be back after a high-profile takedown in mid-February 2024, an analysis reveals significant, ongoing disruption to the group's activities, along with ripple effects throughout the cybercrime underground, with implications for business risk.  LockBit was responsible for 25% to 33% of all ransomware attacks in 2023, according to investigators, easily making it the biggest financial threat actor group of the last year. Since it eme

12427925667?profile=RESIZE_400xToday is Tax Day in the US, April 15th.  A reminder to get your taxes filed, or at this point, ask for an extension.  And a warning to be mindful of other US government agencies being targeted.  A recent study reports that cyber warfare is increasingly likely to target federal services that help everyday residents meet their basic needs. 

The report, which is authored by researchers from the Center for Strategic and International Studies, points out that traditionally, cyber defense has focused

12427434059?profile=RESIZE_400xThe UK's competition watchdog sniffed around the AI industry with a bit more interest than usual on 11 April at an antitrust event in the US.  Speaking at the 72nd Antitrust Law Spring Meeting in Washington DC, Sarah Cardell, CEO of the UK Competition and Markets Authority, discussed "growing concerns" that the web of connected partnerships between AI technology companies may hinder competition.  "I think it’s fair to say that when we started this work, we were curious," said Cardell.  "Now, wit

12426363698?profile=RESIZE_400xMatch Systems, a leading authority in crypto crimes investigations and crypto AML solutions provider, has published a comprehensive analytical report examining the potential implications of Central Bank Digital Currency (CBDC) implementation.

In a landscape where the debate between cryptocurrency proponents and CBDC advocates intensifies, Kutin’s report offers a balanced perspective on the advantages and drawbacks of transitioning to a digital currency framework.  The report delves into the nuan

12426632300?profile=RESIZE_400xThe term "malvertising" (or "malicious advertising") suggests an overlap with ads, and not good ones. Therefore, it fuels the fallacy that its impact hardly goes beyond frustration. As a result, those who are unfamiliar might get the impression that it is no big deal, but this is a far cry from the case.

Malvertising acts as a vessel for malware propagation.  To set such a stratagem in motion, cybercriminals poison legitimate websites with ads that lead to shady URLs or download malicious code c