From our Friends at the US Multi-State (MS)-ISAC:
OVERVIEW Multiple vulnerabilities have been discovered in PHP, the most severe of which could allow for arbitrary code execution. PHP is a programming language originally designed for use in web-based applications with HTML content. PHP supports a wide variety of platforms and is used by numerous web-based software applications. Successfully exploiting the most severe of these vulnerabilities could allow for arbitrary code execution in the con
Ransomware attacks have matured over the years, adopting more stealthy and sophisticated techniques, while at the same time fixing many of the implementation errors that earlier iterations had. Many attacks are now gaining a new data leak component, which exposes companies to more than the traditional data loss associated with ransomware. The trends observed by researchers over the past year indicate that these attacks are not going away and are likely to increase in frequency. With the adven
The FBI’s Internet Crime Complaint Center (IC3) published its 2019 Internet Crime Report which stated that cybercrime was behind individual and business losses of $3.5 billion, represented by 467,361 reported complaints received last year. Under the subsection titled: “Reported Complaints,” many individuals and businesses did not report their losses and this dollar amount of losses is under reported. IC3 says that it has received 4,883,231 complaints since its inception in May 2000, with an av
Delays in loading and delivery of cargoes in the tanker, dry bulk and container shipping segments are being reported due to ships being forced to sit idle amid a lack of crew availability.
Merchant ships arriving in A
As of January 1, 2020, California became the first state to permit residents whose personal information is exposed in a data breach to seek statutory damages in amounts ranging from $100-$750 per incident, even in the absence of any actual harm, with the passage of the California Consumer Privacy Act (“CCPA”). The class actions that follow are not likely to be limited to California residents, but will also include non-California residents pursuing claims under common law theories. At Red Sk
In daily business, you use strong passwords, change them often, update your anti-virus software and use common sense to protect yourself from malicious attacks that could harm your home computer. But what else can you do when you travel?
When you are traveling, you are unaware of many types of threats, how can you keep your communications gear safe when you are not in the office or your own home? According to a recent report, loses related to cybercrime is projected to exceed $6 trillion by 2
It is getting more expensive for organizations that are victims of ransomware attacks to recover. The average cost more than doubled in the final quarter of 2019. According to a recent report, an average total cost of negotiation, remediation and ransom payment is $84,116. This amount is almost double the previous figure of $41,198.
This increase is not only the result of cybercriminals demanding higher ransom amounts, but the increase in the number of victims who are willing to pay the ranso
Does your company have $50 million to spare? That is how much a ransomware attack cost Norsk Hydro in the first quarter of 2019. A total of 22,000 computers had their files forcibly encrypted across 40 countries in which the aluminum producer operates. Employees were using typewriters and manual production lines where possible to operate the business. Norsk Hydro did not pay the hackers’ ransom and was completely honest about what happened. Its approach was praised by both law enforcement and
Europol.com
The new 2020 decade started with many twists and turns inside the Geo-Political (GEOPOL) World; specifically, the current Iran / US escalation of tensions and associated US sanctions. This has raised cyber concerns with international governments and private sectors alike. Researchers are providing various “warnings” to keep in mind when dealing with international political, business affairs, and hybrid terrorism. The new attack phenomenon is the convergence of physical and cyber-a
Our friends and colleagues at Dryad Global, Experts in Global Issues and Maritime Security Risk Management, has provided us with their 2019 Global Security Review and 2020 risk assessment for the Shipping Industry. Red Sky Alliance has been working close with Dryad this past year and we have observed and appreciated their timely and actionable maritime intellgience reports. This information is of extreme valuable to our members who operate in the Transportation Sector.
From Dryad: "Managed b
Our friends at Global Rescue offer their 2020 Travel Trends, which are very usful for Red Sky Alliance members who travel internationally. Global Rescue is a trusted partner of Red Sky Alliance.
Link to full report:
https://www.globalrescue.com/common/blog/detail/Travel-Trends-for-2020/
SUMMARY
On 27 Dec 2019, the United Nations General Assembly approved a resolution proposed by Russia for the formation of an “ad hoc intergovernmental committee of experts to elaborate a comprehensive international convention on countering the use of information and communications technologies for criminal purposes.” The first meeting of this committee is scheduled for August 2020.
The US has objected to this effort, and many democratic countries have also spoken against this proposal yet is als
After the Russians were banned from the Olympics for another four years in a unanimous decision from the World Anti-Doping Agency (WADA), the immediate reaction from Russia was fury and denial. So now everyone is waiting to see how Russia will respond.
In 2016, Red Sky Alliance analysts reported on the Russian retaliation when Russia was banned from the Olympics for steroid use. 2016 saw unprecedented Russian physical, cyber and physiological interference into the US presidential election, but
Summary
Red Sky Alliance recently learned of the defacement of multiple American websites by a self-proclaimed Iranian hacker as apparent revenge for the fatal US drone strike on Iranian General Qasem Soleimani. Evidence indicates that these are low level attacks looking to target convenient and insecure targets. The attacker, identifying as an Iranian hacker, posted a picture of General Soleimani on all of the defaced pages along with multiple social media accounts and a Gmail account; likely
A class action lawsuit was filed in California against TikTok, the Chinese social media platform developer, in November 2019. The lawsuit claimed that the TikTok app was designed to “covertly tap into a massive array of private and personally-identifiable information” and used “non-standard encryption to conceal the transfer of such data from users’ devices to Defendants.”
The 46-page lawsuit text contained details about the data types that TikTok was collecting, including user-generated video
FBI Flash Bulletin / TLP GREEN
Unknown cyber actors have targeted multiple US and international businesses with Maze ransomware since early 2019. Maze encrypts files on an infected computer’s file system and associated network file shares. Once the victim has been compromised, but prior to the encryption event, the actors exfiltrate data. After the encryption event, the actors demand a victimspecific ransom amount paid in Bitcoin (BTC) in order to obtain the decryption key. An international
Hong Kong conducted District Council elections on 24 November 2019. These local councils handle quality-of-life issues for their constituents, but the elections were seen as a referendum on the anti-Beijing protests that have rocked Hong Kong for several months. The election results strongly favored pro-democracy forces. Of the 452 seats contested, 388 were won by pro-democracy candidates and only 62 went to pro-establishment parties.
The clear message that most Hong Kong citizens supported w
Summary
RedXray is cyber threat notification service that simplifies monitoring for organizations and supply chains.
In 2016, the World Anti-Doping Agency (WADA) commissioned an investigation into reports that the Russian government was sponsoring blood doping of Russian Athletes. Cybersecurity analysts worldwide witnessed cyber-attacks originating from the GRU-linked APT28, better known as “Fancy Bear,” aimed at anti-doping agencies such as the WADA. These attacks were carried out against age
California has recently created a law known as the California Consumer Privacy Act (CCPA) which will go into effect on January 1, 2020. Similar to Europe’s GDPR regulations, the act aims to inform consumers about the information being collected about them, while giving them the power to decide how that information is handled. This law only protects California consumers and exclusive to the following companies:
Red Sky Alliance information sharing portal provided data about a member falling for a business email compromise (BEC). Attackers sent a payment request spoofing a well-known local contractor by changing TLD from .COM to .US. In total, 113 additional domains were registered by the same actors in August-November 2019.
Details
On 26 November 2019, a Red Sky Alliance member shared a fraud report regarding a local construction company email which was spoofed. The attackers convinced the member’s pr
