All Articles (2217)

Sort by

13104873684?profile=RESIZE_400xResearchers at Google said last week that they have discovered the first vulnerability using a large language model.  In a blog post, Google said it believes the bug is the first public example of an AI tool finding a previously unknown exploitable memory-safety issue in widely used real-world software.  The vulnerability was found in SQLite, an open-source database engine popular among developers.

Google researchers reported the vulnerability to SQLite developers in early October, who fixed it

13107666684?profile=RESIZE_400xKnown for targeting iOS devices, it has been expanded to include capabilities for compromising device security and stability. ThreatFabric, who discovered the malware, initially published a report on LightSpy for macOS in May 2024. During that investigation, the analysts found that the same server managed both macOS and iOS versions of LightSpy. This discovery allowed ThreatFabric to conduct a new, detailed analysis of the spyware targeting iOS published today, finding notable updates compared t

13105282855?profile=RESIZE_400xThe Black Basta group is a Ransomware-as-a-Service (RaaS) provider that has been in operation since at least April of 2022.  The group is believed to be comprised of former members of the ransomware groups Conti and REvil.  The reason for this belief is driven by several factors, such as the similarities in their tactics and their rapid integration into the cybercriminal ecosystem.

Black Basta is credited as having victimized over 500 organizations.  In the first quarter of 2024, the group had c

13104605869?profile=RESIZE_400xA global law enforcement operation has disrupted infrastructure for the Redline and Meta info stealers, malware tools that cybercriminal groups use to steal sensitive personal data. Operation Magnus took place on 28 October 2024, with law enforcement shutting down three servers used to run the malware in the Netherlands and the seizure of two domains. This means the malware no longer functions and cannot currently be used to steal new data from infected victims.
See: https://redskyalliance.org/xi

13085818868?profile=RESIZE_400xA subtle shift in rhetoric has seen IMO secretary-general Arsenio Dominguez turn the tables on industry demands for regulatory clarity and highlight the reciprocal requirement for private partnership and proactive engagement.  Dominguez, ‘It’s now [every single actor’s] turn to take actions in how they define their own goals in decarbonizing.’  Regulation alone will not be sufficient to decarbonize the maritime sector; it requires more proactive engagement from industry stakeholders across the s

13095474273?profile=RESIZE_400x

 

Red Sky Alliance monthly queries our backend databases, identifying all new data containing supply chain keywords in the subject line of malicious emails.  Malicious actors use emails with various supply chain related keywords as a lure to entice users in the maritime industry to open emails containing malicious attachments.  The identified emails attempted to deliver malware or phishing links to compromise the entire Transportation Supply Chain.  Specific names or key words in the transporta

13095046264?profile=RESIZE_400xA criminal operation called Emeraldwhale has been discovered after it dumped more than 15,000 credentials belonging to cloud service and email providers in an open AWS S3 bucket, according to security researchers.  The unknown data thieves embarked on a "massive scanning campaign" between August and September, looking for servers with exposed Git configuration and Laravel environment files.  "This campaign used multiple private tools that abused multiple misconfigured web services, allowing atta

13085714290?profile=RESIZE_400xIn February 2024, Change Healthcare, a subsidiary of UnitedHealth Group (UHG), was the victim of a significant ransomware attack carried out by the ALPHV/BlackCat ransomware group.  The attackers gained access to Change Healthcare's systems for over a week between February 12 and 20 February 2024, stealing around 4 terabytes of data, including protected health information (PHI) in the process.  The breach had the potential to impact up to 110 million individuals, potentially exposing sensitive h

13086077101?profile=RESIZE_400xEvery year, the statistics on cyber-attacks seem to get spookier, according to Chuck Brooks, President of Brooks Consulting International.  “As we finish October’s Cybersecurity Awareness month, it is a suitable time to review some of the key statistics and trends that can haunt us and help us meet the cybersecurity challenges of the evolving digital ecosystem.  There are so many frightening cyber stats that I had room for only a few categories, but they are important ones to know.”

The healthca

13080627469?profile=RESIZE_400xMarriott's slogan is "We Serve Our World."  This slogan reflects the company's commitment to positively impacting the world, its guests, and the communities it operates in. Marriott International entered a $52 million settlement with the US Federal Trade Commission (FTC) to resolve allegations from a massive data breach that affected millions of guests.  The breach between 2014 and 2018 involved exposing sensitive customer information, including names, passport numbers, credit card details, and

13076489058?profile=RESIZE_400xA mysterious new image generation model is beating models from Midjourney, Black Forest Labs, and OpenAI on the crowdsourced Artificial Analysis benchmark.

An image generation model is a conceptual understanding of how light from a scene is converted into an image. There are two types of image generation:

  • Unconditional generation: Generating new images from an existing dataset without any specific conditions.
  • Conditional image generation: Generating samples based on a specific label or conditio

13076079865?profile=RESIZE_400xCybersecurity researchers at Aqua Nautilus have discovered a new hacking campaign by Adept Libra (aka TeamTNT), targeting exposed Docker daemons to deploy Sliver malware, a cyber worm, and crypto miners. 

TeamTNT is a notorious hacking group known for aggressive and persistent attacks on cloud-native environments.  The group is known for exploiting vulnerabilities in Docker daemons and Kubernetes clusters to deploy malware and hijack resources for cryptocurrency mining. 

In a recent campaign, Te

13080587485?profile=RESIZE_400xA new malware family named WarmCookie, also known as BadSpace, has been actively distributed through malspam and malvertising campaigns since April 2024.

See:  https://redskyalliance.org/xindustry/windows-backdoor-to-push-badspace  

According to a blog post from Cisco Talos published on 23 October 2024, the malware facilitates persistent access to compromised networks. It has been observed as an initial payload, often leading to the deployment of additional malware such as CSharp-Streamer-RAT an

13074788297?profile=RESIZE_400xThe Ukrainian Computer Emergency Response Team has issued a new security warning after discovering a cyber-attack campaign carried out by the APT28 threat group, also known as Fancy Bear.  This group is thought, with a high degree of confidence, to be affiliated with Russian military intelligence operations.  Here’s what we know so far and what you need to watch out for if you think you might be at risk of being targeted. 

The APT28 Fancy Bear Cyber Attack Campaign Warning From CERT-UA - The Ukr

13058092288?profile=RESIZE_400xChina's National Computer Virus Emergency Response Center (CVERC) has doubled down on claims that the threat actor known as the Volt Typhoon is a fabrication of the US and its allies.  The agency, in collaboration with the National Engineering Laboratory for Computer Virus Prevention Technology, accused the US federal government, intelligence agencies, and Five Eyes countries of conducting cyber espionage activities against China, France, Germany, Japan, and internet users globally.  Remember, t

13057968466?profile=RESIZE_400xQualcomm has historically been quiet about its automotive aspirations, preferring to focus attention on its Snapdragon mobile and laptop processor offerings.  That might be changing.  The company flew TechCrunch to its Qualcomm Snapdragon Summit on Maui to see its latest Snapdragon Elite chips.  This year it is all about automotive.  The Snapdragon Digital Chassis has been powering cars for a couple of years, but now Qualcomm is touting its Elite horn with Snapdragon Ride Elite and Snapdragon Co

13058028692?profile=RESIZE_400xA new spear-phishing campaign targeting Brazil has been found delivering a banking malware called Astaroth (aka Guildma) by using obfuscated JavaScript to slip past security defenses. The campaign's impact has targeted various industries, with manufacturing companies, retail firms, and government agencies being the most affected. Malicious emails often impersonate official tax documents, using the urgency of personal income tax filings to trick users into downloading the malware.

See:  https://r

13042220494?profile=RESIZE_400xWith everything turning digital, Cyber Security threats have been growing each day as the attack surface is massive and continuing to grow and evolve rapidly.  In response to this unprecedented challenge, Artificial Intelligence (AI) based tools for cyber security have emerged to help information security teams reduce breach risk and improve their security posture efficiently and effectively.

See:  https://redskyalliance.org/xindustry/ai-s-impact-on-cyber

AI is helping firms to become more resil

13041670701?profile=RESIZE_400xWhat did the robot vacuum say to its homeowner?  You suck.  In a bizarre turn of events, owners of robot vacuums across the US have reported that their devices have been hacked.  One particularly alarming case involved a man whose Ecovacs Deebot X2 began yelling racial slurs at him.  The incidents appear to be linked to a security vulnerability in the Chinese-made Ecovacs Deebot X2 model, according to a report by the Australian Broadcast Corporation.  The flaw has exposed widely distributed smar

13052906272?profile=RESIZE_400xResearchers at Microsoft discovered a new macOS vulnerability, “HM Surf” (CVE-2024-44133), which bypasses TCC protections, allowing unauthorized access to sensitive data like the camera and microphone. Patch now to stay protected.  A vulnerability discovered by cybersecurity researchers at Microsoft Threat Intelligence in macOS allows attackers to bypass the operating system’s Transparency, Consent, and Control (TCC) technology, granting unauthorized access to sensitive user data.

Researchers ca