X-Industry

Security researchers have warned bargain-hunting shoppers to be on the lookout for scams this Amazon Prime Day, after discovering many lookalike domains.  Check Point said that, in June alone, it recorded more than 1000 domains with names resembling “Amazon” and “Amazon Prime,” 87% of which have been flagged as malicious or suspicious.

The security vendor warned that big-name online events like Prime Day are a magnet for fraudsters, who tend to target victims via fake (phishing) sites impersonat

Amazon confirmed a data breach involving employee information after data allegedly stolen during the May 2023 MOVEit attacks was leaked on a hacking forum.  The threat actor behind this data leak, known as Nam3L3ss, published over 2.8 million lines of Amazon employee data, including names, contact information, building locations, email addresses, and more.  Amazon spokesperson Adam Montgomery confirmed Nam3L3ss' claims, adding that this data was stolen from systems belonging to a third-party ser

A few weeks ago, Hackread.com reported about a malware-infected Android TV box available on Amazon: the T95 TV box.[1]  The box contained pre-installed malware, which was discovered by a Canadian developer and security systems consultant.   Now the same TV box is in the news again, and the person who has identified security threats is a Malwarebytes mobile malware researcher.  He purchased this device from Amazon to further probe and instantly realized something was off about this TV box.  He di

Activity Summary - Week Ending on 6 January 2023:

• Red Sky Alliance identified 32,773 connections from new IP’s checking in with our Sinkholes
• Amazon in Singapore hit 32x
• Analysts identified 492 new IP addresses participating in various Botnets
• Red Sky Dark Web Collection for 2022
• LockBit seen twice in Top 5 Malware
• Indian Job Seeker data stolen (IR-23-005-001)
• The Meta Eire Fine
• Five Guys Burgers

Red Sky Alliance Compromised (C2) IP’s 

Activity Summary - Week Ending on 23 September 2022:

• Red Sky Alliance identified 24,982 connections from new IP’s checking in with our Sinkholes
• Amazon Technologies Inc hit 138x
• Analysts identified 1,144 new IP addresses participating in various Botnets
• Shikitega Malware
• Adobe InDesign
• Ragnar
• RedLine Stealer
• Uber Hack
• Bosnia and Herzegovina
• Republika Srpska

Link to full report: IR-22-267-001_weekly267.pdf

The US Department of Commerce's National Institute of Standards and Technology (NIST) has selected four quantum-resistant cryptographic algorithms for general encryption and digital signatures.   NIST, a US standards-setting body and research organization within the Department of Commerce, announced the four algorithms after a six-year period of assessing potential quantum-resistant (QR) alternatives to today's cryptographic algorithms for public key encryption, digital signatures, and key excha

If Artificial Intelligence applications (Ai) like Alexa really can convert voices, using less than a minute of recorded voice into real-time speech, it opens the door to dystopian gaslighting to a whole new level.  This could be frightening, creepy, disturbing and maybe even criminal.  The definition of gaslighting according to Merriam-Webster:  psychological manipulation of a person usually over an extended period of time that causes the victim to question the validity of their own thoughts, pe

Activity Summary - Week Ending on 17 June 2022:

• Red Sky Alliance identified 39,997 connections from new IP’s checking in with our Sinkholes
• Amazon in Portland OR 35 x
• Analysts identified 1,669 new IP addresses participating in various Botnets
• Yashma Ransomware, GoodWill Ransomware and Horsemagyar Ransomware
• Grandoreiro Malware
• Moses Staff
• Summer Vacation
• Async RAT
• Netwire RAT
• Colombian Military members
• Quasar RAT

Link to full report:  IR-22-168-002_weekly168.pdf

Activity Summary - Week Ending on 11 February 2022:
✓ Red Sky Alliance identified 14,657 connections from new IP’s checking in with our Sinkholes
✓ Amazon IP hit – this time in France
✓ Analysts identified 6,580 new IP addresses participating in various Botnets
✓ Emotet still being Used
✓ ShuckWorm
✓ Dark Herring
✓ LockBit 2.0
✓ VodaFone Attack
✓ $94,000 Bitcoins Seized
✓ Drones used to Attack Networks
✓ CapraRAT and Earth Karkaddan

Link to full report: IR-22-042-001_weekly042.pdf

Activity Summary - Week Ending on 4 February 2022:

• Red Sky Alliance identified 39,538 connections from new IP’s checking in with our Sinkholes
• Amazon IP hit
• Analysts identified 3,544 new IP addresses participating in various Botnets
• STRRAT RAT
• Molerats APT
• 47 Tbps DDoS Attack
• Ransomware Operators
• US Public Safety being Targeted
• Maritime Cranes & the Supply Chain
• US Water Protection
• Shipment & Delivery Scams

Link to full report: IR-22-035-001_weekly035.pdf

A major outage in Amazon’s cloud computing network had severely disrupted services at a wide range of US companies beginning on 07 December 2021.  Amazon and some other services including Prime Video and Alexa were affected by computer problems.   Thousands of users in the United States have reported problems on the outage tracking website Downdetector.  There are reports in the US that customers of McDonald's, Netflix, Disney, and several other AWS clients, are had issues too.

Downdetector http

Wells Fargo, the fourth-largest bank in the US, has directed employees to remove the TikTok social media app from their company-issued devices, citing security concerns. The bank's move to ban the app on corporate devices comes on the heels of Amazon, sending very mixed signals to its employees about whether they should remove TikTok from their company-issued devices. 

Amazon said in a memo asking employees to remove the app was initially sent in error, an Amazon spokesperson told media sources.