formbook (3)

10575761875?profile=RESIZE_400xRed Sky Alliance regularly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate

10202124065?profile=RESIZE_400xActivity Summary - Week Ending on 11 March 2022:

  • Red Sky Alliance identified 20,047 connections from new IP’s checking in with our Sinkholes
  • Malicious Keylogger data is back with 22 Keylogged emails
  • Analysts identified 3,431 new IP addresses participating in various Botnets
  • Remote Utilities Software
  • Stone Panda
  • Slug & the Daxin Backdoor
  • Mitre ATT&CK - Sightings Ecosystem
  • Nvidia Attack
  • DDoS Annoyance?
  • Oil & Gas Saudi Arabia - Formbook Malware
  • DarkNet City

 

Full report: IR-22-070-001_weekly070.

8801927301?profile=RESIZE_400xActivity Summary - Week Ending 16 April 2021:

  • Red Sky Alliance observed 58 new unique email accounts compromised with Keyloggers
  • Analysts identified 30,373 connections from new unique IP addresses
  • 3,512 new IP addresses participating in various Botnets were Observed
  • Security Researcher under Attack
  • CISA’s New Tool – Aviary
  • FormBook Malware
  • State Sponsored APT
  • Lazarus and Vyvera
  • TiT-for-TaT is Never Good
  • Myanmar and Taiwan Protests

Link to full report: IR-21-106-001_weekly_106.pdf