X-Industry

Sometimes, good intentioned research can actually benefit adversaries.  Recently when a US-based foreign affairs analyst, received an email from the Director of the “38 North think-tank” to commission an article, it seemed to be business as usual.  The sender was actually a suspected North Korean spy seeking information, according to those involved and three cybersecurity researchers.

Instead of infecting his computer and stealing sensitive data, as hackers typically do, the sender appeared to b

Red Sky Alliance regularly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate

Red Sky Alliance performs queries of our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Email subject line Motor Vessel (MV) or Motor Tanker (MT) keyword usage is a common lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which Red Sky Alliance directly observed the vessel being impersonated, with assoc

Fool me once, shame on you.  Fool me twice, shame on me.  We have all been duped at some level by devious on-line schemers.  In the Cyber World, it sounds like old news.  Phishing is a type of social engineering tactic where an attacker sends a fraudulent ("spoofed") message designed to trick a human victim into revealing sensitive information to the attacker, then introduce malicious software on the victim's infrastructure like ransomware.  Phishing attacks have become increasingly sophisticate

Red Sky Alliance analysts detected Fancy Bear impersonators targeting a US county election information website. Their DDoS ransom note claims they will take the site down one day before the election if not paid in Bitcoin. This year we see an uptick of similar impersonation emails claiming to be from Fancy Bear, Lazarus Group, or Armada Collective hackers.

Details: Florida Vote Case

Election support infrastructure being vulnerable to ransomware attacks is widely discussed.  But sites going dow

The cybercrime environment is evolving as cyber threat actors improve their attack planning, build new malware and sneaky methods to take advantage of both business and consumer’s on-line behavior. Cybercrimes via social media are not new but now have catapulted into a severe problem with the CoronaVirus. Mobile users are more at risk to criminal schemes as popular on-line banking, and merchant services are available as mobile applications.

Besides social engineering techniques, cybercriminals a

Summary

Wapack Labs reports on the use of vessel names as lures in malicious emails.  Using the names of Motor Vessel (MV), or Merchant/Motor Tanker (MT) in the subject line, is a social engineering tactic used by attackers when sending malicious emails to companies related to the shipping industry.  Successful infiltrations into transportation related networks can result in the theft of valuable financial information or corrupt a system with damaging results.   This report provides details about