Beginning 7 March 2024, EclecticIQ analysts identified an uncategorized threat actor that utilized a modified version of the open-source information stealer HackBrowserData[1] to target Indian government entities and energy sector. The information stealer was delivered via a phishing email, masquerading as an invitation letter from the Indian Air Force. The attacker utilized Slack channels as exfiltration points to upload confidential internal documents, private email messages, and cached web b
india (9)
BRICS leaders are meeting in South Africa on 22 August 2023 to discuss how to turn a loose cabal of nations, accounting for a quarter of the global economy, into a geopolitical force that can challenge the West's dominance in World affairs. Russian President Putin, who faces an international arrest warrant over alleged war crimes in Ukraine, will not join leaders from Brazil, India, China and South Africa amid rifts over whether to expand the bloc to include dozens of "Global South" nations que
The head of Russia’s space agency has extended an offer to Moscow’s partners in the BRICS group Brazil, India, China, and South Africa to participate in constructing a joint module for its planned orbital space station, state media reported on 24 July 2023.
See: https://redskyalliance.org/xindustry/the-brics
Construction of the planned space station follows Moscow’s decision last year to end its decades-long partnership with NASA and withdraw from the aging International Space Station, one of th
Researchers at SentinelLabs have been monitoring a cluster of malicious Office documents that stage Crimson RAT, distributed by APT36 (Transparent Tribe) that target the education sector. Analysts have assessed that this activity is part of the group’s previously reported targeting of the education sector in the Indian subcontinent. Seen was APT36 (also known as Transparent Tribe) introducing OLE embedding to its typically used techniques for staging malware from lure documents and versioned c
The current Ukraine crisis has revealed the willingness of state and non-state actors to involve themselves in conducting attacks of various degrees of severity and frequency. Notably, hacktivists and cybercriminal groups have joined the conflict extending beyond the borders of the two primary combatants, with cyberattacks targeting those governments and private sector organizations perceived to be supporting the other side. Patriotic hacktivism is not necessarily new, especially in troubled a
An Elasticsearch server belonging to a major international IT recruitment and software solution provider is currently exposing the personal data of more than half a million Indian candidates looking for jobs. However, the data is not limited to jobseeker as the server is also exposing the company’s employees’ data. Another important aspect of this data exposure is the fact that it also contains the company’s client records from different companies, including Apple and Samsung.
This was confirm
Activity Summary - Week Ending on 26 August 2022:
- Red Sky Alliance identified 30,967 connections from new IP’s checking in with our Sinkholes
- Microsoft hit
- Analysts identified 2,019 new IP addresses participating in various Botnets
- DarkyLock, Gwisin, vvyu, Kriptor
- Cuba Ransomware
- DiDi Chinese Ride Share
- India hit Hard
- Psychology and Cyber Security
- LockBit in France
- Center Hospital Sud Francilien & La Poste Mobile Hit
Link to full report: IR-22-238-001_weekly238.pdf
The Quadrilateral Security Dialogue (Quad) has signaled its commitment to cybersecurity by announcing a dedicated new group that will promote best practices and shared standards. The announcement came after the first-ever in-person meeting of the Quad, which comprises the US, India, Japan, and Australia in an alliance of democratic nations designed to counter Chinese aggression.
A White House briefing on the leaders’ summit detailed multiple areas of cooperation between the four nations, from C
Activity Summary - Week Ending 7 May 2021:
- Taleq Simeon needs a new Email Address
- Red Sky Alliance identified 15,654 connections from new unique IP Addresses
- Analysts identified 1,209 new IP addresses participating in various Botnets
- Researchers observed 20 unique email accounts compromised with Keyloggers
- FormBook Variant – Part III
- Google Play Store
- Oil and Gas getting SMART
- Oil and Gas on the Rise, Finally
- Cyber-Attack on Oil and Gas to ‘continue’ Rise
- Angola’s National Oil, Gas and Biofuel’
