phishing (48)

10893672288?profile=RESIZE_180x180A China-based cyber actor group is leveraging the trust associated with popular international brands to orchestrate a large-scale phishing campaign dating back as far as 2019.   The threat actor, Fangxiao, is said to have registered over 42,000 imposter domains, with initial activity observed in 2017.  Fangxiao targets businesses in multiple verticals, including retail, banking, travel, and energy.  The offers promised financial or physical incentives are used to trick victims into further sprea

10889453457?profile=RESIZE_400xRecorded Future has shared information regarding potential threats to the 2022 World Cup soccer matches set in Qatar.  Email-based phishing attacks targeting the Middle East doubled in October in the lead up to the World Cup in Qatar, according to new research from Trellix.  Many of the emails purport to come from the FIFA help desk or ticketing office while some impersonate specific team managers and departments.  Others claim to be notifications about bans implemented by FIFA, or spoof Snoonu,

10886962494?profile=RESIZE_400x

 

Red Sky Alliance regularly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with assoc

10872418267?profile=RESIZE_400xThe US Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are raising awareness of the potential threat posed by attempts to manipulate information or spread disinformation in the lead-up to and after the 2022 midterm elections.  Foreign actors may intensify efforts to influence the outcomes of the 2022 midterm elections by circulating or amplifying reports of real or alleged malicious cyber activity on election infrastructure.  Additionally, th

10856609287?profile=RESIZE_400xLinkedIn has become a popular destination for threat actors trying to communicate with people for a variety of purposes, such as distributing malware, cyberespionage, credential stealing, financial fraud, etc.  One common approach to using LinkedIn by cyber criminals is to approach people using fake profile claiming to be a recruiter working at technology, defense, or media companies.  The North Korean-sponsored group Lazarus often engaged in these kinds of activities in order to propagate malwa

10846071263?profile=RESIZE_400xFifteen percent of car dealers have experienced a cybersecurity incident in the past year.  Of those impacted, 85% of the occurrences were due to sophisticated phishing attempts concealed as legitimate emails that resulted in data breaches, IT-related business interruptions and loss of revenue. 

The 2022 State of Cybersecurity in the Dealership report from CDK Global Inc. surveyed business and IT executives at 201 car dealerships in the United States about their current cybersecurity posture.  T

10845614100?profile=RESIZE_400x

 

Red Sky Alliance regularly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with assoc

10813350662?profile=RESIZE_400x

 

Red Sky Alliance regularly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with assoc

10777791658?profile=RESIZE_400x

 

Red Sky Alliance regularly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with assoc

10756568086?profile=RESIZE_400xAccording to cyber threat researchers, phishing incidents are on the rise and will not wane due to their effectiveness as the first step to injecting malware into a target’s network.  A recent report shows that phishing was the most popular attack vector in 2021, resulting in one in five employees falling victim to phishing hacking techniques.  Although technical solutions protect against phishing threats, no solution is 100% effective.  This is the reason why; companies should involve their emp

10661734074?profile=RESIZE_400xRed Sky Alliance regularly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associat

10575761875?profile=RESIZE_400xRed Sky Alliance regularly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate

10482542089?profile=RESIZE_400xThe supply chain provides the framework for the modern transfer of goods.  Logistics play a pivotal role from the acquisition of raw materials to the delivery of a final product to the end user.  Generally, the raw materials are transported to a supplier, who then transports the materials to a manufacturer.  The manufacture creates a finished product that is then distributed to either a retailer or warehouse where the product is either sent to or carried out by the consumer.  Pictured below is a

10215100865?profile=RESIZE_400xRed Sky Alliance performs queries of our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Email subject line Motor Vessel (MV) or Motor Tanker (MT) keyword usage is a common lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which Red Sky Alliance directly observed the vessel being impersonated, with assoc

10184219479?profile=RESIZE_400xSince the beginning of phishing, fraudulent invoicing and purchasing schemes have been one of the most common lures, because they make money.  The usual modus operandi involves appealing to the recipient’s desire to avoid incurring a debt, especially where a business may be involved.  Researchers recently came across an interesting phishing e-mail masquerading as a purchase order addressed to a Ukrainian manufacturing organization that deals with raw materials and chemicals.  The e-mail containe

10053400461?profile=RESIZE_400xActivity Summary - Week Ending on 28 January 2022:

  • Red Sky Alliance identified 21,120 connections from new IP’s checking in with our Sinkholes
  • Intern LLC in Moscow hit
  • Analysts identified 5,665 new IP addresses participating in various Botnets
  • AvosLocker Ransomware
  • Wormable Windows Vulnerability
  • Nmap
  • Belarus Trains hit
  • Canada mad at Russia
  • QR Code Confusion
  • 22% Gone Phishing
  • Vessel Impersonation

 

Link to full report: IR-22-028-001_weekly028.pdf

10046387086?profile=RESIZE_400xRed Sky Alliance performs queries of our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Email subject line Motor Vessel (MV) or Motor Tanker (MT) keyword usage is a common lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which Red Sky Alliance directly observed the vessel being impersonated, with assoc

10001741452?profile=RESIZE_400xConsidering the sensitive information it holds, it is no wonder that the financial services industry continues to be one of the most targeted critical infrastructure sectors by current cyber-criminals.  Recent societal and technological changes during 2021 have made matters worse.

The ongoing COVID-19 pandemic has created a ripe target field for cyberthreats as industries and individuals alike became vulnerable as they wrestled with remote working practices, mass digital disruption, and widening

9768200270?profile=RESIZE_400xCybersecurity researchers are warning about a rise in cyber criminals going after mobile devices as a means of gaining entry to networks.  There has been a surge in mobile phishing attacks targeting the energy sector as cyber attackers attempt to break into networks used to provide services including electricity and gas.

The energy industry is highly critical, providing people with vital services required for everyday use.  That role makes it a prime target for cyber criminals.  That risk was de

9613836687?profile=RESIZE_400xLast week Microsoft Security issued a detailed report on a massive phishing-as-a-service operation named BulletProofLink that offered as a subscription and all the tools needed to conduct a campaign.  The phishing-as-a-service, or PHaaS, model differs from the phishing kits that many gangs have used in that it is more expansive and handles many of the small details that could befuddle a less tech-savvy attacker.

"It's worth noting that some PhaaS groups may offer the whole deal - from template c