Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments. Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associated
phishing (113)
A new phishing campaign has been observed delivering Remote Access Trojans (RAT) such as VCURMS and STRRAT using a malicious Java-based downloader. The attackers stored malware on public services like Amazon Web Services (AWS) and GitHub, employing a commercial protector to avoid detection of the malware, an unusual aspect of the campaign is VCURMS' use of a Proton Mail email address ("sacriliage@proton[.]me") for communicating with a command-and-control (C2) server.
The attack chain commences
Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments. Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associated
Valentine's Day is a time when many people feel particularly vulnerable, but others also feel generous and giving. This makes it the perfect time for cybercriminals and fraudsters to operate.
The Cyber Helpline https://www.lighthousevictimcare.org/organisation/the-cyber-helpline/, a UK charity led by volunteers and staff from the cybersecurity industry, has expanded to the USA to support those experiencing cybercrime and online harm. The charity expects a considerable increase in online relatio
Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments. Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate
Microsoft representatives have warned that adversaries use OAuth applications as an automation tool to deploy virtual machines (VMs) for cryptocurrency mining and launch phishing attacks. "Threat actors compromise user accounts to create, modify, and grant high privileges to OAuth applications that they can misuse to hide malicious activity," the Microsoft Threat Intelligence team said in an analysis. The misuse of OAuth also enables threat actors to maintain access to applications even if the
Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments. Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associated
At its most basic, the term “auto fill” refers to a feature or set of features that enables users to insert previously entered information into web pages. Depending on the specific application being used, this can be any sort of information like names and address, moving all the way up to information that needs more protection such as credit card numbers and username/password combinations.
On Android devices, it is often the case that an application will display a login form by using what’s cal
Microsoft’s spokesman announced on 13 December 2023 the disruption of Storm-1152, a Cybercrime-as-a-Service (CaaS) ecosystem that created 750 million fraudulent Microsoft accounts supporting phishing, identity theft, and other schemes. The CaaS is believed to have made millions of dollars in illicit revenue by creating fraudulent accounts for other cybercrime groups to use in phishing, spam, ransomware, Distributed Denial-of-service (DDoS), and other types of attacks.
See: https://redskyallian
Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments. Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associated
Social engineering is the attempt to trick someone into revealing information (e.g., a password) or taking an action that can be used to compromise systems or networks. Phishing is a form of social engineering where malicious actors lure victims (typically via email) to visit a malicious site or deceive them into providing login credentials.
Malicious actors primarily leverage phishing for:
- Obtaining login credentials.
- Malicious actors conduct phishing campaigns to steal login credentials fo
Since the introduction of ChatGPT, the media and security experts have warned that phishing tactic are now more powerful, compelling and increasing in numbers. IBM’s X-Force Red wanted an objective assessment on this subjective assumption. The method chosen was to test an AI-generated phishing email and a human generated email against employees working for a healthcare firm. Sixteen hundred staff members were selected: 800 received the AI phish, while the other 800 received the human phish.[1]
Last year, Forbes wrote a scary article about facts and patterns that applied to Halloween and Cybersecurity Awareness Month of October.[1] After another year, the online environment and digital dangers are still unsettling, if not scarier. So, exploring some of the stats and trends is time again.
“In 2023, the World Economic Forum, for the first time, ranked cybercrime and cybersecurity as one of the top ten global risks over a 2-year and 10-year period. Legislation in the US and Europe is m
A new information stealer named ExelaStealer has become the latest one to become available to the hacker audience. There are many choices available for off-the-shelf malware designed to capture sensitive data from compromised Windows systems. ExelaStealer is a largely open-source infostealer with paid customizations available from the threat actor creator.
Written in Python and incorporating support for JavaScript, it comes fitted with capabilities to siphon passwords, Discord tokens, credit c
Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments. Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate
A recent cyber security research project provided that Millennial and Gen Z office workers are more likely to have unsafe cybersecurity habits when compared to Gen X and older (those above 40 years of age).
This is true about performing password hygiene, clicking on phishing links and sharing devices with family and friends:
- 38% of office workers under 40 use the same passwords on multiple devices, compared to 28% of office workers older than 40.
- 34% of office workers under 40 shared work devic
Cybersecurity has always been a race between cybercriminals and defenders. Defense against attackers will improve to adapt to new threats, and then attackers respond by refining their tactics to find the next vulnerability in the defense. It's one of the most dynamic environments in the world of computer science.
One of the most successful and increasingly prevalent ways of attack has come from social engineering, which is when criminals manipulate humans directly to gain access to confidential
A new malware-as-a-service option for cybercriminals known as BunnyLoader was released on September 4th, 2023. It has since seen a variety of updates and has reached version 2.0. As one might expect from any number of the “as a service” monikers, malware-as-a-service is a business model for cybercriminals. The business model is such that malware and its associated infrastructure are provided to customers for a fee. This can also be seen as a variation to the software-as-a-service model.
Thos
FortiGuard Labs researchers recently captured a phishing campaign that spreads a new Agent Tesla variant. This well-known malware family uses a .Net-based Remote Access Trojan (RAT) and data stealer to gain initial access. It is often used for Malware-as-a-Service (MaaS).
An in-depth analysis of this campaign was performed, from the initial phishing email to the actions of Agent Tesla installed on the victim’s machine to collect sensitive information from the affected device. In this analysis, y
Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments. Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate
