X-Industry

Microsoft’s spokesman announced on 13 December 2023 the disruption of Storm-1152, a Cybercrime-as-a-Service (CaaS) ecosystem that created 750 million fraudulent Microsoft accounts supporting phishing, identity theft, and other schemes.  The CaaS is believed to have made millions of dollars in illicit revenue by creating fraudulent accounts for other cybercrime groups to use in phishing, spam, ransomware, Distributed Denial-of-service (DDoS), and other types of attacks.

See:  https://redskyallian

Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associated

Social engineering is the attempt to trick someone into revealing information (e.g., a password) or taking an action that can be used to compromise systems or networks.  Phishing is a form of social engineering where malicious actors lure victims (typically via email) to visit a malicious site or deceive them into providing login credentials.

Malicious actors primarily leverage phishing for:

• Obtaining login credentials.
• Malicious actors conduct phishing campaigns to steal login credentials fo

Since the introduction of ChatGPT, the media and security experts have warned that phishing tactic are now more powerful, compelling and increasing in numbers. IBM’s X-Force Red wanted an objective assessment on this subjective assumption.  The method chosen was to test an AI-generated phishing email and a human generated email against employees working for a healthcare firm. Sixteen hundred staff members were selected: 800 received the AI phish, while the other 800 received the human phish.[1]

Last year, Forbes wrote a scary article about facts and patterns that applied to Halloween and Cybersecurity Awareness Month of October.[1]  After another year, the online environment and digital dangers are still unsettling, if not scarier.  So, exploring some of the stats and trends is time again.

“In 2023, the World Economic Forum, for the first time, ranked cybercrime and cybersecurity as one of the top ten global risks over a 2-year and 10-year period.  Legislation in the US and Europe is m

A new information stealer named ExelaStealer has become the latest one to become available to the hacker audience.  There are many choices available for off-the-shelf malware designed to capture sensitive data from compromised Windows systems.  ExelaStealer is a largely open-source infostealer with paid customizations available from the threat actor creator.

Written in Python and incorporating support for JavaScript, it comes fitted with capabilities to siphon passwords, Discord tokens, credit c

Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate

A recent cyber security research project provided that Millennial and Gen Z office workers are more likely to have unsafe cybersecurity habits when compared to Gen X and older (those above 40 years of age).

This is true about performing password hygiene, clicking on phishing links and sharing devices with family and friends:

• 38% of office workers under 40 use the same passwords on multiple devices, compared to 28% of office workers older than 40.
• 34% of office workers under 40 shared work devic

Cybersecurity has always been a race between cybercriminals and defenders. Defense against attackers will improve to adapt to new threats, and then attackers respond by refining their tactics to find the next vulnerability in the defense.  It's one of the most dynamic environments in the world of computer science.

One of the most successful and increasingly prevalent ways of attack has come from social engineering, which is when criminals manipulate humans directly to gain access to confidential

A new malware-as-a-service option for cybercriminals known as BunnyLoader was released on September 4^th, 2023.  It has since seen a variety of updates and has reached version 2.0.  As one might expect from any number of the “as a service” monikers, malware-as-a-service is a business model for cybercriminals.  The business model is such that malware and its associated infrastructure are provided to customers for a fee.  This can also be seen as a variation to the software-as-a-service model.

Thos

FortiGuard Labs researchers recently captured a phishing campaign that spreads a new Agent Tesla variant. This well-known malware family uses a .Net-based Remote Access Trojan (RAT) and data stealer to gain initial access. It is often used for Malware-as-a-Service (MaaS).
An in-depth analysis of this campaign was performed, from the initial phishing email to the actions of Agent Tesla installed on the victim’s machine to collect sensitive information from the affected device. In this analysis, y

Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate

Cybersecurity investigators are warning of a new type of phishing attacks that abuse Google Looker Studio to bypass protections.  Google Looker Studio[1] is a legitimate online tool for creating customizable reports, including charts and graphs that can be easily shared with others.  Looker Studio, formerly Google Data Studio, is an online tool for converting data into customizable informative reports and dashboards introduced by Google on 15 March 2016 as part of the enterprise Google Analytics

Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate

The Lazarus Group is North Korean state sponsored cybercrime group and they have been credited, in one way or another, with a recent social engineering campaign targeting developers on GitHub.  They are said to have been created by the North Korean government as early as 2007 and they are a part of the RGB, which is North Korea’s primary foreign intelligence agency.  “Lazarus Group” would appear to be the primary identity of the group, but they do have several aliases such as Appleworm, Group 77

The QR code system was invented in 1994 under a team led by Masahiro Hara from the Japanese company Denso Wave.  A QR code (quick-response code) was developed as a type of two-dimensional matrix barcode for labelling automobile parts.  Now, using a new twist to bypass detection from security solutions, cyber-attacks are now employing QR codes that your users will not recognize as anything suspicious.

Threat actors need some means of getting a user to engage with malicious content – whether an at

Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate

As anyone who regularly games online can attest, DDoS (dedicated denial of service) attacks are an irritatingly common occurrence on the internet.  Drawing on the combined digital might of a geographically diffuse legion of zombified PCs, hackers can swamp game servers and prevent players from logging on for hours or days at a time.  The problem has metastasized in recent years as enterprising hackers have begun to package their botnets and spamming tools into commercial offerings, allowing any

Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associated

Cyber security researchers identified a new information-stealing malware that targets browsers and cryptocurrency wallets.  Although the malware, called Bandit Stealer, has only targeted Windows systems so far, it has the potential to expand to other platforms such as Linux.  What makes Bandit Stealer particularly dangerous is that it’s difficult for victims to detect, researchers at Trend Micro wrote in a report published last week.

For example, Bandit Stealer can bypass Windows Defender, a sec