ransomware (167)

10087498088?profile=RESIZE_400xThe Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI), National Security Agency (NSA), Australian Cyber Security Centre (ACSC), and the United Kingdom’s National Cyber Security Centre (NCSC) issued a joint Cybersecurity Advisory outlining the growing international threat posed by ransomware over the past year.

The advisory titled “2021 Trends Show Increased Globalized Threat of Ransomware”[1] outlines top trends seen across three nation

10084484464?profile=RESIZE_180x180Red Sky Alliance has been building our dark web data collection since late January 2021. With it, we are able to make dark web content available without the need for analysts to touch the dark web to visit Tor .onion sites. To date, we have over 1.3 million data points on over 75 sites and we are adding new sites regulary. The dark web sites that we collect from evolves over time as new sites come and older sites shut down, but we maintain a historical record of those decommissioned sites. Lastl

10068637857?profile=RESIZE_400xDemocratic lawmakers on the House Committee on Financial Services on 27 January 2022 outlined nine (9) provisions of the proposed America COMPETES Act of 2022 one of which has been criticized by the cryptocurrency community for potential privacy and due process concerns.

Committee Chairwoman Maxine Waters, D-Calif., says the America Creating Opportunities for Manufacturing Pre-Eminence in Technology and Economic Strength or COMPETES Act will "strengthen the competitiveness of the US economy and

10065321492?profile=RESIZE_400xThe US government has urged organizations to shore up defenses "now" in response to website defacements and destructive malware targeting Ukraine government websites and IT systems this week.

The US Cybersecurity and Infrastructure Security Agency (CISA) has published a new 'CISA Insights' document aimed at all US organizations, not just critical infrastructure operators.  The checklist of actions is CISA's response to this week's cyberattacks on Ukraine's systems and websites, which the country

10066089458?profile=RESIZE_400xConti ransomware was first discovered in December of 2019 and has become one of the most prominent ransomware platforms to date. The Conti Ransomware as a Service (RaaS) platform gained international attention in May of 2021 when it was used to shutdown Ireland’s Health Service Executive (HSE).  The group has shown no signs of slowing down with notable attacks reported in the United States, Australia, United Kingdom, Taiwan, and Indonesia in the past two and a half months.

The most recent attack

10001741452?profile=RESIZE_400xConsidering the sensitive information it holds, it is no wonder that the financial services industry continues to be one of the most targeted critical infrastructure sectors by current cyber-criminals.  Recent societal and technological changes during 2021 have made matters worse.

The ongoing COVID-19 pandemic has created a ripe target field for cyberthreats as industries and individuals alike became vulnerable as they wrestled with remote working practices, mass digital disruption, and widening

9984343865?profile=RESIZE_400xCyber security investigators have reported that replicable attacks and a low barrier to entry will ensure the rate of supply chain attacks increases in 2022.  The supply chain is a consistent attack vector for threat actors today. By compromising a centralized service, platform, or software, attackers can then either conduct widespread infiltration of the customers and clients of the original singular victim or may choose to cherry-pick from the most valuable potential targets.  This can save cy

9929276269?profile=RESIZE_400xRansomware is now a primary threat for businesses, and with the past year or so considered the "golden era" for operators, cybersecurity experts believe this criminal enterprise will reach new heights in the future.  These are only a handful of 2021's high-profile victims of threat groups including DarkSide, REvil, and BlackMatter.  According to Kela's analysis of dark web forum activity, the "perfect" prospective ransomware victim in the US will have a minimum annual revenue of $100 million and

9909976097?profile=RESIZE_400xPreventing a cyberattack is more cost-effective than reacting to one and we have seen that many boardrooms still are not willing to assign the needed budget.  Too many organizations still are not willing to spend money on preventive cybersecurity because they view it as an unnecessary additional expense.  Later, find they have to spend much more budget dollars recovering from a cyber incident after they get hacked.

Cyberattacks like ransomware, business email compromise (BEC) scams, and data bre

9909597089?profile=RESIZE_400xThe new ransomware operation, which debuted in November 2021, has the potential to be the most sophisticated ransomware of the year, with a highly adjustable feature set that allows for assaults on a wide range of corporate setups. Details have emerged about what is the first Rust language based ransomware strain identified that has already amassed "some victims from different countries" since its launch last month.

The ransomware, now named BlackCat, was disclosed by MalwareHunterTeam  https://

9893535852?profile=RESIZE_400xIn the US Great Depression, there was a song called, ‘Brother, can you spare a Dime.”  Now it is $25.00.  In 2021, there has been a surge in cyber criminals selling access to compromised corporate networks as hackers look to cash in on the demand for vulnerable networks from gangs looking to initiate ransomware attacks.  Some access has been offered at only $25.00.  How would you feel if your organization’s network access was on the “Bargain Rack?”

Researchers at cybersecurity company Group-IB a

9872531073?profile=RESIZE_400xIt is never easy to negotiate with criminals, especially in the cyber-world we live in.  Organizations that fall victim to a ransomware attack should never let the cyber criminals know they have cyber insurance, because if the attackers know that their victim holds an insurance policy, they are more likely to outright demand the ransom payment in full.  Criminals are smart and cunning.

Cybersecurity researchers recently examined over 700 negotiations between ransomware attackers and ransomware v

9868929669?profile=RESIZE_400xIn today’s business world, mergers and acquisitions are commonplace as businesses combine, acquire, and enter various partnerships.  Mergers and Acquisitions (M&A) are filled with often very complicated and complex processes to merge business processes, management, and a whole slew of other aspects of combining two businesses into a single logical entity.  There have been cyber-attacks on companies during M&As, yet there is a growing concern with M&A activities and cyber security.

The use of alt

9868168285?profile=RESIZE_400xThere seems to be a pattern in data breach and other cyber-attack cases.  After a data breach, a company often turns to its insurer for coverage.  Some companies have specialized cyber insurance and sometimes it does not.  Yet, even if businesses have paid for what they believe to be comprehensive cyber security risk insurance, the insurer may refuse to pay the claim.  Insurers often have many reasons for refusing coverage such as a failure to notify in a timely fashion, failure to mitigate cost

9840514871?profile=RESIZE_400xActivity Summary - Week Ending on 24 November 2021:

  • Red Sky Alliance identified 26,071 connections from new IP’s checking in with our Sinkholes
  • Analysts identified 2,849 new IP addresses participating in various Botnets
  • DigitalOcean in the Cross-Hairs Again
  • Magniber Ransomware
  • Ransomware Still #1
  • Attack Framework - Left to Right
  • Core to the Edge
  • Iran Cyber Bullies & Mahan Airlines
  • Asia Financial Targets
  • CBDC
  • Environmentalists Sharing the Brave New World

Link to full report: IR-21-328-001_weekl

9822278874?profile=RESIZE_400xCybersecurity threats, risks and challenges are often different depending on various international locations.  Cyber-attack targets vary based on local resources and means to exploit vulnerabilities.  Cyber criminals and nation-state attackers zero in on specific nations, companies and organizations for varying incentives.   Additionally, the COVID-19 pandemic amplified and intensified cybersecurity threats.  Since 2019, attackers have launch remote work-enabled attacks or social engineering att

9785763486?profile=RESIZE_400xRansomware has been a cyber security issue for the past several years and somewhat hits its peak - with the Colonial Pipeline ransomware attack.  Ransomware is defined as a form of malicious software that is designed to restrict users from accessing their computers or files stored on computers until they pay a ransom to cybercriminals.

Ransomware typically operates via the cryptovirology methods or using cryptography (encryption) to design powerful malicious software.  The software then uses sym

9785334474?profile=RESIZE_400xRobinhood was known for “Stealing from the Rich, and Giving to the Poor.”  Not so in the last two years.  For the second time Robinhood Markets Inc. has been attacked by cyber criminals.  Robinhood said personal information of about 7 million people, which is approximately a third of its customers, was compromised in a data breach last week.  The bad actors then demanded a ransom payment.  The intruder obtained email addresses of about 5 million people as well as full names for a separate group

9780417858?profile=RESIZE_400xDuring October 2021, the cyber sector celebrated the 18th year of the Cybersecurity Awareness Month, which was previously known as National Cybersecurity Awareness Month.  Under the slogan “Do Your Part #BeCyberSmart”, the Cybersecurity and Infrastructure Security Agency (CISA) together with the National Cyber Security Alliance (NCSA) each year encourage individuals and organizations to own their role in protecting cyberspace by emphasizing personal accountability and the importance of taking pr

9753300853?profile=RESIZE_400xCyber threat actors must hate children this year.  Ferrara Candy the company that makes Nerds, Laffy Taffy, Now and Laters, SweetTarts, Jaw Busters, Nips, Runts and Gobstoppers announced that it was hit with a ransomware attack just weeks before it prepares for one of its biggest holidays, Halloween. The Illinois-based company released a statement that on 09 October 2021, they "disrupted a ransomware attack" that encrypted some of their systems. 

"Upon discovery, we immediately responded to secu