redxray (16)

7224994052?profile=RESIZE_400xMilitary patrols working outside their forward operating bases (FOB) are categorized as “working outside the wire.”  This is often where reconnaissance patrols and military intelligence officers collect and gather valuable military intelligence to provide back to its unit, base, and section commanders to use in future proactive combat operations.  This is no different from what RedXray does in cyber security.  RedXray collects and analyzes indicators of compromise (IOCs) to help customers identi

6441370273?profile=RESIZE_400xMany auto dealerships are strongly promoting the safety of customers and employees.  This in the wake of the COVID-19 pandemic.  That is why the many international dealerships are taking safety protocols seriously.  Shields are up in the reception area, employees are wearing face coverings and social distancing, and disposable seat, wheel and shifter covers have been placed in all vehicles.  In addition, many are establishing vigorous test drive cleaning protocol and hourly and nightly cleaning

6440209290?profile=RESIZE_400xThere will be no let-up in ransomware attacks, as it has proven to such a profitable business model of cybercriminals.  The cybersecurity landscape is evolving, and many businesses do not understand how to keep their defenses ahead of the attackers.  While major corporations can spend as much as $1 billion a year, many small companies may not have the budget to hire a cybersecurity vendor to help them keep up with all the technology available needed to deter hackers.  The loss of just a few thou

6014420079?profile=RESIZE_400xMaze Ransomware hackers, previously known in the hacker community as “ChaCha Ransomware,” was discovered on 29 May 2020 by Jerome Segura, a malware intelligence officer.  The main goal of ransomware is to encrypt all files in an infected system and subsequently demand a ransom to recover the files.  The threat actor who took credit for compromising an insurance giant , seems to continue its attacking spree with full intensity.  It is currently targeting the aerospace sector, specifically mainten

5769575663?profile=RESIZE_400xAs cyberattacks rise, so does the call by business leaders and shareholders to be ready to respond to a cyber incident.  Cyber insurance and a solid Incident Response plan are two critical components to make your company resilient.

Cyber attorney Shawn Tuma says one of these things is likely to influence the other, which surprises many organizations and may surprise you.  Tuma is Co-Chair of the Data Privacy and Cybersecurity Practice at law firm Spencer Fane, www.spencerfane.com.

Tuma explains

5477493874?profile=RESIZE_400xBy Mac McKee – Red Sky Alliance (photo by protonmail)

There is a common misconception among small and midsize businesses (SMBs) that hackers target only large organizations.  Unfortunately, this belief is completely inaccurate.  According to the most recent Verizon Data Breach Investigations Report, more than 70 percent of cyberattacks target small businesses.  Additionally, many attacks are now shifting to target managed service providers (MSPs), specifically because breaching an MSP can give h

5367243875?profile=RESIZE_400xWhen my grandfather wanted to make a point, he would make it into a story to hold my attention.  Here is a tale for you.   Imagine that you recently acquired a nice inheritance from your favorite Aunt Nellie.  A great home out in the country is brought to your attention and up for sale, so you decide to buy it.  Ah, life is good.  As you start getting comfortable in your new house, you decide to bring your priceless art collection, that Aunt Nellie willed to you, to show off your collection of w

4962311081?profile=RESIZE_400xA US federal executive order was issued on 1 May 2020 which proposes to “monitor and replace” any US power grid equipment made by its foreign adversaries.  Security professional said it would mainly affect Chinese-made products like electrical transformers.  The US Department of Energy (DOE) stated under the current US procurement rules, contracts are awarded to the lowest bidder when it comes to bulk power system procurement.  That creates a "vulnerability that can be exploited by those with ma

4593932493?profile=RESIZE_400xConsolidation of maritime container carriers is showing profit, as seen in the capacity to calm freight rates during this extraordinary economic punch due to the world-wide Corona Virus pandemic.  This is “fundamentally different” from past shipping calamities when decimated demand always led to a collapse in prices for container shipment, as recently reported by Sea-Intelligence.[1]  “The consolidation of the past 20 years seems to finally pay off, in having created the possibility to mitigate

4179539010?profile=RESIZE_710xTwo week ago, T-Mobile announced it experienced a data breach which was caused by an email vendor being hacked and exposed the personal and financial information for some of its customers.

In early February 2020, our Red Sky Alliance RedXray service, which is cyber threat notification service that simplifies monitoring for organizations and supply chains, provided our collection and analysis to T-Mobile, regarding our discovered cyber threats (knowns as “hits”) in our proprietary collections....

4057063184?profile=RESIZE_710xRemember Mad magazine’s spokesman, Alfred E. Newman and his catch phrase, “What me Worry?’  This attitude is has taken root in many organizations’ views of cybersecurity and shows little improvement.  Cyber security experts estimate that only one in three small medium sized businesses (SMB) and small municipalities, with 50 or fewer employees rely on free or consumer-grade cybersecurity products.  Additional research indicated that one in five companies do not use any endpoint security either. A

Our Red Sky Alliance analyst team uses Cisco Meraki and RedXray-Plus for our VIP client protection.  For numerous reasons, prospective clients often confuse the RedXray threat intelligence feed with an Intrusion Detection System (IDS; alerting/monitoring) or Intrusion Prevention System (IPS; blocking/preventing).

The Meraki device is different from RedXray service in several ways.  The Meraki is limited because it uses generic Sourcefire Snort rules and does not allow for the creation/use of cus

3865353138?profile=RESIZE_710xRansomware attacks have matured over the years, adopting more stealthy and sophisticated techniques, while at the same time fixing many of the implementation errors that earlier iterations had.  Many attacks are now gaining a new data leak component, which exposes companies to more than the traditional data loss associated with ransomware.  The trends observed by researchers over the past year indicate that these attacks are not going away and are likely to increase in frequency.  With the adven

3841674407?profile=RESIZE_710x

 

As of January 1, 2020, California became the first state to permit residents whose personal information is exposed in a data breach to seek statutory damages in amounts ranging from $100-$750 per incident, even in the absence of any actual harm, with the passage of the California Consumer Privacy Act (“CCPA”).  The class actions that follow are not likely to be limited to California residents, but will also include non-California residents pursuing claims under common law theories.  At Red Sk

3838028473?profile=RESIZE_710xIt is getting more expensive for organizations that are victims of ransomware attacks to recover.  The average cost more than doubled in the final quarter of 2019.  According to a recent report, an average total cost of negotiation, remediation and ransom payment is $84,116.  This amount is almost double the previous figure of $41,198.

This increase is not only the result of cybercriminals demanding higher ransom amounts, but the increase in the number of victims who are willing to pay the ranso

3768494995?profile=RESIZE_710xSummary

RedXray is cyber threat notification service that simplifies monitoring for organizations and supply chains.  

In 2016, the World Anti-Doping Agency (WADA) commissioned an investigation into reports that the Russian government was sponsoring blood doping of Russian Athletes. Cybersecurity analysts worldwide witnessed cyber-attacks originating from the GRU-linked APT28, better known as “Fancy Bear,” aimed at anti-doping agencies such as the WADA. These attacks were carried out against age