X-Industry

The head of Russia’s space agency has extended an offer to Moscow’s partners in the BRICS group Brazil, India, China, and South Africa to participate in constructing a joint module for its planned orbital space station, state media reported on 24 July 2023.

See: https://redskyalliance.org/xindustry/the-brics

Construction of the planned space station follows Moscow’s decision last year to end its decades-long partnership with NASA and withdraw from the aging International Space Station, one of th

Submarine cables, the backbone network of the global economy and telecommunications, are operating in an increasingly risky environment and are prone to geopolitical, physical, and cyber threats, including nation-state sabotage and spying.  Fiber-optic submarine cables on the ocean floor transmit an estimated 99% of all intercontinental internet traffic and communications, including roughly $10 trillion of financial transactions daily and sensitive government and military communication, making t

The US Department of Energy and several other federal agencies were compromised in a Russian cyber-extortion gang’s global hack of a file-transfer program popular with corporations and governments. Still, the impact was not expected to be great, Homeland Security officials said on 15 June 2023.  But for others, among what could be hundreds of victims from industry to higher education, including patrons of at least two state motor vehicle agencies, the hack was beginning to show some serious impa

Free speech and digital privacy appear to be key components left out of a United Nations (UN) Cybercrime Treaty being proposed, primarily by Russia.  To say the cybersecurity community is skeptical would be an understatement.  "The UN Cybercrime Treaty, to the extent it gets adopted, is expected to define global norms for lawful surveillance and legal processes available to investigate and prosecute cybercriminals," reports The Register in a special report.  "And what has emerged so far contempl

Note: this Recorded Future Ransomware Tracker is updated on the second Sunday of each month to stay current.  The number of victims posted on ransomware extortion sites increased in May, with ransomware gangs publicly claiming more than 400 attacks in a month for the second time this year. 

The uptick was fueled in large part by the Russia-linked LockBit ransomware group, which posted 74 victims to its extortion site in May.  The group has become far and away the most active ransomware gang, wit

"There's a sucker born every minute" is a phrase closely associated with PT Barnum, an American showman of the mid-19th century, although there is no evidence that he said it.  Early examples of its use are among gamblers and confidence tricksters of the era.  A previously undetected cryptocurrency scam has leveraged over 1,000 fraudulent websites to ensnare users into a bogus rewards scheme since at least January 2021.

This massive campaign has likely resulted in thousands of people being scamm

Mark Twain once said, “It ain’t what you don’t know that gets you into trouble. It’s what you know for sure that just ain’t so.” Twain's quote provides two key lessons: first, why double negatives in a sentence are a terrible idea, and second, how assumptions can lead one into trouble. Assumptions affect all levels of decision-making; however, when national leaders make assumptions, trouble can rapidly escalate to chaos and turmoil.

Russian President Vladimir Putin and his military suffered fro

British Airways; Boots, a British health/beauty retailer and pharmacy chain; and the BBC are investigating the potential theft of personal details of staff after the companies were hit by a cyber-attack attributed to a Russia-linked criminal gang.   British Airways (BA) confirmed it was one of the companies affected by the hack, which targeted software called MOVEit used by Zellis, a payroll provider.  “We have been informed that we are one of the companies impacted by Zellis’s cybersecurity inc

Researchers have uncovered malware designed to disrupt electric power transmission that may have been used by the Russian government in training exercises for creating or responding to cyberattacks on electric grids.

Known as CosmicEnergy, the malware has capabilities that are comparable to those found in malware known as Industroyer and Industroyer2, both of which have been widely attributed by researchers to Sandworm, the name of one of Russia’s most skilled and cutthroat hacking groups.  Sand

Several Polish media and news websites were hit by distributed denial-of-service (DDoS) attacks that the government said could be the action of Russian hacking groups, the digitalization minister was quoted as saying on 18 May.  Warsaw has positioned itself as one of Ukraine's staunchest allies since Russia invaded the country, and Poland says it frequently faces Russian attempts to destabilize the situation in the country.  Moscow has consistently denied that it carries out hacking operations.

The Snake implant is considered the most sophisticated cyber espionage tool designed and used by Center 16 of Russia’s Federal Security Service (FSB) for long-term intelligence collection on sensitive targets.  To conduct operations using this tool, the FSB created a covert peer-to-peer (P2P) network of numerous Snake-infected computers worldwide.  Many systems in this P2P network serve as relay nodes that route disguised operational traffic to and from Snake implants on the FSB’s ultimate targe

Ransomware, which was a novelty just a few years ago, is now endemic.  We will have to learn to live with the malicious file-encrypting code, even as we all struggle to limit it.  Why this matters: Ransomware attacks, which take an organization's data hostage and shut down its systems until the hackers receive payment, have exacted an escalating price on law enforcement, policymaking and financial resources around the world.

Ransomware remains the top cyber threat on the minds of cyber defenders

Companies in Finland are increasingly the target of cyber-attacks, Finnish authorities said last week.  Firms are reporting an uptick in cyber-attacks, the Finnish Transport and Communications Agency (Traficom[1]) and the Finnish Security and Intelligence Service (SUPO[2]) said in a joint press conference.  But despite the greater frequency of corporate cyber-attacks, the agencies said an event that could paralyze systems in Finland was highly unlikely.

The SUPO chief reported that Russia is inc

In the era of cyber wars, AI, and drones, wars are still being fought with 20th-century weapons that require massive amounts of ammunition.  Russia is sending a delegation to North Korea to offer food in exchange for weapons, US national security spokesman.  He said any arms deal between North Korea and Russia would violate UN Security Council resolutions.  The US has previously accused North Korea of supplying arms to the Russian military in Ukraine and the Wagner group of Russian mercenaries.

An inconspicuous office is in Moscow’s north-eastern suburbs.  A sign reads: “Business Centre.”  Nearby are modern residential blocks and a rambling old cemetery, home to ivy-covered war memorials.  The area is where Peter the Great once trained his mighty army.  Inside the six-story building, a new generation is helping Russian military operations.  Its weapons are more advanced than those of Peter the Great’s era, not pikes and halberds, but hacking and disinformation tools.[1]

The software en

A new hacking group is targeting European countries and organizations in an espionage campaign that began in June 2022, according to new research.  Cisco’s Talos cybersecurity team calls the new group “YoroTrooper” and said it has already successfully compromised accounts connected to a “critical” European Union healthcare agency and the World Intellectual Property Organization (WIPO).  The researchers also found that it attacked several embassies.  “Our assessment is that the operators of this

An information and hacking campaign, called Ghostwriter, with links to a foreign state has potentially had a "significant cumulative impact" over many years, according to a report from Cardiff University.  The findings, from the Security, Crime and Intelligence Innovation Institute, provide the most comprehensive picture to date of the activities of the so-called Ghostwriter campaign.

Tracking its evolving activities via open-source data, the report demonstrates how it has impersonated multiple

The Russian hacking group known as 'Nodaria' (UAC-0056) is using a new information-stealing malware called 'Graphiron' to steal data from Ukrainian organizations.  The Go-based malware can harvest a wide range of information, including account credentials, system, and app data.  The malware will also capture screenshots and exfiltrate files from compromised machines.  Symantec's threat research team discovered that Nodaria has been using Graphiron in attacks since at least October 2022 through m

A pro-Russian hacking group is claiming responsibility for cyber-attacks on several hospitals in the United States.  The attack came just days after the Federal Bureau of Investigation (FBI) said it took down a ransomware group that was also targeting hospitals in what was called “The Hive” attack.

The US Attorney General says they’ve seen how cyber-attacks on medical facilities can be very disruptive.  “The Hive ransomware attack was able to prevent the hospital from accepting new patients,” th

According to trusted government sources, there is an increasing focus on US Cyber Command (CYBERCOM) to try and replicate the ability of the US Special Operations Command (SOCOM), the unified combatant command with the mission of overseeing the elements of the special operations in the US Armed Services to bring capabilities directly into the battlespace.  At a recent meeting, the chief of CYBEROM is quoted as saying that the command is “trying to build our authorities much in the same way Speci