tor (7)

12437645853?profile=RESIZE_400xKageNoHitobito ransomware samples became available in late March 2024.  As with most ransomware, this ransomware encrypts files on victims' machines and demands a ransom to decrypt them through dropped ransom notes. Although the group uses TOR to communicate with its victims, a data leak site is unavailable as it does not claim to have stolen any victims' information.

Infection Vector/Victimology - Information on the infection vector used by the KageNoHitobito ransomware threat actor is unavaila

12271509879?profile=RESIZE_400xThe RagnarLocker ransomware’s infrastructure and the website the group used for shaming victims were taken down this week as part of a coordinated law enforcement effort.  Active since 2020, RagnarLocker has been involved in numerous attacks, with at least 52 entities across 10 critical infrastructure sectors falling victims to this ransomware family, according to data from the Federal Bureau of Investigation (FBI).


Unlike other

10906606696?profile=RESIZE_400xMalware is nothing more that burglary tools.  Cyber researchers have recently shed light on a Dark web marketplace called “In the Box” that is designed to specifically cater to mobile malware operators.  The actor behind the criminal storefront, believed to be available since at least January 2020, has been offering over 400 custom web injects grouped by geography that can be purchased by other adversaries looking to mount attacks of their own.  The automation allows other bad actors to create o

10879113465?profile=RESIZE_400xThe internet opened the door to a realm of possibilities that permanently changed the business and social landscape and our personal lives.  Most users are no longer restricted to dial-up; many of us now consider access to a stable internet connection as a critical aspect of our daily lives. We pay our bills online, check our bank statements, communicate via email, and maintain a presence on social media.  Many users rely on the web for work and entertainment, and seeking out information through

10818501281?profile=RESIZE_400xAccording to a recent report, cyber threat intelligence professionals believe they could not find private data leaked from their organizations on the dark web.  Most security professionals in US organizations are concerned about threats from the dark web, a large portion still do not take risks from the criminal underground seriously.  A recent survey shows that a third of people responsible for managing cyber vulnerabilities in their day-to-day work say they are not very concerned about threats

10084484464?profile=RESIZE_180x180Red Sky Alliance has been building our dark web data collection since late January 2021. With it, we are able to make dark web content available without the need for analysts to touch the dark web to visit Tor .onion sites. To date, we have over 1.3 million data points on over 75 sites and we are adding new sites regulary. The dark web sites that we collect from evolves over time as new sites come and older sites shut down, but we maintain a historical record of those decommissioned sites. Lastl


What is RedPane?

RedPane is a dark web search engine tool that has been developed by Red Sky Alliance since late January 2021. With RedPane we are able to make dark web content available without the need for analysts to touch the dark web to visit Tor .onion sites. To date, we have over 300,000 data points on over 50 sites and we are adding new sites weekly.

With RedPane we have developed custom processes to capture text data from dark web sites that we designate, parse that information into a for