The Five Eyes are the intelligence agencies of the UK, US, Canada, New Zealand, and Australian governments. This group has launched a new program designed to help their tech startups improve baseline cybersecurity measures in the face of escalating state-backed threats. Secure Innovation was originally a UK initiative run by GCHQ’s National Cyber Security Centre (NCSC) and MI5’s National Protective Security Authority (NPSA). However, it has now been adopted and promoted by all Five Eyes intellig
us (26)
The US Cybersecurity and Infrastructure Security Agency (CISA), Australian Signals Directorate Australian Cyber Security Centre (ASD ACSC) and other U.S. and international partners, co-sealed Detecting and Mitigating Active Directory Compromises. This guide informs organizations of recommended strategies to mitigate 17 common techniques used by adversaries and malicious actor to compromise Active Directory.
The objective of malicious activity involving Active Directory is to escalate privileges
The rise of deepfakes poses significant threats to elections, public figures, and the media. Recent Insikt Group research highlights 82 deepfakes targeting public figures in 38 countries between July 2023 and July 2024. Deepfakes aimed at financial gain, election manipulation, character assassination, and spreading non-consensual pornography are on the rise. To counter these risks, organizations must act swiftly, increase awareness, and implement advanced AI detection tools.
2024 Deepfakes and
If the US ever goes to war with a major adversary, one of the first waves of cyberattacks will likely target infrastructure that rarely comes up in discussions about digital threats: railroads. Americans understand that power, water and healthcare systems face constant and sometimes sophisticated hacks from foreign governments and criminal gangs. But the US pays far less attention to vulnerabilities in its rail system, even though the consequences of stalled or crashed trains could be disastro
July 4th marks the anniversary of when Congress, comprised of delegates from the United States' original 13 colonies, signed the Declaration of Independence on 4 July 1776. The document declared the nation's independence from Great Britain.
Some research indicates that the original signers didn't even write their names on the official document until 2 August 1776. In fact, it would take six months to acquire all 56 signatures. Thomas McKean, a delegate from Delaware, was reportedly the last pe
The US military recently launched a groundbreaking initiative to strengthen ties with the commercial space industry. The aim is to integrate commercial equipment into military space operations, including satellites and other hardware. This would enhance cybersecurity for military satellites. As space becomes more important to the world’s critical infrastructure, the risk increases that hostile nation states will deploy cyber-attacks on important satellites and other space infrastructure. Targ
Spyware is malicious software engineered to covertly monitor and gather information from a user’s computer without their awareness or consent. It can record activities like keystrokes, browsing behavior, and personal information, often transmitting this data to a third party for espionage or theft.
Researchers at FortiGuard Labs recently detected an attack exploiting the CVE-2021-40444 vulnerability in Microsoft Office. This flaw allows attackers to execute malicious code via specially crafted
Red Sky Alliance often queries various critical infrastructure sectors and associated businesses. This month our researchers took a quick look (snapshot) of the Steel Industry. We used our CTAC analytical service to query various key words to the steel industry. These type manufacturing key words are often used in Subject lines to lure and entice users in this sector business to open emails containing malicious attachments. Red Sky Alliance is providing this list of steel related key words w
The US House of Representatives has passed legislation that could lead to a nationwide ban on the popular video-sharing app TikTok, reigniting debates around data privacy, national security, and the limits of government oversight. The bipartisan bill, named the Protecting Americans from Foreign Adversary Controlled Applications Act, requires the Chinese company ByteDance to divest its ownership of TikTok. If it fails to do so, the app would be prohibited from operating in the United States, an
The US FBI and US Department of Justice (DOJ) have used a court order to address vulnerabilities in thousands of internet-connected devices that are at the center of a Chinese hacking campaign. The campaign is targeting sensitive US critical infrastructure, two US officials and a third source familiar with the matter reported to media.
The move is part of a broader, government-wide effort to blunt the impact of a persistent Chinese hacking effort that US officials fear could hinder any US milit
Researchers have tracked more activity by an influence campaign linked to Russia that spreads disinformation and propaganda in the US, Germany and Ukraine through a vast network of social media accounts and fake websites.
The campaign, attributed to the Russia-linked influence operation network called Doppelgänger, has been active since at least May 2022. The US tech company Meta previously referred to Doppelgänger as the “largest” and “most aggressively persistent” malign network sponsored by
The United States and United Arab Emirates (UAE) have finalized an agreement that sets out how the two countries will cooperate on cybersecurity and digital resilience. The memorandum of understanding signed by the Treasury Department and the UAE’s Cyber Security Council calls for increased information sharing about digital threats to the financial sector; more staff training and visits; and “competency-building activities” like joint online exercises, according to the Treasury.[1]
“As cyber-at
A previously unknown government-backed hacking group is targeting organizations in the manufacturing, IT, and biomedical sectors across Taiwan, Vietnam, the US and an unnamed Pacific island, according to new research from Symantec.
Researchers are tracking the group under the name “Grayling” and said in a report released earlier this week that it is using custom-made malware as well as publicly available tools to attack its targets. The attacks, which began in February and continued through May
The National Student Clearinghouse (NSC) reported that nearly 900 colleges and universities across the US had data stolen during attacks by a Russia-based ransomware gang exploiting the popular MOVEit file-sharing tool. The nonprofit manages educational reporting, data exchange, verification, and research services for 3,600 colleges and universities as well as 22,000 high schools.
In June of this year, the organization first confirmed that it was affected by exploitation of the tool, which was
China has reiterated claims that last month's cybersecurity attack on a Wuhan facility was the work of US intelligence agencies, pointing to a "very complex" malware used in the incident. The Wuhan Earthquake Monitoring Center on 26 July 2023 was reported to be the victim of an attack that appeared to originate from government-backed hackers in the US. The allegations state the attack targeted network equipment that collected seismic intensity data, which measured the magnitude of earthquakes a
No, the current US presidential administration has not created a game show, but it has launched a competition offering millions of dollars in prize money for creating new artificial intelligence systems that can defend critical software from hackers. Competitors vying for some of the $18.5 million in prize money will need to design novel AI systems that quickly find and fix software vulnerabilities in electric grids, subways or other key networks that could be exploited by hackers, a Biden admi
There are several ways in which an organization may discover that it has been the victim of a cyberattack or that an unauthorized third party has gained a foothold within its information technology (IT) environment. Perhaps most commonly, an organization’s own endpoint detection, network monitoring, and other technical security controls identify and quarantine malicious cyber activity and allow for an investigation into the nature and scope of the event. In some rare occasions, an organization
A top US intelligence official on 12 January 2023 urged Congress to renew sweeping powers granted to American spy agencies to surveil and examine communications, saying they were critical to stopping terrorism, cyberattacks and other threats. The remarks by an Army General - director of the National Security Agency, opened what’s expected to be a contentious debate over provisions of the Foreign Intelligence Surveillance Act that expire at year’s end. The bipartisan consensus in favor of expan
With women’s rights at issue, hackers have disrupted the works of Iran’s Fars news agency, one of the main sources of news disseminated by the state during protests over Mahsa Amini's death, the agency reported. Iran has been shaken by numerous in country and international protests since Amini’s death while in custody on 16 September after her arrest for an alleged breach of the country's dress code for women. Iran’s first protests focused on the state-mandated hijab, or headscarf, for women,
The US National Security Agency’s No. 2 official said on 7 September that the US still outpaces foreign adversaries when it comes to cybersecurity and technology thanks to the country’s “open society.” The US and its democratic allies “enjoy things that cannot be replicated easily in autocratic societies,” the NSA’s deputy director, said during the Billington Cybersecurity Summit in Washington, DC.[1]
“The grist of that is innovation. Innovation sparks creativity and solutions. That puts us
