us (25)

12984556089?profile=RESIZE_400xThe US Cybersecurity and Infrastructure Security Agency (CISA), Australian Signals Directorate Australian Cyber Security Centre (ASD ACSC) and other U.S. and international partners, co-sealed Detecting and Mitigating Active Directory Compromises. This guide informs organizations of recommended strategies to mitigate 17 common techniques used by adversaries and malicious actor to compromise Active Directory. 

The objective of malicious activity involving Active Directory is to escalate privileges

12975084482?profile=RESIZE_400xThe rise of deepfakes poses significant threats to elections, public figures, and the media.  Recent Insikt Group research highlights 82 deepfakes targeting public figures in 38 countries between July 2023 and July 2024. Deepfakes aimed at financial gain, election manipulation, character assassination, and spreading non-consensual pornography are on the rise.  To counter these risks, organizations must act swiftly, increase awareness, and implement advanced AI detection tools.

2024 Deepfakes and

12964378072?profile=RESIZE_400xIf the US ever goes to war with a major adversary, one of the first waves of cyberattacks will likely target infrastructure that rarely comes up in discussions about digital threats: railroads.  Americans understand that power, water and healthcare systems face constant and sometimes sophisticated hacks from foreign governments and criminal gangs.  But the US pays far less attention to vulnerabilities in its rail system, even though the consequences of stalled or crashed trains could be disastro

12676026299?profile=RESIZE_400xJuly 4th marks the anniversary of when Congress, comprised of delegates from the United States' original 13 colonies, signed the Declaration of Independence on 4 July 1776. The document declared the nation's independence from Great Britain.

Some research indicates that the original signers didn't even write their names on the official document until 2 August 1776.  In fact, it would take six months to acquire all 56 signatures.  Thomas McKean, a delegate from Delaware, was reportedly the last pe

12676007501?profile=RESIZE_400xThe US military recently launched a groundbreaking initiative to strengthen ties with the commercial space industry.  The aim is to integrate commercial equipment into military space operations, including satellites and other hardware. This would enhance cybersecurity for military satellites.  As space becomes more important to the world’s critical infrastructure, the risk increases that hostile nation states will deploy cyber-attacks on important satellites and other space infrastructure.  Targ

12673816255?profile=RESIZE_400xSpyware is malicious software engineered to covertly monitor and gather information from a user’s computer without their awareness or consent.  It can record activities like keystrokes, browsing behavior, and personal information, often transmitting this data to a third party for espionage or theft.

Researchers at FortiGuard Labs recently detected an attack exploiting the CVE-2021-40444 vulnerability in Microsoft Office.  This flaw allows attackers to execute malicious code via specially crafted

12663678484?profile=RESIZE_400xRed Sky Alliance often queries various critical infrastructure sectors and associated businesses.  This month our researchers took a quick look (snapshot) of the Steel Industry.  We used our CTAC analytical service to query various key words to the steel industry.  These type manufacturing key words are often used in Subject lines to lure and entice users in this sector business to open emails containing malicious attachments.  Red Sky Alliance is providing this list of steel related key words w

12402260857?profile=RESIZE_400xThe US House of Representatives has passed legislation that could lead to a nationwide ban on the popular video-sharing app TikTok, reigniting debates around data privacy, national security, and the limits of government oversight.  The bipartisan bill, named the Protecting Americans from Foreign Adversary Controlled Applications Act, requires the Chinese company ByteDance to divest its ownership of TikTok.  If it fails to do so, the app would be prohibited from operating in the United States, an

12369431501?profile=RESIZE_400xThe US FBI and US Department of Justice (DOJ) have used a court order to address vulnerabilities in thousands of internet-connected devices that are at the center of a Chinese hacking campaign.  The campaign is targeting sensitive US critical infrastructure, two US officials and a third source familiar with the matter reported to media.

The move is part of a broader, government-wide effort to blunt the impact of a persistent Chinese hacking effort that US officials fear could hinder any US milit

12309889482?profile=RESIZE_400xResearchers have tracked more activity by an influence campaign linked to Russia that spreads disinformation and propaganda in the US, Germany and Ukraine through a vast network of social media accounts and fake websites.

The campaign, attributed to the Russia-linked influence operation network called Doppelgänger, has been active since at least May 2022.  The US tech company Meta previously referred to Doppelgänger as the “largest” and “most aggressively persistent” malign network sponsored by

12258730486?profile=RESIZE_400xThe United States and United Arab Emirates (UAE) have finalized an agreement that sets out how the two countries will cooperate on cybersecurity and digital resilience.  The memorandum of understanding signed by the Treasury Department and the UAE’s Cyber Security Council calls for increased information sharing about digital threats to the financial sector; more staff training and visits; and “competency-building activities” like joint online exercises, according to the Treasury.[1]

“As cyber-at

12254122652?profile=RESIZE_400xA previously unknown government-backed hacking group is targeting organizations in the manufacturing, IT, and biomedical sectors across Taiwan, Vietnam, the US and an unnamed Pacific island, according to new research from Symantec.

Researchers are tracking the group under the name “Grayling” and said in a report released earlier this week that it is using custom-made malware as well as publicly available tools to attack its targets.  The attacks, which began in February and continued through May

12233589864?profile=RESIZE_400xThe National Student Clearinghouse (NSC) reported that nearly 900 colleges and universities across the US had data stolen during attacks by a Russia-based ransomware gang exploiting the popular MOVEit file-sharing tool.  The nonprofit manages educational reporting, data exchange, verification, and research services for 3,600 colleges and universities as well as 22,000 high schools.

In June of this year, the organization first confirmed that it was affected by exploitation of the tool, which was

12199423092?profile=RESIZE_400xChina has reiterated claims that last month's cybersecurity attack on a Wuhan facility was the work of US intelligence agencies, pointing to a "very complex" malware used in the incident.  The Wuhan Earthquake Monitoring Center on 26 July 2023 was reported to be the victim of an attack that appeared to originate from government-backed hackers in the US. The allegations state the attack targeted network equipment that collected seismic intensity data, which measured the magnitude of earthquakes a

12187442288?profile=RESIZE_400xNo, the current US presidential administration has not created a game show, but it has launched a competition offering millions of dollars in prize money for creating new artificial intelligence systems that can defend critical software from hackers.  Competitors vying for some of the $18.5 million in prize money will need to design novel AI systems that quickly find and fix software vulnerabilities in electric grids, subways or other key networks that could be exploited by hackers, a Biden admi

12095253876?profile=RESIZE_400xThere are several ways in which an organization may discover that it has been the victim of a cyberattack or that an unauthorized third party has gained a foothold within its information technology (IT) environment.  Perhaps most commonly, an organization’s own endpoint detection, network monitoring, and other technical security controls identify and quarantine malicious cyber activity and allow for an investigation into the nature and scope of the event.  In some rare occasions, an organization

10947006891?profile=RESIZE_400xA top US intelligence official on 12 January 2023 urged Congress to renew sweeping powers granted to American spy agencies to surveil and examine communications, saying they were critical to stopping terrorism, cyberattacks and other threats.  The remarks by an Army General - director of the National Security Agency, opened what’s expected to be a contentious debate over provisions of the Foreign Intelligence Surveillance Act that expire at year’s end.  The bipartisan consensus in favor of expan

10893599672?profile=RESIZE_400xWith women’s rights at issue, hackers have disrupted the works of Iran’s Fars news agency, one of the main sources of news disseminated by the state during protests over Mahsa Amini's death, the agency reported.  Iran has been shaken by numerous in country and international protests since Amini’s death while in custody on 16 September after her arrest for an alleged breach of the country's dress code for women.  Iran’s first protests focused on the state-mandated hijab, or headscarf, for women,

10806673666?profile=RESIZE_400xThe US National Security Agency’s No. 2 official said on 7 September that the US still outpaces foreign adversaries when it comes to cybersecurity and technology thanks to the country’s “open society.”  The US and its democratic allies “enjoy things that cannot be replicated easily in autocratic societies,” the NSA’s deputy director, said during the Billington Cybersecurity Summit in Washington, DC.[1] 

“The grist of that is innovation.  Innovation sparks creativity and solutions.  That puts us

10586267683?profile=RESIZE_400xA Russian official threatened the West on 08 June 2022, asserting that a “direct military clash” could result if Western governments continue to mount cyberattacks against its infrastructure.  “The militarization of the information space by the West and attempts to turn it into an arena of interstate confrontation, have greatly increased the threat of a direct military clash with unpredictable consequences,” the Russian foreign ministry’s head of international information security said in a stat