In what may be a portent of things to come, researchers have discovered the first known malware sample in the wild that attempts to evade AI-powered security tools by essentially prompting them to halt their analysis. In its present form, the malware, which its author appears to have named "Skynet" in a nod to the sentient AI overlords in the Terminator franchise, does not work. Researchers at Check Point, who analyzed the sample after recently spotting it on VirusTotal, found the code to be ru
All Articles (2531)
Sort by
Most email users are now well aware of the scams and attacks that flood inboxes daily. Google has become so adept at identifying rogue messages that most are instantly filtered out before they reach customer accounts. However, it seems now is not the time to let our guard down. Hackers have recently executed a cyber-attack that bypasses Google's multi-factor authentication. This means that cyber criminals could gain full access to accounts without the owner ever realizing something is amiss.
US hospitals and essential infrastructure are reportedly on alert, anticipating Iran-backed cyberattacks in response to the US strikes on Iran's nuclear facilities. In the days since the 21 June strikes, the US power grid’s cyberthreat-sharing monitor has reportedly begun monitoring the dark web for signs of Iranian activity, and hospital executives have been briefed by the US Federal Bureau of Investigation (FBI).
While Iran and Israel are abiding by a shaky ceasefire agreement, experts have w
Major artificial intelligence platforms like ChatGPT, Gemini, Grok, and Claude could be willing to engage in extreme behaviors including blackmail, corporate espionage, and even letting people die to avoid being shut down. Those were the findings of a recent study from San Francisco AI firm Anthropic.
In the study, Anthropic stress-tested 16 leading AI models from multiple developers in hypothetical corporate environments to identify potentially risky behaviors from AI gents. In the study, AI
A phishing malware campaign, known as Shadow Vector, has been reported, targeting users in Colombia through malicious SVG files disguised as urgent court notifications. The campaign uses the MITRE ATT&CK technique known as SVG smuggling, where scalable vector graphics are used to embed or link malicious content. It begins with spear-phishing emails containing SVG attachments, which, when rendered in a browser, redirect victims to download payloads from public platforms like Bitbucket, Dropbox,
Israeli officials are urging citizens to disconnect internet-connected security cameras, warning that Iran may be exploiting them to gather real-time intelligence and adjust missile targeting.
Former Israeli cybersecurity official Refael Franco said in a public radio interview last week that Iranian actors have been attempting to access private surveillance systems in recent days to evaluate the impact of their strikes. “We know that in the past two or three days, the Iranians have been trying
"If you can't see the threat coming, you can't defend against it." The third-party risk management (TPRM) industry has a significant blind spot, and it's becoming increasingly problematic. While we concentrate on SOC reports, ISO certifications, and vendor questionnaires, cybercriminals are actively trading your vendors' stolen credentials, exploiting their vulnerabilities, and planning their next attacks, all in plain sight on the dark web.
The Underground Economy Your TPRM Program Overlooks
A pro-Israel group of hackers on 18 June drained more than $90 million from Iran’s largest cryptocurrency exchange but may have lost all of the proceeds from the heist in the process, according to several crypto tracking firms.
Coins like Bitcoin, Ethereum and Doge were sniped from digital wallets on Iranian exchange Nobitex, which has been linked to the Islamic Revolutionary Guard Corps. The IRGC is a branch of Iran’s military that has been labeled a terrorist organization by the US, United Ki
Almost half (44%) of mobile users report being exposed to scams and threats daily, with a majority concerned about losing important files and productivity loss as a result, according to Malwarebytes. The security vendor polled 1,300 adults in the US, UK, Austria, Germany, and Switzerland for its "Tap, Swipe, Scam" report. Although it focused on the personal impact of such threats, they’re having a growing impact on enterprise risk, given the large number of organizations that allow Bring Your
In the modern theatre of conflict, cyber warfare has emerged as a pivotal front, where states flex their technological prowess to assert dominance and counteract adversarial threats. Iran, a nation deeply entrenched in geopolitical struggles, finds itself as both a perpetrator and a target in this digital battleground. Recent cyber campaigns targeting Iran have sought to undermine its critical infrastructure, destabilize its economic systems, and disrupt its strategic ambitions. These operati
Cyberattacks are escalating in speed, volume, and sophistication. As organizations work to strengthen their defenses, adversaries target their weaknesses: employees susceptible to social engineering and systems lacking modern security controls. Once inside, they act within seconds, stealthily moving across networks to execute attacks.
Crowd Strike has recently provided its 2025 Global Threat Report to cyber professionals. Red Sky Alliance would like to share this excellent report, as it provid
Researchers at Sentinel Labs have shared another significant discovery and expert analysis. Red Sky Alliance has been following Sentinel Labs for a few years, and we think highly of their research and analysis. This report is eye-opening. The study below outlines threats that SentinelLABS observed and defended against in late 2024 and the first quarter of 2025. This report expands upon previous SentinelLABS research, which provides an overview of threats against cybersecurity vendors, includ
US legislators have introduced a new Healthcare Cybersecurity Bill to Congress, which is designed to expand the federal government’s role in preventing and responding to data breaches of Americans’ medical data. Congressman Jason Crow (D-CO) introduced the bipartisan legislation on June 10 as part of efforts to tackle surging healthcare data breaches in the US. In January 2025, it was reported that the personal and medical data records of 190 million US citizens were impacted by the Change Hea
Ransomware gangs have been exploiting a vulnerability in remote device control software SimpleHelp during a recent string of attacks, according to federal cybersecurity officials. The Cybersecurity and Infrastructure Security Agency (CISA) warned that CVE-2024-57727, a vulnerability affecting SimpleHelp’s widely-used remote access tools was exploited to “compromise customers of a utility billing software provider.” CISA declined to explain the timing of the advisory or what attacks it was refe
An overwhelming 98% of chief information security officers (CISOs) expect a surge in cyber-attacks over the next three years as organizations face an increasingly complex and artificial intelligence (AI)-driven digital threat landscape. This is according to new research conducted among 300 CISOs, chief information officers (CIOs), and senior IT professionals by CSC, the leading provider of enterprise-class domain and domain name system (DNS) security.
The report, “CISO Outlook 2025: Navigating
In May 2025, cybersecurity researchers at Cyfirma disclosed serious zero-day vulnerabilities in Versa Concerto, a prominent SD-WAN and SASE solution used by enterprises worldwide. Among these vulnerabilities, CVE-2025-34027 is particularly alarming due to its high severity and ease of exploitation. The flaw arises from a path-based authentication bypass in Concerto’s orchestration platform RESTful API, enabling attackers to gain administrative privileges and execute arbitrary commands remotely
China has plans to introduce tighter regulatory controls over Artificial Intelligence (AI) Data Centers, which could have significant effects on the cryptocurrency market, sending ripples through the technology markets. Such policies could impact the operational freedom of AI-driven companies and data processing hubs within the country. Chinese regulators informed major tech companies, including Alibaba, Tencent Holdings, ByteDance, and Baidu, that they would tighten control over the construct
There has been a 700% increase in cyber-attacks against Israel over the past two days when comparing to the time period before 12 June, cybersecurity firm Radware said on 15 June. The data indicate a "significant escalation in malicious network activity targeting Israeli infrastructure," the firm said. "The 700% surge in malicious activity within just two days stems from cyber retaliation operations by Iranian state actors and pro-Iranian hacker groups, including DDoS attacks, infiltration att
Cyber-attacks on businesses continue to escalate in 2025, with global organizations experiencing an average of 1,925 incidents per week in Q1, which is a 47% increase compared to the same period last year, according to new research from Check Point. The education sector was the hardest hit, with each institute facing an average of 4,484 weekly attacks. Government and telecommunications followed, with the latter recording the largest year-over-year spike at 94%. “The growing reliance on digita
One of America’s largest home and auto insurers has notified regulators and customers of a cybersecurity incident and related network outage. Fortune 500 business Erie Insurance employs over 7000 staff and 14,000 agents, with parent company Erie Indemnity Company posting revenue of close to $4bn last year. It currently boasts over six million active policies. However, the firm warned customers yesterday of an “ongoing network outage” related to a confirmed “information security event” which w
