Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments. Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associated
All Articles (1926)
Sort by
In the face of unrelenting pressure from significant cyber incidents and regulatory action to mitigate them, enterprises are assessing whether they are doing enough to deal with cybersecurity. Public companies are evaluating responses to new SEC rules calling for disclosures regarding cybersecurity strategy, risk management, and governance practices. The SEC’s action against Solar Winds is setting off alarm bells throughout the cybersecurity community, causing CISOs to worry about personal lia
Meta recently released a new standalone AI image generator. The tech is based on its Emu image synthesis and the way it all works might surprise you. Consider this with Meta AI already built into the Meta apps like Messenger and Instagram. It is now available in a browser window and is quite impressive. The only catch is that users are the ones supplying the source images.[1]
Meta scrapes all of our social media feeds to the tune of about one billion images, according to Ars Technica. The A
A new wave of phishing messages distributing the QakBot malware has been observed, more than three months after a law enforcement effort saw its infrastructure dismantled by infiltrating its Command-and-Control (C2) network. Microsoft investigators who made the discovery, described it as a low-volume campaign that began on 11 December 2023, and targeted the hospitality industry. Targets received a PDF from a user masquerading as an IRS employee," the investigators posted in a series of posts
The DNA testing company 23andMe was served with a class action lawsuit in California after cyber thieves gained access to personal data for at least a million clients. The lawsuit claims the popular DNA company “intentionally, willfully, recklessly, or negligently” failed to implement adequate safety measures to protect its customers whose birth year, location and ancestry trees were exposed during the attack. “On no later than 6 October 2023, unauthorized third-party cybercriminals gained acce
An Israeli-linked hacker group claims to have carried out a major cyber-attack on Iranian petrol stations, knocking 70% of them offline on 18 December. Predatory Sparrow, or “Gonjeshke Darande” in Persian, said it launched the “controlled” attack in response to “aggression” by the Islamic Republic and its proxies in the region. “This cyber attack was carried out in a controlled manner to avoid potential damage to emergency services,” the group said.
Addressing Iran’s Ayatollah Ali Khamenei, th
Cisco's Talos security researchers report that the North Korea-linked hacking group Lazarus has been observed deploying Dlang malware in attacks against organizations in the manufacturing, agriculture, and physical security sectors. Released in 2001, Dlang, or simply D, is a multi-paradigm system programming language built upon the idea of C++ but drawing inspiration from C#, Eiffel, Java, Python, Ruby, and other high-level languages. Dlang is considered an uncommon programming language for m
At its most basic, the term “auto fill” refers to a feature or set of features that enables users to insert previously entered information into web pages. Depending on the specific application being used, this can be any sort of information like names and address, moving all the way up to information that needs more protection such as credit card numbers and username/password combinations.
On Android devices, it is often the case that an application will display a login form by using what’s cal
Microsoft’s spokesman announced on 13 December 2023 the disruption of Storm-1152, a Cybercrime-as-a-Service (CaaS) ecosystem that created 750 million fraudulent Microsoft accounts supporting phishing, identity theft, and other schemes. The CaaS is believed to have made millions of dollars in illicit revenue by creating fraudulent accounts for other cybercrime groups to use in phishing, spam, ransomware, Distributed Denial-of-service (DDoS), and other types of attacks.
See: https://redskyallian
Tis the season for shopping. While shopping predictions and forecasts for the holiday season vary among experts, the consensus is that organized retail crime (ORC) continues to increase. According to the National Retail Federation’s 2022 Retail Security Survey, 35.9% of retailers reported that ORC offenders were much more violent than in 2021. It can be alarming for staff and customers to witness acts of aggression in stores, including yelling at store staff, shoving staff or customers, making
In the US, the Federal Bureau of Investigation (FBI) has issued guidance regarding the data breach reporting requirements of the US Securities and Exchange Commission (SEC), providing useful information on how disclosures can be delayed. The SEC announced in late July that it had adopted new cybersecurity incident disclosure rules for public companies, requiring them to disclose, through a Form 8-K filing, any material breach within four business days. The rules are set to go into effect on 18
The statistics are sobering: 61% of CISOs (and 53% of CEOs) think that their organization is unprepared to cope with a targeted cyberattack in the next 12 months. With mobile devices now making up a large part—even the majority—of the device estate, mobile security is more important than ever. Those managing security must protect a growing number and diversity of endpoints. Increasingly, those endpoints are mobile or using mobile connectivity. Bring-your-own-device (BYOD) policies, hybrid wo
Ransomware isn’t new, yet organizations still struggle to guard against this threat. According to the Fortinet 2023 Global Ransomware Report, in 12 months, two-thirds of organizations were targeted by ransomware, with half of those falling victim to an attack. As attackers advance their tactics, security and IT leaders must prepare for the inevitability of a ransomware attack. It is no longer a matter of “if” a business will be breached but “when.” Along with business leaders, those in the C
The North Korea-linked threat actor known as the Lazarus Group has been attributed to a new global campaign that involves the opportunistic exploitation of security flaws in Log4j to deploy previously undocumented remote access trojans (RATs) on compromised hosts. Investigators are tracking the activity under the name Operation Blacksmith, noting the use of three DLang-based malware families, including a RAT called NineRAT that leverages Telegram for command-and-control (C2), DLRAT, and a downl
This past October, Apache issued a critical advisory addressing CVE-2023-46604, a vulnerability involving the deserialization of untrusted data in Apache. On 2 November, the Cybersecurity and Infrastructure Security Agency (CISA) added CVE-2023-46604 to its known exploited list, KEV Catalog, indicating this vulnerability's high risk and impact. Fortiguard Labs also released an outbreak alert and a threat signal report about the active exploitation of CVE-2023-46604, providing more details and
Hacktivist group Killnet rose to prominence in 2022. After the launch of SVO, it openly sided with Russia. It carried out high-profile DDoS attacks against significant targets such as the US Federal Tax Service, the European Union’s banking systems SWIFT, and the American arms company Lockheed IBAN. Martin et al. At the same time, little was known for a long time about the identity of its leader, hacker Killmilk. In the public sphere, he formed the image of a great patriot of the Russian Feder
The reliability and security of the power grid have become increasingly important topics in recent years. With the dependence on electricity growing and new threats emerging, it is crucial to ensure that our lights stay on, especially for critical infrastructure like the military. This article explores the risks the power grid faces and the potential consequences if it were compromised.
Research and Reporting: According to industry experts, the power grid is vulnerable to both physical and cy
The year 2023 has been marked by significant cyber turbulence in the space sector. The aftermath of the 2023 KA-SAT attack has fundamentally altered the world’s collective perception of cyber risk and the corresponding implications for space. In addition, 2023 has heralded a surge in the scope and scale of cyber targeting, a bevy of emerging trends and the introduction of new threat actors operating within the space industry. Without question, from 2022 to 2023, the frequency of cyber campaign
Just three months after the National Credit Union Administration (NCUA) put into place a final rule requiring federally chartered and federally insured credit unions to notify NCUA of a "reportable cyber incident," about 60 credit unions in the United States experienced outages because of a ransomware attack on an IT provider the institutions use, according to a US federal agency. The final NCUA rule went into effect on 01 September 2023, requiring that affected credit unions should notify the
Terrorism, both foreign and domestic, remains a top threat to the Homeland, but other threats are increasingly crowding the threat space. During the next year, we assess that the threat of violence from individuals radicalized in the United States will remain high, but largely unchanged, marked by lone offenders or small group attacks that occur with little warning. Foreign terrorist groups like al-Qa’ida and ISIS are seeking to rebuild overseas, and they maintain worldwide networks of support
