All Articles (2539)

Sort by

8656726075?profile=RESIZE_400xA critical vulnerability identified in The Plus Addons for Elementor WordPress plugin could be exploited to gain administrative privileges to a website. This is bad news for Wordpress websites and this vulnerability was disclosed 8 March 2021. The zero-day has been exploited in the wild, the Wordfence team at WordPress security company Defiant warns.  With more than 30,000 installations to date, The Plus Addons for Elementor is a premium plugin that has been designed to add several widgets to be

8653519287?profile=RESIZE_400xAs if Kia Motors doesn’t have enough to worry about, now this.  Last Friday, Red Sky Alliance reported on Kia Motors of America was hit by the DopplePaymer malware, causing havoc at dealerships in the US and Canada.[1]  Now Kia has been forced to recall nearly 380,000 if its vehicles due to a potential fire risk hazard.  The Korean automaker said in an advisory posted Tuesday by the US National Highway Traffic Safety Administration (NHTSA) that it is recalling certain 2017 through 2021 Sportage

8653452493?profile=RESIZE_400x“No entiendo como se comprometió España.”  Responder en Inglés, “well my friends, no one is immune to cyber-attacks - no one.”  Spain’s State Public Employment Service (SEPE), which coordinates unemployment benefits and ERTE throughout Spain, has been the victim of a cyberattack that has crippled its electronic and face-to-face appointment-setting services and other procedures.[1]  A government Spanish spokesman said, “At the moment it is not possible to access the website”, with the Central Tra

8652853486?profile=RESIZE_400xLike we don’t have enough ransomware floating around destroying international businesses.  Enter two new ransomware forms.  Two newly discovered forms of ransomware with quite different characteristics show just how diverse the world of ransomware has become as more cybercriminals attempt to join in with the ‘cyber extortion’ game.  Both forms of ransomware emerged last month and described by cybersecurity researchers as AlumniLocker and Humble, with the two versions attempting to extort a Bitco

Views: 48
Comments: 0

8646907101?profile=RESIZE_400xIn 1980, the British comedy group Monty Python created a video, “I Like Chinese.”  We all like Chinese; except the Chinese Communist Party (CCP) – who train, encourage and promote active hacking of many, many counties.  A Chinese hacking group allegedly "cloned" and deployed a zero-day exploit developed by the US National Security Agency's Equation Group (NSA) before Microsoft patched the Windows vulnerability that was being exploited in 2017.  For several years, researchers have suspected the C

8643112062?profile=RESIZE_400xA new version of the Ryuk ransomware is capable of worm-like self-propagation within a local network, researchers have recently found.  The variant first emerged in Windows-focused campaigns earlier in 2021, according to the French National Agency for the Security of Information Systems (ANSSI). The agency said that it achieves self-replication by scanning for network shares, and then copying a unique version of the ransomware executable (with the file name rep.exe or lan.exe) to each of them as

8643111052?profile=RESIZE_400xRansomware continues to create havoc for organizations of all types and the problem only seems to be getting worse every year. Cyber threat defenders across every type of targeted organization, including government agencies and private businesses - would do well to have more effective defenses in place.  Such defenses would ideally include organizations proactively looking for known ransomware attackers' tactics, techniques and procedures. That kind of threat hunting can help defenders spot atta

8640804469?profile=RESIZE_400xAs the 2020 tax preparation season begins in the US, the Internal Revenue Service (IRS) is warning that it is seeing more signs of cyber criminals spoofing the agency's domains and incorporating its logos and language into phishing campaigns.  Authorities additionally are cautioning other fraud campaigns that spoof US government departments, with some using themes capitalizing on COVID-19 economic relief programs.  A tempting lure to many.

During February 2020, the IRS published a notification t

8640732684?profile=RESIZE_400xActivity Summary - Week Ending 5 March 2021:

  • Fair Deal Furniture in Mombasa Kenya still is Keylogged
  • Red Sky Alliance identified 35,371 connections from new unique IP Addresses
  • Analysts identified 3,001 new IP addresses participating in various Botnets
  • SIM Swapping – easier than a Malware Attack
  • Silver Sparrow flying around inside Apple
  • Javali Banking Trojan
  • PlugX and RedEcho
  • A Kia Hit
  • Oh Canada – Bombidier, GlobalEye and Enterprise Oh !!
  • Don’t get Stung by Lithuanian CityBee
  • The Darkside Hacke

8627829869?profile=RESIZE_400xRecent reporting by CrowdStrike indicates that two productive cybercrime threat groups, Carbon Spider (CS) and Sprite Spider (SS) are spreading hate and discontent against VMware’s ESXi.

ESXi is a Type-1 hypervisor (also known as a “bare-metal” hypervisor) developed by VMware.  A hypervisor is software that runs and manages virtual machines (VMs).  In contrast to Type-2 hypervisors that run on a conventional host operating system, a Type-1 hypervisor runs directly on a dedicated host’s hardware.

8616627081?profile=RESIZE_400xBack in the 1960’s my Dad had an insurance salesman who was a real boring guy.  No expression, just sold insurance; to which so many didn’t even want to discuss anyway.  Those days are long gone.  Now everything is so impersonal – just like the boring insurance salesman (maybe he knew something we did not).  So, when you get an on-line solicitation for a free insurance quote, many jump at the chance of NOT having to talk to a boring insurance salesperson.  Hackers are targeting vulnerabilities i

8615980663?profile=RESIZE_400xMacs and viruses are not all that common, but the one that was recently discovered by researchers is even less so. Security researcher Red Canary has published information about a new “activity cluster” that has infected 29,139 Macs across more than 150 countries but is missing one key ingredient: a reason to be.

In the report, Red Canary and Malwarebytes outline a new strain of macOS malware called Silver Sparrow that affects both Intel and Apple silicon processors. The companies have determine

8615969486?profile=RESIZE_400xWhile in existence prior to 2016, ransomware gained notoriety that year targeting the global healthcare industry, and in several instances, successfully extorting ransoms from victims. Since then, ransomware has turned out to be more than just a nuisance crime, with ransomware operators adjusting targeting strategies, malware deployment, and diversifying how they executed their campaigns to maintain success rates. Over the past few years, ransomware operators have shifted tactics, moving from wi

8604789256?profile=RESIZE_400xOne can say, “Do we really care what happens in Lithuania?”  Well, with the World that is shrinking Day by Day; we all need to watch every inch of the Cyber-Globe for malicious cyber trends and triggers.  According to the hacker behind the CityBee breach, the black hats found the backup database of CityBee and exposed it on the Internet for all to see and use.  CityBee is a leading Lithuania-based car-sharing platform who suffered a data breach in which personal data, including customer login cr

8601841870?profile=RESIZE_400xActivity Summary - Week Ending 26 February 2021:

  • 600+ US healthcare data breaches in 2020
  • Red Sky Alliance identified 35,139 connections from new unique IP addresses
  • Analysts identified 2,378 new IP addresses participating in various Botnets
  • Bazar Trojan Variant
  • Malware Lingerie for 2021Valentine’s Day !!
  • Silver Sparrow; aren’t Sparrows Brown?
  • Pfizer, COVID Vaccine and Hacking
  • LEON and Nocona Hospitals hit
  • eHealth in Canada – Ryuk Ransomware
  • France to invest 1 billion euros in Cyber Security –

8592620480?profile=RESIZE_400xThe age-old trick of romance scams remains real and is getting worse.  The number of people being targeted by fake relationship-seekers has drastically spiked during the COVID-19 pandemic.  Why? People are lonely and clever criminals play on this new phenomenon.  Romance scams remain the most successful fraud strategy for cybercriminals and represent a growing arena of opportunity; this according to the Federal Trade Commission. During 2020, romance schemes accounted for a record $304 million ra

8592547298?profile=RESIZE_400xFor over a year and a half, Red Sky Alliance has provided Dryad Global with weekly Vessel Impersonation Reports and Maritime Watch Lists to help the maritime community better protect against cyber intrusions.  Our friends at Dryad Global have issued their Annual Report for 2020/2021, which highlights various maritime hotspots around the globe. 

This is the link for the Annual Report: Dryad Global: Annual Report 2021

8589496265?profile=RESIZE_400xCybercriminal gangs operating darknet stolen payment card marketplaces are scrambling to attract customers from the now-closed Joker's Stash card market, according to representatives from the security firms Kela and Flashpoint.  The administrator behind Joker's Stash claims to have officially shut down the operation in February 2021. Meanwhile, other criminal gangs offering stolen payment cards for sale have stepped up their promotional

Among the darknet marketplaces vying to pick up former Joke

8586196658?profile=RESIZE_400xWith cyber-attacks ramping up and up since the international pandemic, the need for proper cyber protection and cyber insurance coverage is taking on a new meaning, as well as many other business risk factors.[1]  With all the current business concerns in an ever-changing US administration priorities, the corporate risks and vulnerabilities are closely coupled with cyber security matters.  As an example, fossil fuel-energy companies and drug developers are among the most common issuers updating

8575937274?profile=RESIZE_400xJust how much US land does China own?  Excerpts by Libertas Bella (edited).

American-US prosperity has largely been built on a dual foundation: cheap land or expensive labor.  Until the US Immigration Act of 1965, Ronald Reagan’s Amnesty of 1986 and North American Free Trade Association (NAFTA) opened up the floodgates of immigration (both legal and illegal) this formula basically held firm.  When there was not enough labor, employers had to pay more rather than simply importing massive amounts