On 17 September 2021, while developing additional tools for our Red Pane Dark Web collections, we discovered a new ransomware attack posted by Conti against Amax. A company that makes and installs storage and server solutions for businesses.
As displayed by this table, our new tool allows faster discovery of ransomware infections, alerting us about the new post within 2 minutes of it being live.
This gives our Red Pane tool a near real-time detection rate of new ransomware infections. Red Pane
Our friends from Kelly Blue Book are explaining that “everything about the way you buy a car is changing.” The auto industry is changing so rapidly and so thoroughly that it may even alter the town where you live.
Car dealerships have begun consolidating under the control of nationwide companies, and their vision for what car shopping may look like in just a few years is radically different than the experience you’re used to.
How did we get here, and where are we going? And what vulnerabilitie
US Securities and Exchange Commission Chairman Gary Gensler testified before the Senate last week and again called for comprehensive cryptocurrency regulations, citing a need to reduce cybersecurity risks, other market risks, and criminal efforts to defraud investors, all while advancing the assets. Appearing before the Senate Banking Committee, Gensler defended the SEC's ability to enforce securities laws against cryptocurrency companies, although several Republican lawmakers cited a "lack of
Insider threats are of serious concern for all businesses. Former or recently terminated employees add a much higher level of risk for theft, destruction, or release of company data. A former credit union employee is now facing a ten (10) prison sentence after pleading guilty to destroying large amounts of corporate data in revenge for being fired.
This former employee who lives in Brooklyn NY, pleaded guilty in the US Eastern District Court recently, admitting to one count of computer intrus
Eventually, everyone need help with their heating and air conditioning (HVAC) units. Most technicians are trustworthy and do a great job. The bad news is that more than 9 out of 10 (91%) industrial organizations are vulnerable to cyber-attacks, according to a new report by Positive Technologies. The study found that external attackers can penetrate the corporate network in all these organizations, and once inside, can obtain user credentials and complete control over the infrastructure in 100
I found this in my Inbox this morning. I think the only truthful piece of information included - is that Mary Beth Leonard actually is the current US Ambassador to Nigeria.
See: Ambassador Mary Beth Leonard | U.S. Embassy & Consulate in Nigeria (usembassy.gov)
This one fact shows that the criminal involved has done some homework for his scam. I am always amused by the mis-use of words in the text of theses “kind offers,” such as using the word “missing” instead of “mincing.” There are too
In the Real Estate business, the most sought after properties have location, location and location as their attraction. Thinking as a criminal what is on their “Wish List?” How do they rate the ideal ransomware target? Cyber threat investigators calim the following attributes add up to the best targets: revenue, size, geography and level of access help determine sale price for access. The most sought-after type of victim for ransomware-wielding attackers is a large, U.S. based business with at l
Since early in 2020, when the COVID-19 lockdowns began, cybercrime has increased significantly and remote working has produced major cyber security challenges and higher risks for many businesses and organizations. The surge of CV-19 cases driven by new variants has challenged many companies to quickly devise long-term hybrid work models that meet the needs of their businesses and employees. The term hybrid has been coined as there are many degrees from total office attendance to total at home
Our friends at several cyber media outlets are reporting that the operators behind the REvil ransomware-as-a-service (RaaS) is back. In a surprise return, REvil reappeared after a two-month break following the widely publicized attack on technology services provider Kaseya on 4 July 2021. In fact, Red Sky Alliance analysts observed its return this past week.
Two of the dark web portals, including the gang's Happy Blog data leak site and its payment/negotiation site, have reappeared online, wit
Did you ever wonder how a can of green beans gets to the shelf of your supermarket? Well, from planting the seeds, harvesting the crop, canning the beans, and pushing them to market – is all called the ‘Food Supply Chain.’ Now cyber-attackers are targeting our food supply chain and the Jolly Green Giant ain’t so happy.
The US Federal Bureau of Investigation (FBI) has issued a new alert on 06 September 2021 warning companies in the food and agricultural sector that they are increasingly at risk
A new twist on an old con; remember the Nigerian Princes who wanted to share their fortune with you - if only you would only send them your bank account number? A Nigerian threat actor has been observed attempting to recruit employees by offering them to pay $1 million in Bitcoins to deploy Black Kingdom ransomware on companies' networks as part of an insider threat scheme.
"The sender tells the employee that if they're able to deploy ransomware on a company computer or Windows server, then the
Valyria malware is a trojan distributed by phishing email attacks seemingly targeting business emails, commonly using the words “Invoice,” “Order,” or “Report” in the subject line.
Among these emails, there is a strong resurgence of tactics, techniques, and procedures (TTP’s) previously known to be employed by the Gorgon Group with the MasterMana Botnet.
Link to full technical report: TIR-21-224-001_Val.pdf
Security professionals have long wrestled with properly identifying rogue employees bent on crippling a company. This was once evident in identifying stolen proprietary or classified paper documents for personal or professional gains – or some were just plain focused on outright revenge and destruction. Now ‘everything’ is cyber related, yes everything, and thus cyber security meets with physical security, human resources (HR) and company management teams. This lateral cooperation is a must i
Ransomware-as-a-Service Operations Seek Affiliates for Extorting New Victims. After a number of high-profile hits during 2021, some of the largest and most notorious ransomware operations disappeared. Beginning in May 2021, ransomware attacks by Russian-language groups Conti against Ireland's health service, DarkSide against U.S.-based Colonial Pipeline, and REvil against meat processing giant JBS and remote management software firm Kaseya led the Biden administration to try to better disrupt t
Lloyd’s of London, for centuries the world’s dominant marine insurer, continues to witness sharp decline in premium volumes as lines on graph now cross with Asian economic giant.[1] China is now the world’s second-largest provider of hull insurance, after overtaking Lloyd’s on market share, the International Union of Marine Insurance (IUMI) has confirmed.
China, which has seen its slice of the pie grow slowly but steadily in recent years, recorded a 12.4% share of 2020 global aggregate hull pre
The US Securities and Exchange Commission (SEC) sanctioned eight financial firms for alleged failures related to cybersecurity policies and procedures, each stemming from email account takeovers and related incident response, the regulator announced on 01 September 2021.[1]
The sanctioned firms did not admit or deny the commission's findings, but "agreed to cease and desist from future violations of the charged provisions, to be censured and to pay a penalty," according to the SEC. Cumulative fi
Activity Summary - Week Ending 3 September 2021:
✓ Red Sky Alliance identified 31,051 connections from new unique IP addresses
✓ 6 unique email accounts Compromised with Keyloggers were observed this Week
✓ Analysts identified 134 new IP addresses participating in various Botnets
✓ PrintNightmare & Magniber
✓ Vulnerable Microsoft Exchange Servers
✓ SparklingGoblin
✓ FIN8 / Sardonic and the Financial Sector
✓ Transportation / Bangkok Airways
✓ Biometric Data / Afghanistan
✓ US Labor Day Warning
✓ The Best C
The current US administration unveiled a new package of supply chain and critical infrastructure security initiatives on 25 August 2021. This following a meeting at the White House with about 25 tech, banking, insurance, and infrastructure executives. Little did the group know that an inexpensive solution has been available for 3 years: Wapack Labs LLC - Introduces RedXray: Wapack Labs
The initiatives feature a pledge by several companies, including tech giants Microsoft, Google and IBM and
New vulnerabilities have been discovered in Fortress S03 Wi-Fi Home Security System that could be potentially abused by a malicious party to gain unauthorized access with an aim to alter system behavior, including disarming the devices without the victim's knowledge. The two unpatched issues, tracked under the identifiers CVE-2021-39276 (CVSS score: 5.3) and CVE-2021-39277 (CVSS score: 5.7), were discovered and reported by cybersecurity firm Rapid7 in May 2021 with a 60-day deadline to fix the
