Apple and the satellite-based broadband service Starlink each recently took steps to address new research into the potential security and privacy implications of how their services geo-locate devices. Researchers from the University of Maryland say they relied on publicly available data from Apple to track the location of billions of devices globally — including non-Apple devices like Starlink systems and found they could use this data to monitor the destruction of Gaza, as well as the movement
All Articles (2240)
Sort by
Google is betting Microsoft Corp.’s very public cybersecurity failures, along with deep discounts will persuade corporate and government customers to use the search giant’s productivity software rather than Office. Some are insinuating Google is trying to steal customers.
Government agencies that switch 500 or more users to Google Workspace Enterprise Plus for three years will get one year free and be eligible for a “significant discount” for the rest of the contract, said Andy Wen, the senior
Multiple US and allied cybersecurity agencies have recently warned about an ongoing campaign by pro-Russia hacktivist groups to target and compromise operational technology (OT) systems across critical infrastructure sectors in North America and Europe. According to a new joint cybersecurity alert have been observed gaining remote access to small-scale industrial control systems used in water/wastewater, dams, energy, and food and agriculture by exploiting internet-exposed human-machine interfa
Recently, China’s Cybersecurity Industry Alliance (CCIA) published a report in an effort to further expose the suspected hegemonic practices and “bullying” behavior of the United States in cyberspace. The report is broken down into six sections based on perceived U.S. behaviors, purportedly drawing its sources from a variety of public and private organizations in an attempt to present an authoritative credibility that paints the United States as the primary obstacle to global cyberspace securit
VikingCloud recently released new research revealing 40% of cyber teams have not reported a cyber incident out of fear of losing their jobs, a disclosure that signifies a serious underreporting of cyber breaches globally. This trend also leaves businesses at risk of being non-compliant with emerging industry regulations, as well as vulnerable to rising attacks, reported in the survey to have both increased in frequency for 49% of companies and severity for 43% in the past 12 months.
The data ga
Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments. Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate
Microsoft has recently declared that security will now be the company's topmost priority "above all else," even taking precedence over shipping new product features and capabilities. This commitment to making security job #1 comes on the heels of a string of incidents, including a major breach disclosed just two months ago, where Russian state-sponsored hackers tracked as Midnight Blizzard or Nobelium gained disturbing levels of access to Microsoft's internal systems and source code repositorie
The US Federal Trade Commission recently sent out a blog warning car companies about sharing automobile collected data. Who thought your car would be gathering information about you? Personal data is being collected every second, even in your vehicle.
“Some say a person's car can say a lot about them. As cars get ‘connected,’ this turns out to be truer than many might have realized. While connectivity can let drivers do things like play their favorite internet radio stations or unlock their
The Abu Dhabi Autonomous Racing League (A2RL) completed the world’s first autonomous auto race at the Yas Marina Circuit before a full front straight grandstand on the evening of 27 April 2024.
Four cars qualified for the final event, attempting what had never been done before racing wheel-to-wheel without any human intervention.
See: https://redskyalliance.org/automotive/hacking-your-new-car
Team TUM (Technical University of Munich) won the driverless race in a last-lap dash, overtaking Ital
A deal between Stack Overflow https://stackoverflow.com and OpenAI https://openai.com seems to have triggered a battle between the developer forum and its users. On 06 May 2024, Stack Overflow announced a new deal in which user content would be scooped up by OpenAI to train ChatGPT. As a forum for developers and programmers, Stack Overflow is home to technical posts and content that is valuable to a generative AI service like OpenAI's ChatGPT.
The announcement compelled at least one user to mo
In today’s digitally connected world, passwords are the gateway to protecting our online lives, from email and social media accounts to banking and private data. Yet, many users still use alarmingly weak passwords or reuse the same ones across multiple sites, putting our digital identities at severe risk. What is your birth date, street address, or pet’s name? World Password Day, observed annually on the first Thursday of May, is a crucial reminder to change these poor password habits and pri
US Cyber authorities are releasing this joint CSA to provide information on Black Basta, a ransomware variant whose actors have encrypted and stolen data from at least 12 out of 16 critical infrastructure sectors, including the Healthcare and Public Health (HPH) Sector. This joint CSA provides TTPs and IOCs obtained from FBI investigations and third-party reporting.
Black Basta is considered a ransomware-as-a-service (RaaS) variant and was first identified in April 2022. Black Basta affiliate
In a comprehensive National Security Memorandum (NSM), the current administration has outlined its strategy for strengthening the security and resilience of United States critical infrastructure against threats like cyberattacks, natural disasters, and climate change. The memorandum designates 16 critical infrastructure sectors, such as energy, transportation, and health care, and outlines roles and responsibilities for relevant federal agencies to identify and mitigate risks within each sector
In case you have not heard, 2024 is a big year for cicadas. Cicada (family Cicadidae) is a family of more than 3,000 species of sound-producing insects. Cicadas are found worldwide in tropical and temperate areas and occur in deserts, grasslands, and forests. Cicadas have been used in folk medicines, as religious and monetary symbols, and as an important source of food for humans and many other organisms. The cicada appears in the mythology, literature, and music of many cultures, including so
Shipping is increasingly subject to growing volatility and uncertainties from war and geopolitical events, climate change risks, such as drought in the Panama Canal, and the resurgence of piracy. Allianz Commercial marine experts look at some of the major consequences, including the effect on crew, the prospect of more cyber-attacks and drone strikes, the threat the rise of the ‘shadow fleet’ poses to vessels and the environment, as well as the multi-faceted impacts of rerouting.
Recent inciden
The below information from DHS/CISA is a fact sheet which provides information and mitigations associated with cyber operations conducted by pro-Russia hacktivists who seek to compromise industrial control systems (ICS) and small-scale operational technology (OT) systems in North American and European critical infrastructure sectors, including Water and Wastewater Systems, Dams, Energy, and Food and Agriculture Sectors.[1]
The pro-Russia hacktivist activity appears mostly limited to unsophistica
Almost everyone knows dating sites can be dangerous, and you need to be careful. But a nasty new threat plays on those fears, and by the time you realize it, it could be too late…..Don't make this mistake on your dating app.
Online dating can be dangerous; who is at the other end of all those flirty and exciting messages, and whose pictures have they chosen to share? But now, a new FBI warning has taken something of a twist because the latest threat to dating app users plays on those fears that
If you open your devices with a fingerprint or face scan, you are probably OK with tech companies having some of your biological data. Now, the rise of neurotech wearables is putting your brainwaves into question. On 17 April 2024, the governor of Colorado signed a bill expanding the state's existing privacy law to include neural data or brain activity. The bill added brainwaves under the umbrella of biological data, which it defined as "data generated by the technological processing, measure
From credential theft to social engineering and disinformation campaigns, cybercriminals and state sponsored threat actors continue to evolve their tactics and expand their ambitions.
Last week at RSA, Recorded Future (RF) showcased the ways they are innovating to help our clients thwart the adversary on every front. RF is doing so with a powerful
combination of Recorded Future’s automated threat intelligence solutions and highly skilled expertise, with a mission to prevent business disruption.1
The North Korea-linked threat actor known as Lazarus Group used its time-tested fabricated job lures to deliver a new Remote Access Trojan (RAT) called Kaolin RAT as part of attacks targeting specific individuals in the Asia region in summer 2023. The malware could, aside from standard RAT functionality, change the last write timestamp of a selected file and load any received DLL binary from [command-and-control] server. The RAT acts as a pathway to deliver the FudModule rootkit, which has be
