All Articles (1894)

Sort by

12232542855?profile=RESIZE_400xIt was 8:30 a.m. last Friday before a long weekend when Missouri's state court system learned it might have a cyber problem.  IT staff discovered the state court system's cybersecurity software had detected unusual activity coming from a system administrator's account at 2 am, well outside business hours.  Also suspicious?  That system admin was on vacation, said the director of IT services for Missouri State Courts, during the recent National Center for State Courts' (NCSC) Court Technology Con

12229154274?profile=RESIZE_400xEmerging technology in the maritime arena is being used for tracking emissions, avoiding collisions and route planning, but lawyers are circling the technology, a recent seminar reported.  The rapid expansion of artificial intelligence (AI) faces major stumbling blocks in shipping, where more than 80% of large vessels barely have enough communications capacity to send an email, a seminar heard on 19 September.

The use of problem-solving AI has the potential to cut costs in the coming decades, bu

12229304882?profile=RESIZE_400xThe Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have released a this joint CSA to disseminate known ransomware IOCs and TTPs associated with the Snatch ransomware variant.  

Since mid-2021, Snatch threat actors have consistently evolved their tactics to take advantage of current trends in the cybercriminal space and leveraged successes of other ransomware variants’ operations.  Snatch threat actors have targeted a wide range of critical i

12229283293?profile=RESIZE_400xAfter years of spouting the need in an ease of reporting suspicious activity, I see the US Department of Homeland Security (DHS) now floating several new ideas for how to make federal cyber incident reporting rules ‘simpler’ for victim organizations — including the concept of a single reporting web portal.  Not a new concept, but a wise one. 

There are currently 52 in-effect or proposed federal cyber incident reporting requirements.  As part of the cyber incident reporting bill that was signed i

12228600055?profile=RESIZE_400xLaw enforcement officials in Finland worked with Europol and a cybersecurity firm to take down a dark web marketplace called PIILOPUOTI.  The platform had operated on the Tor Network since May 2022 as a way for people to smuggle and sell drugs as well as paraphernalia into Finland, according to a statement from Finnish Customs.  “The criminal investigation is still underway.  At this point, Finnish Customs and our international cooperation partners will not provide any further information on the

12229197875?profile=RESIZE_400xFortiGuard Labs researchers recently captured a phishing campaign that spreads a new Agent Tesla variant. This well-known malware family uses a .Net-based Remote Access Trojan (RAT) and data stealer to gain initial access. It is often used for Malware-as-a-Service (MaaS).
An in-depth analysis of this campaign was performed, from the initial phishing email to the actions of Agent Tesla installed on the victim’s machine to collect sensitive information from the affected device. In this analysis, y

12227241298?profile=RESIZE_400xThe media is full of stories about cyber threats, attacks, and ransomware demands, and why is this the norm?   Digital transformation creates larger data estates, opening new avenues of attack for cybercriminals.  Bad actors’ tactics are sophisticated and constantly evolving, making it difficult for companies to stay ahead of emerging threats.  Cyber threat intelligence gives businesses the information and capabilities they need to refine their defenses continually.

Targeted cyber threat intelli

12227252865?profile=RESIZE_400xThe Iranian threat actor Charming Kitten has been linked to a new wave of attacks targeting different entities in Brazil, Israel, and the UAE using a previously undocumented backdoor named Sponsor.  Cybersecurity investigators are tracking the cluster under the name Ballistic Bobcat.  Victimology patterns suggest that the group primarily singles out education, government, healthcare organizations, human rights activists, and journalists.  At least 34 victims of Sponsor have been detected to date

12228654674?profile=RESIZE_400x

Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate

By J.P. Atwell, Former Sr. CIA Operations Officer
Originally published in the Hawaii Tribune-Herald on 04 June 2023.
https://www.hawaiitribune-herald.com/

Many people’s understanding of the CIA comes from entertainment (Hollywood) and “Infotainment” (social media, high-bias “news” television channels). For others, an occasional documentary (of varying credibility) or a solid news report (typically highlighting the odd operational failure) rounds out their knowledge of an organization that is by

12227366685?profile=RESIZE_400xCyber security refers to every aspect of protecting a company or organization as well as its employees and assets from online threats.  For all of us in animal agriculture, cybersecurity is no longer just about avoiding those sketchy phishing emails or resetting our passwords.  It’s about being aware of our online presence and how that may make us vulnerable to individuals or groups looking to gain access to sensitive information with the intent to target our farms or companies.[1]

Recently, the

04fa13581727e599d809924588162137be.jpg?profile=RESIZE_180x180Clorox (CLX) warned it is still dealing with the fallout from a recent cyberattack, saying the hack will have a significant effect on its current quarter results.

Key Takeaways:

  • Clorox said a cyberattack last month will have a material impact on current quarter results.
  • The hack damaged portions of the company's IT systems, and it switched to manual ordering and processing procedures.
  • Because of the attack, Clorox said it couldn't give a fiscal year outlook.
  • The attack, first discovered Aug. 14

12227236860?profile=RESIZE_400xAs a child, reading comic books (not buying them) at our neighborhood Rexall drug store, I dreamed of becoming a comic book artist, but I lacked one important skill: the ability to draw pictures other than stick figures.  Now, 60 years later AI can fulfill my dreams of having my comic books and characters.  Available as a space through Hugging Factory, the AI Comic Factory will design comic book pages for you based on your descriptions.

Describe your scenario, choose a style, and then select a l

12227229689?profile=RESIZE_400xAdvanced Persistent Threat (APT) actors have exploited known vulnerabilities in Zoho ManageEngine and Fortinet VPN products to hack an organization in the aeronautical sector, according to a joint report from the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the Cyber Command’s Cyber National Mission Force (CNMF).  Impacting more than 20 on-premises Zoho ManageEngine products, the first bug, tracked as CVE-2022-47966 (CVSS score of 9.8), allows remote attackers to execute

12224657682?profile=RESIZE_400xHackers attacked the national power grid of an unspecified Asian country earlier this year using malware typically deployed by personnel connected to China’s government, researchers said last week.  Cybersecurity company Symantec declined to attribute the incident to China but pointed to a group it tracks as RedFly.  The group compromised the network for as long as six months, stealing credentials and targeting multiple computers, the researchers said.

The malware, known as ShadowPad, also has b

12224759087?profile=RESIZE_400xRecently, British authorities have arrested a man who reportedly spied for China in their government offices in London, resulting in new fears on how Beijing gathers intelligence today.  The incident follows allegations earlier this year that China flew a surveillance balloon over the United States, causing diplomatic problems.  And the USA failed to shoot down the rogue balloon until it had completely covered the country unmolested.

Here are some of the ways China has worked to spy on the weste

12224754080?profile=RESIZE_400xGoogle’s threat hunting unit has again intercepted an active North Korean APT actor sliding into the DMs of security researchers and using zero-days and rigged software tools to take control of their computers.  Google’s Threat Analysis Group (TAG) recently reported the government-backed hacking team’s social media accounts and warned that at least one actively exploited zero-day is being used and is currently unpatched.[1]

See:  https://redskyalliance.org/xindustry/no-good-deed-goes-unpunished

12224327474?profile=RESIZE_400xMoving goods via rail remains one of the most popular modes of transportation.  In a typical year, US freight railroads move around 1.6 billion tons across nearly 140,000 miles of track.  US citizens traveled more than 12.5 billion kilometers by rail in 2021, through the automobile remains the king in the US.  Thousands of railways, from national and regional networks to intra-city light rails, have been built to connect the country and its industries, turning rail into a critical component of t

12223227086?profile=RESIZE_400xCybersecurity investigators are warning of a new type of phishing attacks that abuse Google Looker Studio to bypass protections.  Google Looker Studio[1] is a legitimate online tool for creating customizable reports, including charts and graphs that can be easily shared with others.  Looker Studio, formerly Google Data Studio, is an online tool for converting data into customizable informative reports and dashboards introduced by Google on 15 March 2016 as part of the enterprise Google Analytics

12222539061?profile=RESIZE_400xIt was not so long ago that malware authors, much like software developers, were concerned about the size of their code, aiming to keep it as small and compact as possible.  Small binaries are less noticeable and can be slipped inside other files or shipped in benign codeattachments, and images.  Smaller executables take up less space on disk, are faster to transfer over the wire, and, if written efficiently, can execute their malicious instructions with less tax on the host CPU.  In days of s