X-Industry

A major cyber-attack occurred just before the Fourth of July holiday in 2021, affecting at least 200 US companies.  The attack was a ransomware attack that occurred first at Kaseya, a Florida-based IT company, and then spread through the corporate networks that use its software.  The attack affected multiple managed service providers and their customers.  The REvil ransomware gang was behind the attack.  Please stay vigilant during all holiday times.

At least 200 US companies were hit by a major

On 26 June, Evolve Bank and Trust, a financial institution that’s popular with fintech startups, announced that it had been victim of a cyberattack and data breach that could have affected its partner companies as well.  The incident, according to the company’s statement, involved “the data and personal information of some Evolve retail bank customers and financial technology partners’ customers.”

Evolve’s communications chief Thomas Holmes said that the incident involves “a known cybercriminal

On 8 March 2024, KrebsOnSecurity published a deep dive on the consumer data broker Radaris, showing how the original owners are two men in Massachusetts who operated multiple Russian language dating services and affiliate programs, in addition to a dizzying array of people-search websites.  The subjects of that piece are threatening to sue KrebsOnSecurity for defamation unless the story is retracted. Meanwhile, their attorney has admitted that the person Radaris named as the CEO from its incepti

Our friends at FortiGuard Labs recently captured a new phishing campaign that demonstrates the spread of a new Agent Tesla variant, specifically targeting Spanish-speaking people.  Agent Tesla is a well-known. Net-based Remote Access Trojan (RAT) is designed to stealthily infiltrate victim’s computers and steal their sensitive information, such as their computer’s hardware information, login user information, keystrokes, email contacts, web browser cookies files, system clipboard data, screensho

A controversial proposal put forth by the European Union (EU) to scan users' private messages for detection of child sexual abuse material (CSAM) poses severe risks to end-to-end encryption (E2EE), warned Meredith Whittaker, president of the Signal Foundation, which maintains the privacy-focused messaging service of the same name. "Mandating mass scanning of private communications fundamentally undermines encryption.  Full Stop," Whittaker said in a statement on 17 June 2024.  "Whether this happ

The notorious Russia-based ransomware gang Lockbit 3.0 has claimed responsibility for a cyber-attack on the US Federal Reserve.  The attack, which was announced on 23 June via a post on a site associated with the ransomware gang, allegedly saw the gang infiltrate the systems of the US Federal Reserve and exfiltrate 33 TB of sensitive banking information.

In the post, which was entitled 'federalreserve.gov', the gang explained how the Federal Reserve is structured, and its role in distributing mo

Back in the 1960’s, there were a string of western movies called Spaghetti Westerns, because they were made in Italy by local directors and producers.  In 1966, a famous movie called The Good, the Bad and the Ugly was shown across the US and it became a cult classic, starring a then unknown actor: Clint Eastwood.  Below Sentinel Labs exposed modern day hacking robbers, hopefully on their way to US federal prison for a long time.    

The Good - Dark Marketplace Operators Face Life Sentences for $

Non-human Identity (NHI) lifecycle firm Entro Security (https://entro.security) has raised $18 million in a Series A funding round led by Dell Technologies Capital and including angel investors. The funds will be used to scale the firm’s global operations, including increasing its headcount from 35 to around 80 by the end of 2024.

Entro’s platform is designed to bring order to the increasingly chaotic management of non-human identities.  Identity management has always been problematic, but the g

The LockBit ransomware group has claimed a significant increase in attack volume in May 2024, which would once again make it the most active ransomware gang, a new report from NCC Group shows.  The LockBit ransomware operation was disrupted in February when law enforcement agencies in North America, Europe, and Asia seized 34 servers, took over the gang’s Tor-based leak site, froze its cryptocurrency wallets, and collected technical information on the group’s infrastructure.

The US government ha

Qilin, the ransomware group behind an attack that has disrupted healthcare across London, has listed the victim organization Synnovis on its darknet extortion site.  The attack earlier this month on Synnovis, a business providing pathology services for hospitals and local clinics in the capital, prompted major disruptions to services, with blood tests in South East London operating at approximately 10% normal capacity.  “Half of this capacity has been ringfenced to support patients in the acute

SpaceX is inviting some customers to buy a new Starlink Mini receiver for its satellite broadband service offered as a portable option, with an introductory price tag of $599 in the US.

Customer emails sent by the space company this week invited select customers to buy its latest antenna, described as a "compact, portable kit that can easily fit in a backpack, designed to  provide high-speed, low-latency internet on the go."

Stream 4K movies while out camping out, anyone?  Cool, huh?  The compan

Hospitals and healthcare subsidiaries have been in the cyber security headlines for over a year now.  And attacks appear to have not slowed.  More than 1,130 planned operations and 2,190 outpatient appointments have been postponed after a cyber-attack hit London area hospitals.  The disruption was caused when hackers targeted pathology services provider Synnovis.  NHS England said two NHS trusts, King’s College Hospital NHS Foundation Trust and Guy’s and St Thomas’ NHS Foundation Trust, were aff

A cyber-attack on software provider CDK Global upended operations at car dealerships across the US on 19 June.  CDK spokesperson Lisa Finney said the company shut down most of its systems “out of an abundance of caution" for customers.  By that afternoon, the company had restored its core document management system and digital retailing solutions.  "We are continuing to conduct extensive tests on all other applications, and we will provide updates as we bring those applications back online," Fin

Red Sky Alliance often queries various critical infrastructure sectors and associated businesses.  This month our researchers took a quick look (snapshot) of the Steel Industry.  We used our CTAC analytical service to query various key words to the steel industry.  These type manufacturing key words are often used in Subject lines to lure and entice users in this sector business to open emails containing malicious attachments.  Red Sky Alliance is providing this list of steel related key words w

A cyber-attack that sent US based Ascension hospitals and health care systems offline in May happened because a worker accidentally downloaded malware, officials said this week.   “Clinical operations” were affected at Ascension hospitals and medical centers, which operate in Michigan and 18 other states, when a cyber-attack forced the organization to transition to offline systems in early May.  It was later said that the attack was actually a ransomware attack, meaning someone (or a group) brok

 The single-vendor SASE market is immature and dynamic but developing rapidly. I&O leaders responsible for networking should work with their security colleagues when selecting SASE vendors and use this research to cut through marketing hype to determine which vendors best suit their needs.

Strategic Planning Assumptions - By 2025, there will be over a 50% increase in vendors with generally available single-vendor SASE offerings compared to mid-2023.  By 2026, 60% of new SD-WAN purchases will be

The revelation earlier this year that General Motors had been selling driver behavior patterns to data brokers, who in turn packaged and resold it to insurers, has led at least one of two major data brokers to shut down its related product.  That data broker, Verisk, disclosed last month that it has stopped accepting data from car makers and no longer sells the information to insurers, according to the organization Privacy4Cars, which received the response after sending the data broker an inquir

The criminal hacking group ShinyHunters claims it has stolen information, including bank and credit card numbers and staff HR details, from 30 million customers and employees. The stolen information includes bank account data. The hackers belong to the same gang that recently hacked Ticketmaster. The hackers are now trying to sell what they claim is confidential information belonging to millions of Santander’s employees and customers.

Santander, which employs 200,000 staff worldwide, has confirm

In an effort to shore up its reputation in the West, TikTok has taken measures to stop a cyber-attack targeting several brands and celebrity accounts, including news network CNN.  A spokesperson for the company said, "We have been collaborating closely with CNN to restore account access and implement enhanced security measures to safeguard their account moving forward."  TikTok said the number of accounts compromised is "very small" and it is working with affected account owners to restore acces

Nearly 400,000 people had sensitive healthcare information stolen by hackers during a 2023 cyberattack on a company that supports eye clinics.  Colorado-based Panorama Eyecare told regulators in Maine and Massachusetts that 377,911 current and former patients and employees had data stolen; including names, Social Security numbers, dates of birth, license numbers, financial account information, dates of service and medical provider names.

Panorama Eyecare owns or provides services to dozens of op