Red Sky Alliance often queries various critical infrastructure sectors and associated businesses. This month our researchers took a quick look (snapshot) of the Steel Industry. We used our CTAC analytical service to query various key words to the steel industry. These type manufacturing key words are often used in Subject lines to lure and entice users in this sector business to open emails containing malicious attachments. Red Sky Alliance is providing this list of steel related key words w
All Articles (2531)
Sort by
A cyber-attack that sent US based Ascension hospitals and health care systems offline in May happened because a worker accidentally downloaded malware, officials said this week. “Clinical operations” were affected at Ascension hospitals and medical centers, which operate in Michigan and 18 other states, when a cyber-attack forced the organization to transition to offline systems in early May. It was later said that the attack was actually a ransomware attack, meaning someone (or a group) brok
The single-vendor SASE market is immature and dynamic but developing rapidly. I&O leaders responsible for networking should work with their security colleagues when selecting SASE vendors and use this research to cut through marketing hype to determine which vendors best suit their needs.
Strategic Planning Assumptions - By 2025, there will be over a 50% increase in vendors with generally available single-vendor SASE offerings compared to mid-2023. By 2026, 60% of new SD-WAN purchases will be
The revelation earlier this year that General Motors had been selling driver behavior patterns to data brokers, who in turn packaged and resold it to insurers, has led at least one of two major data brokers to shut down its related product. That data broker, Verisk, disclosed last month that it has stopped accepting data from car makers and no longer sells the information to insurers, according to the organization Privacy4Cars, which received the response after sending the data broker an inquir
The criminal hacking group ShinyHunters claims it has stolen information, including bank and credit card numbers and staff HR details, from 30 million customers and employees. The stolen information includes bank account data. The hackers belong to the same gang that recently hacked Ticketmaster. The hackers are now trying to sell what they claim is confidential information belonging to millions of Santander’s employees and customers.
Santander, which employs 200,000 staff worldwide, has confirm
In an effort to shore up its reputation in the West, TikTok has taken measures to stop a cyber-attack targeting several brands and celebrity accounts, including news network CNN. A spokesperson for the company said, "We have been collaborating closely with CNN to restore account access and implement enhanced security measures to safeguard their account moving forward." TikTok said the number of accounts compromised is "very small" and it is working with affected account owners to restore acces
Nearly 400,000 people had sensitive healthcare information stolen by hackers during a 2023 cyberattack on a company that supports eye clinics. Colorado-based Panorama Eyecare told regulators in Maine and Massachusetts that 377,911 current and former patients and employees had data stolen; including names, Social Security numbers, dates of birth, license numbers, financial account information, dates of service and medical provider names.
Panorama Eyecare owns or provides services to dozens of op
The US government announced on 05 June 2024 that it had filed a civil forfeiture action to recover more than $5.3 million lost by a Massachusetts workers union in a business email compromise (BEC) scam. The unnamed union in Dorchester lost the money in January 2023 when cybercriminals sent it an email that appeared to come from a trusted investment consulting firm. The scammers used a spoofed email address to trick the workers union into believing that the investment consulting firm was reque
A recent post on ClearanceJobs (https://www.clearancejobs.com), the most significant career network for professionals with federal government security clearance, listed the "10 Highest Paying Tech Jobs in 2024 and Beyond."
What was interesting: 1) The number of these jobs that did not exist 10, five, or even one or two years ago; and 2) How many of the roles are tied to cybersecurity directly or indirectly.[1]
Here is the list (you can check the link above for specific job details):
- Data Scient
The Spam and Open Relay Blocking System (SORBS), a long-time source of information on known sources of spam, widely used to create blocklists, has been shut down by its owner, cyber security software vendor Proofpoint. SORBS provided free access to a DNS-based Block List (DNSBL) that lists over 12 million host servers known to disseminate spam, phishing attacks and other email nasties. The service states its list "typically includes email servers suspected of sending or relaying spam, servers
As the 2024 Paris Summer Olympics approach, a sophisticated Russian disinformation campaign is in high gear to sow confusion, undermine the Games, and dissuade spectators from attending. This is according to a new report from the Microsoft Threat Analysis Center (MTAC) that outlines extensive malign influence efforts emanating from Russia-aligned actors. "In just under three months, after traversing more than 3,000 miles across 450 French towns, the Olympic flame will be lit at the Opening Cer
LightSpy is a modular surveillance framework that can be used to steal a variety of data, including files, screenshots, mobile location data, or even messenger data from apps like Telegram. It was first documented by TrendMicro and Kapersky in 2020 as an iOS implant. At the time, LightSpy would spread through a watering hole method, which is to say that targets would be directed to pages mimicking local news sites. An example page can be seen in the image below. The APT group said to be resp
In April of this year, a cyberattack on a large telecommunications company has been claimed by a ransomware gang that is gaining momentum as a cybercriminal operation. On 1 June, the RansomHub operation posted Frontier Communications to its leak site claiming to have sensitive information of more than 2 million people. The group claimed it spent more than two months attempting to extort the company but never got a response. Frontier did not respond to requests for comment but reported a cyber
It is being reported that Apple has declined to issue a bug bounty to the Russian cybersecurity company Kaspersky Lab. This after it disclosed four zero-day vulnerabilities in iPhone software that were allegedly used to spy on Kaspersky employees as well as Russian diplomats.
A spokesperson for Kaspersky Lab said that the company’s research team considered their work “eligible for Bug Bounty rewards from Apple. However, when asked about it, we received a decline from the Apple Security team ref
In an increasingly interconnected world, supply chain attacks have emerged as a formidable threat, compromising not just individual organizations but the broader digital ecosystem. The web of interdependencies among businesses, especially for software and IT vendors, provides fertile ground for cybercriminals to exploit vulnerabilities. By targeting one weak link in the supply chain, threat actors can gain unauthorized access to sensitive information and can conduct malicious activities with s
Law enforcement agencies in the United States and Europe announced on 30 May Operation Endgame, a coordinated action against some of the most popular cybercrime platforms for delivering ransomware and data-stealing malware. Titled: “the largest ever operation against botnets,” the international effort is being billed as the opening salvo in an ongoing campaign targeting advanced malware “droppers” or “loaders” like IcedID, Smokeloader and Trickbot.
Link to full report: IR-24-151-001_OPendgame.p
FortiGuard Labs has recently identified a sophisticated cyberattack involving an Excel file embedded with a VBA macro designed to deploy a DLL file. The attacker uses a multi-stage malware strategy to deliver the notorious "Cobalt Strike" payload and establish communication with a command and control (C2) server. This attack employs various evasion techniques to ensure successful payload delivery.
Over the past few years, Ukraine has been a significant target due to its geopolitical situation
What would it take for someone to hack a tank? Modern Western militaries may well be about to find out. The militaries of the United States, Germany, France, the United Kingdom, Australia, and other powers are contemplating the gradual introduction of electric vehicles into their motorized fleets. These initiatives are linked to national decarbonization strategies and are also meant to modernize these fleets for the future of warfare. However, electrification also entails an important and un
Live Nation, the parent company of Ticketmaster, revealed Friday evening that it was the victim of a cyber-attack that compromised user data. The company said in a filing with the U.S. Securities and Exchange Commission that it discovered an "unauthorized activity within a third-party cloud database," on May 20 and promptly launched an investigation.
A week later, "a criminal threat actor offered Live Nation what it alleged was user data for sale via the dark web, according to the filing. "As
On 1 May 2024 the CEO of United Health Group was invited to Washington, DC to spend the day getting raked over the coals by US Senator Ron Wyden (D-Oregon) Chairman of the Senate Finance Committee and others at a meeting titled “Hacking America’s Health Care: Assessing the Change Healthcare Cyber Attack and What’s Next.” Wyden set the tone early when he described the UNH cyber incident this way, “The Change Healthcare hack is considered by many to be the biggest cybersecurity disruption to heal
