In September 2024, researchers observed an attack using the notorious SmokeLoader malware to target companies in Taiwan, including those in manufacturing, healthcare, information technology, and other sectors. SmokeLoader is well-known for its versatility and advanced evasion techniques, and its modular design allows it to perform a wide range of attacks. While SmokeLoader primarily serves as a downloader to deliver other malware, in this case, it carries out the attack itself by downloading pl
All Articles (2779)
Sort by
FortiGuard Labs gathers data on ransomware variants of interest that are gaining traction within its datasets and the OSINT community. The report below provides brief insights into the evolving ransomware landscape.
Interlock Ransomware Overview - Interlock is a new ransomware variant that was first publicly discovered in an available file-scanning site in early October 2024. This could indicate that the ransomware emerged as early as September. The Interlock ransomware comes in Windows and Free
A ransomware attack on supply chain software firm Blue Yonder in turn hit a dozen big names in food and retail with business disruptions, Starbucks and Walgreens among them. The software is widely used by a range of Fortune 500 companies, and the full list of potentially impacted victims remains unclear. Companies such as grocery giant Kroger (and its recently acquired subsidiary Albertsons), Anheuser-Busch and Ford are known to use the software but have not confirmed any impact as of yet. Se
Network-attached storage devices like NetApp contain volumes of data which are vital to business operations. With broad access available to so many users, protecting NetApp storage from malware is critical to operational stability and integrity. Organizations worldwide face increasingly sophisticated threat actors. AI-powered threat detection can level the playing field, protect business data, and stop attacks before they begin.
The Challenge - Legacy AV solutions have long dominated storage s
Two Internet cables between Germany and Finland, as well as between Lithuania and Sweden, have experienced sudden outages. Located in northern Europe, the Baltic Sea is an active commercial shipping route ringed by nine countries, including Russia. The affected countries, all members of NATO, say that it is unlikely to be accidental. This happened in the same waterway in which a significant gas pipeline and other underground cables were previously damaged in mysterious circumstances in 2022. No,
Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments. Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate
After being deported from South Korea, a Russian cybercriminal leader has made his first appearance in the US District Court for the District of Maryland to face his charges. Evgenii Ptitsyn, 42, is a Russian national who allegedly administered the sale, distribution, and operation of Phobos ransomware, which has been used against more than 1,000 victims, including public and private entities in the United States and globally. According to the indictment, its affiliates have extorted ransom paym
The US Coast Guard has issued a second security directive warning that Chinese ship-to-shore cranes used widely in the United States pose a cybersecurity risk. Maritime Security Directive 105-5 calls on port operators to take “risk management” measures to mitigate the threats.
Built-in vulnerabilities for remote access and control of the cranes “combined with intelligence regarding China’s interest in disrupting US critical infrastructure, necessitate immediate action,” according to a portion of
The US Department of Justice is reportedly seeking to force Google to sell Chrome, according to Bloomberg. Prying the browser from the rest of the company is only one of the measures the DOJ will ask the courts to enforce, following a ruling that the company maintained an illegal search monopoly. While ripping Chrome from Google might seem a relatively simple measure, there are a huge number of complicating factors that make it a trickier operation than it might first appear, factors that cou
CyberVolk is a politically motivated hacktivist collective that launched its own RaaS in June 2024. The group uses DDoS and ransomware attacks to undermine and disrupt the operations of those opposed to Russian interests.
The group has become an increasingly prominent player within the cybercrime ecosystem, adapting and repurposing existing commodity malware to advance its causes. Highly skilled actors within the collective expand and revise such tools, effectively making them more sophisticated
Most people watch online scams, but if you are not careful, you might do the scammers' work for them. A new study from GenDigital, the company behind cybersecurity brands like Norton, Avast, LifeLock, AVG, ReputationDefender, and CCleaner, shines some light on "scam yourself" attacks that are on the rise dramatically. Instead of using other nefarious methods, these scams rely on social engineering to get people to download malware themselves.
Gen says millions of people have fallen for these sca
A skilled and prolific hacker has been given a five-year sentence on 14 November 2024 for laundering the proceeds of one of the biggest ever crypto-currency thefts. His crime involved the 2016 theft of a reported 120,000 bitcoins from cryptocurrency exchange Bitfinex, worth over $9bn at today's heightened exchange rate. Ilya Lictenstein has been sentenced to five years in jail after he attempted to launder the money with the help of his wife Heather Morgan, who used the alias 'Razzlekhan' to
The country's National Cyber Security Centre (NCSC) has uncovered a new malware campaign targeting Swiss residents through fake postal letters. The scam involves fraudulent correspondence disguised as official communication from MeteoSwiss, the Federal Office of Meteorology and Climatology. It urges recipients to scan a QR code and download a malicious weather app for Android devices.
See: https://redskyalliance.org/xindustry/malicious-qr-codes
The fake “Severe Weather Warning App” app mimics t
Happy Thanksgiving – lets go shopping. As we head into the rush of the holiday season, it can be easy to pay less attention to certain details like ADs promoting excessive discounts, unusual web addresses and text messages about undeliverable packages, which can all be signs of online shopping scams. Between October and December 2023, $95.2 million in losses from online shopping scams were reported to the US Federal Trade Commission by consumers, according to the New York State Department of S
Efforts by the US DHS, Transportation Security Administration (TSA) to address cybersecurity issues faced significant criticism this week from government watchdogs, members of Congress and regulated companies. A US Government Accountability Office (GAO) report last week said four of the six cybersecurity recommendations made to TSA since 2018 have still not been addressed, including one centered around the agency’s efforts to protect companies from ransomware. “For example, in January 2024, GA
So, the other day, I was walking down our main street, and I noticed a girl wearing bell-bottom pants. Wow, that takes me back to the late 1960s and into the ’70s. Everyone was wearing bell-bottom pants back then. I even had a few pairs myself. In truth, that fad started with sailors wearing bell-bottom pants. The British Navy began the “fad” in 1813, and the US Navy followed close behind. Was this fad coming back? Well, what is old often becomes new again. BTW, Wrangler sells women’s bellbottom
As many are preparing for the holiday season, the US DHS, Transportation Security Administration (TSA) is projecting record-breaking travel for Thanksgiving in the next three (3) days. TSA is prepared to screen more than 18 million people from Tuesday, 26 November, to Monday, 2 December, a 6% increase from last year. Passenger volumes reached a record high in 2024, too, with a 17% increase from 2022.
TSA believes the three busiest days will be Tuesday and Wednesday before Thanksgiving and Sund
Law enforcement officials warn that securely stored iPhones awaiting forensic examination are mysteriously rebooting, making them much more challenging to unlock, per a document obtained by 404 Media. 404 Media obtained the document from a mobile forensics source and verified it with another source. The document notes that some iPhones in a forensics lab, including those in Airplane mode or a Faraday box, rebooted unexpectedly, losing their “After First Unlock” (AFU) state. iPhones in an “After
Back in the 1960’s there was a comedy show where a character played by Flip Wilson used to say, “The devil made me do it.” This was all tongue in cheek and made people laugh, but this recent revelation, if true, is not so funny. Google’s Gemini AI Chatbot faces backlash after multiple incidents of it telling users to die, raising concerns about AI safety, response accuracy, and ethical guardrails. AI chatbots have become integral tools, assisting with daily tasks, content creation, and advice
The operator of the cryptocurrency mixing service Helix was sentenced to three years in prison last week. Akron, Ohio native Larry Dean Harmon, 41, pleaded guilty in 2021 to conspiracy to commit money laundering. A US Justice Department spokesperson did not respond to requests for comment about why the sentencing took place three years after the deal was agreed to. It is unclear whether Harmon will be released this year. In addition to his term in prison, Harmon was sentenced to three years
