All Articles (2242)

Sort by

12264339270?profile=RESIZE_400xA multistate lawsuit against software company Blackbaud has been settled, according to the North Carolina Attorney General’s office.  North Carolina Attorney General Josh Stein recently announced the $49.5 million settlement with Blackbaud.  Multiple states had brought a suit against the software company for its deficient data security practices and response to a 2020 ransomware attack that exposed the personal information of millions of people across the country.  Why is this Important?

The Nor

12264247482?profile=RESIZE_400xUkrainian hackers collaborated with the country's security services, the SBU, to breach Russia's largest private bank, a source within the department confirmed to Recorded Future News.  Last week, two groups of pro-Ukrainian hackers, KibOrg and NLB, hacked into Alfa-Bank and claimed to obtain the data of more than 30 million customers, including their names, dates of birth, account numbers, and phone numbers, according to a post on their official website.

Alfa-Bank was sanctioned by the United S

12264379886?profile=RESIZE_400xSentinelLabs has provided a timely report on the current cyber posture regarding the Israel-Hamas War.  Since the start of the Israel-Hamas war, the cyber domain has played a critical role in the conflict, albeit in ways the world may not have expected. Immediately following the attacks from Hamas on 7 October, social media became a hotbed of disinformation, inaccurate self-described OSINT investigators, and public confusion.  Unfortunately, leading social media platforms failed to stop the spre

12264332264?profile=RESIZE_400xUsing a trending item as a malicious lure is relatively common; to do it in a period of military conflict and deliberately target users in the affected region is a different step.  Recently, a genuine app: RedAlert - Rocket Alerts, has been popular among users in the Israel and Gaza region, since it allows individuals to receive timely and precise alerts about incoming airstrikes.  However, a malicious, spoofed version of the app was detected last week, which collected personal information inclu

12269932086?profile=RESIZE_400xThe hackers behind the ransomware attack that crippled operations at MGM Resorts are “one of the most dangerous financial criminal groups” currently operating, researchers at Microsoft said last week.  In a blog, the researchers explained the tactics used by Octo Tempest, a group also known as Scattered Spider, 0ktapus or UNC3944.

The group has been in the limelight since its attack on MGM Resorts left parts of Las Vegas paralyzed for days and cost the casino giant an estimated $100 million.  Th

12263661693?profile=RESIZE_400xIn a world driven by connectivity and digitalization, the maritime industry is not immune to the growing threat of cyberattacks.  A recent report by Thetius, law firm HFW, and maritime cybersecurity company CyberOwl reveals a sobering truth: the average cost of a cyberattack in the maritime sector has soared to $550,000, a threefold increase from $182,000 in 2022.  Moreover, ransom demands have skyrocketed by more than 350%, with an average payment of $3.2 million, up from $3.1 million the previ

12264243686?profile=RESIZE_400xA new information stealer named ExelaStealer has become the latest one to become available to the hacker audience.  There are many choices available for off-the-shelf malware designed to capture sensitive data from compromised Windows systems.  ExelaStealer is a largely open-source infostealer with paid customizations available from the threat actor creator.

Written in Python and incorporating support for JavaScript, it comes fitted with capabilities to siphon passwords, Discord tokens, credit c

12263916864?profile=RESIZE_400xOkta Security has identified adversarial activity that leveraged access to a stolen credential to access Okta's support case management system.  The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases. It should be noted that the Okta support case management system is separate from the production Okta service, which is fully operational and has not been impacted. In addition, the Auth0/CIC case management system is not impacted by this incident.

12263649868?profile=RESIZE_400xUS officials say North Korea pulled off an elaborate plan to trick American companies into hiring thousands of skilled IT workers who later sent the money they earned back to be used for the country's weapons program.  The FBI and the Justice Department (DOJ) said they shut down 17 websites that were used by IT worker to "defraud US and foreign businesses, evade sanctions and fund the development of the Democratic People’s Republic of Korea government’s weapons program."  They also seized $1.5 m

12262852665?profile=RESIZE_400x

Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate

12260185500?profile=RESIZE_400xCYBERSECURITY BEST PRACTICES, MALWARE, PHISHING, AND RANSOMWARE, CYBER THREATS AND ADVISORIES

The link below provides is document is a one-stop resource to help organizations reduce the risk of ransomware incidents through best practices to detect, prevent, respond, and recover, including step-by-step approaches to address potential attacks.  This publication was developed through the Joint Ransomware Task Force (JRTF), an interagency body established by Congress in the Cyber Incident Reporting

12264371884?profile=RESIZE_400xThe advanced persistent threat (APT) actor known as ToddyCat has been linked to a new set of malicious tools that are designed for data exfiltration, offering a deeper insight into the hacking crew's tactics and capabilities.  ToddyCat is a Chinese APT actor who has launched a campaign against telecom and government sectors in Asian countries.  The campaign has been named “Stayin’ Alive.”  The Stayin' Alive campaign consists of mostly downloaders and loaders, some of which are used as an initial

12258206701?profile=RESIZE_400xA recent cyber security research project provided that Millennial and Gen Z office workers are more likely to have unsafe cybersecurity habits when compared to Gen X and older (those above 40 years of age).

This is true about performing password hygiene, clicking on phishing links and sharing devices with family and friends:

  • 38% of office workers under 40 use the same passwords on multiple devices, compared to 28% of office workers older than 40.
  • 34% of office workers under 40 shared work devic

12258730486?profile=RESIZE_400xThe United States and United Arab Emirates (UAE) have finalized an agreement that sets out how the two countries will cooperate on cybersecurity and digital resilience.  The memorandum of understanding signed by the Treasury Department and the UAE’s Cyber Security Council calls for increased information sharing about digital threats to the financial sector; more staff training and visits; and “competency-building activities” like joint online exercises, according to the Treasury.[1]

“As cyber-at

12258202469?profile=RESIZE_180x180Axiom Space https://www.axiomspace.com has selected an unconventional partner to assist in its development of spacesuits that will be worn by the next NASA astronauts to walk on the moon.  Prada https://www.prada.com will add style to future space missions.  Axiom Space and Prada, the Italian luxury fashion house, announced 04 October 2023 that they would collaborate on spacesuits Axiom is developing for use on Artemis missions, starting with Artemis 3 in 2025.  Axiom Space will take advantage o

12258758265?profile=RESIZE_400xColonial Pipeline said there has been no disruption to pipeline operations or their systems after a ransomware gang made several threats last Friday; yes Friday the 13th.  The company, which runs the largest pipeline system for refined oil products in the US, addressed claims made by the Ransomed.vc gang that data had been stolen from their systems.

“Colonial Pipeline is aware of unsubstantiated claims posted to an online forum that its system has been compromised by an unknown party.  After wor

12258816689?profile=RESIZE_400xThe Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint Cybersecurity Advisory (CSA) in response to the active exploitation of CVE-2023-22515.  This recently disclosed vulnerability affects certain versions of Atlassian Confluence Data Center and Server, enabling malicious cyber threat actors to obtain initial access to Confluence instances by creating unauthoriz

12258197096?profile=RESIZE_400xRecently a user on the social media platform X devised and successfully executed a plan that caused Bing Chat to solve a CAPTCHA filter.  CAPTCHA filters are visual puzzles that are easily solved by humans but difficult for automated programs.  This is to prevent applications like bots from filling out forms on the Internet.  Bing Chat is a public large-language model (LLM), similar to ChatGPT but hosted by Microsoft, which Denis Shiryaev, CEO of neural.love https://neural.love  was feeding a CA

12258182092?profile=RESIZE_400xIn a US Securities and Exchange Commission 8-K disclosure filing on 05 October 2023, MGM Resorts reported losing around $100 million after the 11 September 2023 breach incident.

In an open letter published recently, MGM CEO Bill Hornbuckle said that "the vast majority of our systems have been restored," adding, "We also believe that this attack is contained.  As part of our remediation efforts, we have rebuilt, restored, and further strengthened portions of our IT environment.[1]  We will offer

12258195093?profile=RESIZE_400xCybersecurity has always been a race between cybercriminals and defenders. Defense against attackers will improve to adapt to new threats, and then attackers respond by refining their tactics to find the next vulnerability in the defense.  It's one of the most dynamic environments in the world of computer science.

One of the most successful and increasingly prevalent ways of attack has come from social engineering, which is when criminals manipulate humans directly to gain access to confidential