All Articles (2242)

Sort by

12238984872?profile=RESIZE_400xThe US Federal Bureau of Investigation (FBI) is warning of a new trend of dual ransomware attacks targeting the same victims, at least since July 2023.  "During these attacks, cyber threat actors deployed two different ransomware variants against victim companies from the following variants: AvosLocker, Diamond, Hive, Karakurt, LockBit, Quantum, and Royal," the FBI said in an alert. "Variants were deployed in various combinations."

See:  https://www.ic3.gov/Media/News/2023/230928.pdf

Not much is

12238277289?profile=RESIZE_400xThe US Democratic-backed AI Accountability Act of 2023 gives the US Federal Trade Commission (FTC) new authority and a new office to regulate how AI algorithms make critical decisions on housing, healthcare.  Democrats in the House and Senate are teaming up on legislation to give the federal government new authority to regulate artificial intelligence in “high-impact” use scenarios.

See:  https://redskyalliance.org/xindustry/regulation-v-innovation

The Algorithmic Accountability Act of 2023, int

12236323458?profile=RESIZE_400xRecently identified Xenomorph Android banking trojan samples show an expanded target list that now includes North American users.  Initially detailed in February 2022 and likely linked to the infamous banking trojan Alien, Xenomorph relies on overlays to steal users’ personal and login information.  It can also intercept notifications and SMS messages to bypass two-factor authentication.

See:  https://redskyalliance.org/intel-reports/intelligence-report-weekly-data-and-threats-04-20-2023

The mal

12234694483?profile=RESIZE_400xA US government shutdown affects about 800,000 federal employees out of 1.8 million full-time civil servants.  About 380,000 are furloughed, meaning they cannot work or get paid.  The rest are working without pay.  A government shutdown can cause financial hardship for many federal employees, who may have to use their savings to survive while furloughed.

Nearly 85% of US cybersecurity agency CISA staff may be sent home at the end of the week as a government shutdown looms.  The US government wil

12234155285?profile=RESIZE_400x"The production lines are at a standstill everywhere." The problems at VW were bigger than initially thought: The IT disruption is not only global, it also affects Audi in addition to Volkswagen.  An update from 27 September:  The disruption at Volkswagen (VW) seems bigger than initially known and it does not only affect the Volkswagen production facilities.  The VW subsidiary Audi and Porsche were also affected by the IT disruption, as an Audi spokeswoman admitted.  The extent to which this is

12233589864?profile=RESIZE_400xThe National Student Clearinghouse (NSC) reported that nearly 900 colleges and universities across the US had data stolen during attacks by a Russia-based ransomware gang exploiting the popular MOVEit file-sharing tool.  The nonprofit manages educational reporting, data exchange, verification, and research services for 3,600 colleges and universities as well as 22,000 high schools.

In June of this year, the organization first confirmed that it was affected by exploitation of the tool, which was

12233630458?profile=RESIZE_400xRetch is a new ransomware variant first discovered in mid-August 2023.  It encrypts files on compromised machines and leaves two ransom notes asking victims to pay a ransom for file decryption.

Infection Vector - Information about the infection vector used by the Retch ransomware threat actor is not currently available.  However, it is unlikely to be significantly different from other ransomware groups.[1]  Retch ransomware samples have been submitted to a public file scanning service from the f

12232997895?profile=RESIZE_180x180Fear, ignorance and forgetfulness are some of the reasons for widespread shortcomings in reporting cyber-attacks and breaches, both internally and externally, according to a new global survey conducted by Keeper Security.

The study, Cybersecurity Disasters Survey Incident Reporting & Disclosure, was published on September 26, 2023.  It found that, despite cyber-attacks being top of mind for IT and security leaders 40% of them said they had experienced one and 74% admitted they were concerned abo

12232542855?profile=RESIZE_400xIt was 8:30 a.m. last Friday before a long weekend when Missouri's state court system learned it might have a cyber problem.  IT staff discovered the state court system's cybersecurity software had detected unusual activity coming from a system administrator's account at 2 am, well outside business hours.  Also suspicious?  That system admin was on vacation, said the director of IT services for Missouri State Courts, during the recent National Center for State Courts' (NCSC) Court Technology Con

12229154274?profile=RESIZE_400xEmerging technology in the maritime arena is being used for tracking emissions, avoiding collisions and route planning, but lawyers are circling the technology, a recent seminar reported.  The rapid expansion of artificial intelligence (AI) faces major stumbling blocks in shipping, where more than 80% of large vessels barely have enough communications capacity to send an email, a seminar heard on 19 September.

The use of problem-solving AI has the potential to cut costs in the coming decades, bu

12229304882?profile=RESIZE_400xThe Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have released a this joint CSA to disseminate known ransomware IOCs and TTPs associated with the Snatch ransomware variant.  

Since mid-2021, Snatch threat actors have consistently evolved their tactics to take advantage of current trends in the cybercriminal space and leveraged successes of other ransomware variants’ operations.  Snatch threat actors have targeted a wide range of critical i

12229283293?profile=RESIZE_400xAfter years of spouting the need in an ease of reporting suspicious activity, I see the US Department of Homeland Security (DHS) now floating several new ideas for how to make federal cyber incident reporting rules ‘simpler’ for victim organizations — including the concept of a single reporting web portal.  Not a new concept, but a wise one. 

There are currently 52 in-effect or proposed federal cyber incident reporting requirements.  As part of the cyber incident reporting bill that was signed i

12228600055?profile=RESIZE_400xLaw enforcement officials in Finland worked with Europol and a cybersecurity firm to take down a dark web marketplace called PIILOPUOTI.  The platform had operated on the Tor Network since May 2022 as a way for people to smuggle and sell drugs as well as paraphernalia into Finland, according to a statement from Finnish Customs.  “The criminal investigation is still underway.  At this point, Finnish Customs and our international cooperation partners will not provide any further information on the

12229197875?profile=RESIZE_400xFortiGuard Labs researchers recently captured a phishing campaign that spreads a new Agent Tesla variant. This well-known malware family uses a .Net-based Remote Access Trojan (RAT) and data stealer to gain initial access. It is often used for Malware-as-a-Service (MaaS).
An in-depth analysis of this campaign was performed, from the initial phishing email to the actions of Agent Tesla installed on the victim’s machine to collect sensitive information from the affected device. In this analysis, y

12227241298?profile=RESIZE_400xThe media is full of stories about cyber threats, attacks, and ransomware demands, and why is this the norm?   Digital transformation creates larger data estates, opening new avenues of attack for cybercriminals.  Bad actors’ tactics are sophisticated and constantly evolving, making it difficult for companies to stay ahead of emerging threats.  Cyber threat intelligence gives businesses the information and capabilities they need to refine their defenses continually.

Targeted cyber threat intelli

12227252865?profile=RESIZE_400xThe Iranian threat actor Charming Kitten has been linked to a new wave of attacks targeting different entities in Brazil, Israel, and the UAE using a previously undocumented backdoor named Sponsor.  Cybersecurity investigators are tracking the cluster under the name Ballistic Bobcat.  Victimology patterns suggest that the group primarily singles out education, government, healthcare organizations, human rights activists, and journalists.  At least 34 victims of Sponsor have been detected to date

12228654674?profile=RESIZE_400x

Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate

By J.P. Atwell, Former Sr. CIA Operations Officer
Originally published in the Hawaii Tribune-Herald on 04 June 2023.
https://www.hawaiitribune-herald.com/

Many people’s understanding of the CIA comes from entertainment (Hollywood) and “Infotainment” (social media, high-bias “news” television channels). For others, an occasional documentary (of varying credibility) or a solid news report (typically highlighting the odd operational failure) rounds out their knowledge of an organization that is by

12227366685?profile=RESIZE_400xCyber security refers to every aspect of protecting a company or organization as well as its employees and assets from online threats.  For all of us in animal agriculture, cybersecurity is no longer just about avoiding those sketchy phishing emails or resetting our passwords.  It’s about being aware of our online presence and how that may make us vulnerable to individuals or groups looking to gain access to sensitive information with the intent to target our farms or companies.[1]

Recently, the

04fa13581727e599d809924588162137be.jpg?profile=RESIZE_180x180Clorox (CLX) warned it is still dealing with the fallout from a recent cyberattack, saying the hack will have a significant effect on its current quarter results.

Key Takeaways:

  • Clorox said a cyberattack last month will have a material impact on current quarter results.
  • The hack damaged portions of the company's IT systems, and it switched to manual ordering and processing procedures.
  • Because of the attack, Clorox said it couldn't give a fiscal year outlook.
  • The attack, first discovered Aug. 14