Many say, "Let the snake grow long, and it'll eventually bite its tail." As it turns out, US auto dealerships do not enjoy full capitalism, especially when it is not in their favor. Franchised dealer groups and associations across ten US states are preparing for a legal battle against direct client sales by many automakers. An idea that many prospective car buyers would champion. Why deal with a pushy salesperson, when you can pick out the model of car and options; direct from the factory. Ac
All Articles (1953)
In cybersecurity defense, the use of automatic protection tools is half the assignment. The human element plays an increasingly important role. Scammers like to take shortcuts and know that it is easier to trick people than it is to exploit software or hardware. Any organization with a well-guarded security perimeter is an easy target, as long as its employees fall for phishing scams.
The problem reached new heights during the coronavirus pandemic. This situation for led to online panic tha
Interested in using ChatGPT? It’s all the rage. Information and instructions can be found here: https://openai.com/pricing You can establish and account and begin using the service. The following is an easy way to learn and understand its capabilities.[1]
See: https://redskyalliance.org/xindustry/a-chat-with-chatgpt
ChatGPT's advanced capabilities have created a huge demand, with the 'app' accumulating over 100 million users within two months of launching. One of the biggest standout featu
Red Sky Alliance would like to share a technical report through a recent joint Cybersecurity Advisory (CSA) as part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware.
Visit stopransomware.gov t
he US government released its National Cyber Security Strategy on 28 February 2023, detailing mandatory regulation on critical infrastructure vendors and endorsing a more aggressive ‘hack-back’ approach to dealing with foreign adversaries and ransomware actors. As previously reported, the White House plans to use regulation to “level the playing field” and shift liability to organizations that fail to make reasonable precautions to secure their software. “[While] voluntary approaches to critic
GoDaddy at https://www.godaddy.com is a leading web hosting company with 21 million users worldwide and many small businesses. It has been reported that a cyber group has gained access to its servers and installed malware. Part of the stolen data included employees’ and customers’ login credentials, and the flaw allowed attackers to install malware, which would redirect customers’ websites to malicious domains. According to reports, unidentified hackers stole the company’s source code.
A GoDaddy
In early September of 2022, we reported on a security incident that occurred at LastPass in late August. As a reminder, LastPass is a password manager, which is software intended to facilitate encrypted password storage with easy retrieval. Other popular password managers include BitWarden, Dashlane, and 1Password. LastPass is very possible among the more well-known password managers and has had several security incidents even before the incident we reported on in September. Unfortunately, t
For crypto investors who have not followed the news of thefts, exchange collapses, new government regulations and are prepared to lose their entire investment, here is some advice to follow. Hackers demand payment in crypto, participate in scams that lead to crypto theft directly, or target crypto trading companies. As an individual with funds in crypto, you are likely to encounter attempts of fraudulent investment schemes, giveaways, phishing attacks, and more mischief.
The “hook” of most inv
Repossessing a car has always been a dangerous operation. This is when a car owner stops paying their loan or lease and the car company comes out to take their property back. Looking out their bedroom window at 5AM in the morning, many delinquent car owners call the police thinking someone is stealing their car. Most reputable repossession businesses will contact the police prior to the actual repossession and thus the owner’s answer is not a positive one. But the bottom line is that the who
The US CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks - Actions to take today to harden your local environment:
- Establish a security baseline of normal network activity; tune network and host-based appliances to detect anomalous behavior.
- Conduct regular assessments to ensure appropriate procedures are created and can be followed by security staff and end users.
- Enforce phishing-resistant MFA to the greatest extent possible.
In 2022, the US Cybersecurity and
Buying a used car has always been somewhat of a gamble. Things are much better than in the past, but sketchy dealers are still out there and prey on unsuspecting buyers. In the old days, rolling back the odometer was relatively easy. Laws were then created and “some” of that fraudulent practice slowed. Now everything is electronic and hacking the odometer is a bit trickier. Or is it?
The on-line car buying company, CarFax, shares some pointers about this type used car sales fraud: “Many peo
Organizations are generating and storing an increasing amount of digital data. Protecting this information from unauthorized access, theft, or damage is critical. The Chief Information Security Officer (CISO) is responsible for ensuring that an organization’s sensitive data is appropriately secured and protected from potential threats. In the below analysis, we see the various types of data that CISOs and other business leaders need to protect while working together to do so, along with tangib
The current Ukraine crisis has revealed the willingness of state and non-state actors to involve themselves in conducting attacks of various degrees of severity and frequency. Notably, hacktivists and cybercriminal groups have joined the conflict extending beyond the borders of the two primary combatants, with cyberattacks targeting those governments and private sector organizations perceived to be supporting the other side. Patriotic hacktivism is not necessarily new, especially in troubled a
The economic downturn predicted for 2023 will lead to layoffs but cybersecurity workers will be least affected, says the latest (ISC)² report. Also, as soon as things get better, they will likely be the first ones to get (re)hired. Execs have finally realized the importance of cyber security.
There have been massive layoffs by tech and other companies in the last few months. In December 2022, (ISC)² polled 1,000 C-suite executives from Germany, Japan, Singapore, the UK and the US about whether
Back in the late 1960’s there was a film called, The Good, the Bad and the Ugly. It was a story of three outlaw cowboys who exhibited these three moral traits. Sentinel Labs are now sharing a story of the modern day The Good, the Bad and the Ugly.
The Good - The man behind the development and sale of the NLBrute password-hacking tool was extradited to the United States this week. Known by his alias, dpxaker, US officials charged Russian national Dariy Pankov with computer and access device fr
The US Marshals Service (USMS) is investigating a major ransomware attack that has compromised some of its most sensitive information, including law enforcement materials, and the personal information of employees and potential targets of federal investigations. The cyberattack was considered a "major incident" by officials, impacting a "stand-alone" system (meaning it is not connected to a larger federal network) within the service, an agency spokesperson said Monday. The attack was discovere
Technology has long been seen as a source of disruption to our lives, communities, and civilizations, provoking disruptive change at all scales, from individuals' routine daily activities to dramatic competition between global superpowers. This disruption can have positive and negative effects, although often unevenly distributed across different groups. New technologies, including Artificial Intelligence, Quantum computing, ChatGPT, and social media, have transformed the intelligence communit
Remote working brings benefits for employees, but by working from outside the company's internal network, there's also the added threat that employees are left more vulnerable to cyberattacks. And if hackers can compromise a remote employee by stealing their corporate username and password, or infecting their computer with malware, it could become a costly network security risk for the entire organization.[1]
Data breaches, phishing campaigns, ransomware attacks, and business email compromise
The Canadian military has discovered Chinese spy buoys in the Arctic which allegedly are monitoring US submarines and melting ice sheets. Such "activity is not new,” Canadian defense minister said in recent televised remarks, implying that China has been engaging in surveillance efforts in the region for some time.[1] Russia has long sought an Arctic trade route to create shorter vessel travel to Europe. Seems the Chinese may have the same idea, and oh; spy on its adversaries.
Officials descr
A 28-year-old Russian malware developer was extradited to the US where he could face up to 47 years in federal prison for allegedly creating and selling a malicious password-cracking tool. Dariy Pankov, also known as “dpxaker,” developed what the US Department of Justice (DOJ) called “powerful” password-cracking program that he marketed and sold to other cyber criminals for a small bitcoin fee. This case as reported by Recorded Future.
The tool called NLBrute, is a so-called brute-forcing tool