All Articles (2242)

Sort by

12163861074?profile=RESIZE_400xAccording to IBM’s Cost of a Data Breach Report 2022, the global average total cost of a data breach increased by USD 0.11 million to USD 4.35 million in 2022, the highest it's been in the history of this report.  The increase from USD 4.24 million in the 2021 report to USD 4.35 million in the 2022 report represents a 2.6% increase.

See:  https://www.ibm.com/reports/data-breach

In addition to the financial costs the US Government has additional timed reporting planned for all publicly held compa

12198874686?profile=RESIZE_400xThe operators of the infamous Raccoon malware announced their return this week after a six-month hiatus from hacker forums following the arrest of an administrator.   "We are happy to return with new strength and understanding of our mistakes," they said in a statement.

Raccoon is a highly popular info-stealing malware-as-a-service sold on dark web forums.  It has been praised for its simplicity and customization.  The malware targets popular browsers and desktop cryptocurrency wallets to steal

12198530279?profile=RESIZE_400xClorox announced a cybersecurity incident this week that forced it to take several systems offline.  The company, which reported more than $7 billion in earnings in 2022 through its namesake cleaning product and several others like Pine Sol, Burt’s Bees and more, reported the incident in regulatory filings with the US Securities and Exchange Commission (SEC) on 14 August.  “The Clorox Company has identified unauthorized activity on some of its Information Technology (IT) systems.  After becoming

12198869059?profile=RESIZE_180x180A group of academics has devised a "deep learning-based acoustic side-channel attack" that can be used to classify laptop keystrokes recorded using a nearby phone with 95% accuracy.  "When trained on keystrokes recorded using the video conferencing software Zoom, an accuracy of 93% was achieved, a new best for the medium," researchers Joshua Harrison, Ehsan Toreini, and Maryam Mehrnezhad said in a new study.

Side-channel attacks refer to a class of security exploits that aim to glean insights fr

12198596881?profile=RESIZE_400x

Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate

12198576665?profile=RESIZE_400xPython Package Index (PyPI) packages have become a common way for threat actors to post malware that unsuspecting victims may download.  The FortiGuard Labs team has been monitoring this attack vector for some time and, earlier this year, began posting a monthly update of the zero-day attacks we have discovered.  Recently, FortiGuard introduced a new AI engine to our OSS supply chain attack hunting system.  Researchers have discovered several new zero-day PyPI attacks using this AI engine assist

12189842464?profile=RESIZE_400xI just returned from visiting family and friends in the Cleveland Ohio area.  One Saturday morning, I stopped for coffee at a Starbucks, located at Croker Park shopping center.  This shopping tends to attract high-end shoppers.  I was there only because I was meeting a friend who lived nearby.  I’m far from a high-end shopper.  I then saw a robot cruise by and had to take a pic of this futuristic “security guard.”

A robot designed to fight crime and keep citizens safe in Westlake Ohio, was unvei

12190036889?profile=RESIZE_400xIn recent years, there has been a growing debate about the legality and risks of using leaked ransomware data for competitor intelligence. Some people argue that it is perfectly legal, while others believe it is a form of cyber espionage and should be illegal.  The legal status of using leaked ransomware data is complex. It depends on a few factors, including the jurisdiction in which the data was obtained, the purpose for which it is being used, and the type of data being used.

No specific law

12187442288?profile=RESIZE_400xNo, the current US presidential administration has not created a game show, but it has launched a competition offering millions of dollars in prize money for creating new artificial intelligence systems that can defend critical software from hackers.  Competitors vying for some of the $18.5 million in prize money will need to design novel AI systems that quickly find and fix software vulnerabilities in electric grids, subways or other key networks that could be exploited by hackers, a Biden admi

12189122852?profile=RESIZE_400xIn recent years the rise of illicit activities conducted within online messaging platforms has become a growing concern for countless industries.  Telegram is one of the most notable platforms that has been host to many malicious actors and nefarious activities.  Thanks to its accessibility, popularity, and user anonymity, Telegram has attracted many threat actors driven by criminal purposes.[1]

Many cybercriminals have moved operations into illicit telegram channels to expand their reach and ex

12189119877?profile=RESIZE_400xVoyager Space and Airbus Defense and Space are expanding their relationship via a new joint venture (JV) focused on the design, build, and operation of the Starlab commercial space station.  The two companies recently announced they will partner on Voyager’s Starlab space station in January 2024, saying that Airbus would provide “technical design support and expertise.” Still, little else was disclosed at the time.  Today’s news marks a considerable uptick in commitment from Airbus and a signal

12185127080?profile=RESIZE_400xJust recently, I have the opportunity to view a behind-the-scenes tour of security at Major Leage Baseball’s Fenway Park, home of the Boston Red Sox.  Even though the park is the oldest in major league baseball (1912), I was amazed in the use of high tech being employed in their security program.  Microsoft is now warning of the threat malicious cyber actors pose to stadium operations, warning that the cyber risk surface of live sporting events is "rapidly expanding."  "Information on athletic p

12187402493?profile=RESIZE_400xIntelligence agencies in Australia, Canada, New Zealand, the UK, and the US have published a list of the software vulnerabilities that were most frequently exploited in malicious attacks in 2022.  The Five Eyes agencies say, threat actors mainly targeted internet-facing systems that were not patched against older, known vulnerabilities, including flaws for which Proof-of-Concept (PoC) exploit code exists publicly.

“Malicious cyber actors generally have the most success exploiting known vulnerabi

12187383682?profile=RESIZE_400xCybersecurity researchers have discovered new malicious packages on the npm package registry that are designed to exfiltrate sensitive developer information.  The npm registry is a public database of JavaScript packages that developers use to contribute packages to the community or download packages for their own projects.  The default npm public registry is found at https://registry.npmjs.org. npm is configured to use this registry by default, but it can be configured to use any compatible regi

12187368280?profile=RESIZE_400xMultiple threat actors, including cybercrime groups and nation-state crews, leverage services offered by an obscure Iranian company called Cloudzy https://cloudzy.com.  Although Cloudzy is incorporated in the United States, it almost certainly operates out of Tehran, Iran, in possible violation of US sanctions under the direction of someone named Hassan Nozari.  The company acts as a command-and-control provider (C2P), which provides attackers with Remote Desktop Protocol (RDP) virtual private s

12185092076?profile=RESIZE_400xMicrosoft reported on 02 August 2023 that they caught a known Russian government-linked hacking group using its Microsoft Teams chat app to phish for credentials at targeted organizations.  According to a research report from their Threat Intelligence team, the hacking team is linked to the Foreign Intelligence Service of the Russian Federation (also known as the SVR) and has been caught targeting government, non-government organizations (NGOs), IT services, technology, discrete manufacturing, a

12185081291?profile=RESIZE_400xMultiple vulnerabilities have been discovered in Microsoft products, the most severe of which could allow for remote code execution in the context of the logged-on user. Depending on the privileges associated with the user, an attacker could install programs; view, change, or delete data; or create new accounts with full user rights.  Users whose accounts are configured to have fewer user rights on the system could be less impacted than those with administrative user rights.[1]

THREAT INTELLIGEN

12185067857?profile=RESIZE_400xThe phishing-as-a-service platform 16shop was taken down on 8 August as part of a global investigation led by Interpol.  Law enforcement arrested a 21-year-old Indonesian man accused of administering the platform, along with two other individuals involved in its operation: one in Indonesia and one in Japan.  The police also confiscated electronic devices and several luxury items belonging to the suspects.

According to a report from cybersecurity firm Group-IB, which was involved in the takedown,

12167769290?profile=RESIZE_400xIn recent news, the cloud-based IT management service JumpCloud publicly shared details gathered from the investigation into an intrusion on their network. Alongside the updated details, the organization shared a list of associated indicators of compromise (IOCs), noting attribution to an unnamed “sophisticated nation-state sponsored threat actor.”  Reviewing the newly released indicators of compromise, we associate the cluster of threat activity to a North Korean state sponsored APT.[1]  The IO

12176570270?profile=RESIZE_180x180The White House is bringing in AI’s top seven companies to make voluntary promises (really, we can trust them) to protect users.  The companies Amazon, Anthropic, Google, Inflection, Meta, Microsoft, and OpenAI have all agreed to a series of asks from the White House to address many of the risks posed by artificial intelligence.vvThe promises consist of investments in cybersecurity, discrimination research, and a new watermarking system informing users when content is AI-generated.  What else wi