Maintaining today’s digital acceleration takes time, effort, and scrutiny. Adding new tools and investments increases the complexity and vulnerability of enterprise security environments, exposing gaps in communication and collaboration, creating siloed systems, and slowing response times. Securing the enterprise against today’s increasingly sophisticated threat landscape calls for a cybersecurity platform architecture automated for operational efficiency, a security architecture broad enough
All Articles (2539)
A trio of influential artificial intelligence leaders testified at a congressional hearing on 25 July 2023, warning that the frantic pace of AI development could lead to serious harms within the next few years, such as rogue states or terrorists using the tech to create bioweapons.
See: https://redskyalliance.org/xindustry/ai-and-its-hazards
Yoshua Bengio, an AI professor at the University of Montreal who is known as one of the fathers of modern AI science, said the United States should push fo
Maintaining today’s digital acceleration takes time, effort, and scrutiny. Adding new tools and investments increases the complexity and vulnerability of enterprise security environments, exposing gaps in communication and collaboration, creating siloed systems, and slowing response times. Securing the enterprise against today’s increasingly sophisticated threat landscape calls for a cybersecurity platform architecture automated for operational efficiency, a security architecture broad enough
The head of Russia’s space agency has extended an offer to Moscow’s partners in the BRICS group Brazil, India, China, and South Africa to participate in constructing a joint module for its planned orbital space station, state media reported on 24 July 2023.
See: https://redskyalliance.org/xindustry/the-brics
Construction of the planned space station follows Moscow’s decision last year to end its decades-long partnership with NASA and withdraw from the aging International Space Station, one of th
People interested in physical fitness and losing a couple of pounds have one more thing to worry about besides a visit to the bathroom scale. Internet-connected Peloton fitness equipment is plagued with numerous security issues that could allow attackers to obtain device information or deploy malware.
An analysis of the software running on the Peloton Treadmill has revealed exposure to security risks associated with Android devices that are not updated to the most recent platform iterations, as
The Lazarus Group is North Korean state sponsored cybercrime group and they have been credited, in one way or another, with a recent social engineering campaign targeting developers on GitHub. They are said to have been created by the North Korean government as early as 2007 and they are a part of the RGB, which is North Korea’s primary foreign intelligence agency. “Lazarus Group” would appear to be the primary identity of the group, but they do have several aliases such as Appleworm, Group 77
CHRO Daily has shared some cyber security matters that keep experts awake at night. Their goal was finding out what was top of mind for the world’s preeminent HR heads. Luckily, many leaders were willing to share their deepest motivations and frustrations of the job. Below are some of the more impactful answers CHRO Daily received about their most significant concerns and preoccupations in the space.[1]
These interviews have been edited and condensed for clarity.
Allison Rutledge-Parisi, senio
A deeper analysis of a recently discovered malware called Decoy Dog has revealed that it is a significant upgrade over the Pupy RAT, an open-source remote access trojan it is modeled on. It is written in Python. Malware of this type is used to gain remote control of a target computer. Threat actors have been observed using a legitimate a process that reports errors in Windows (and Windows applications) to distribute Pupy. RATs are designed to allow attackers to remotely control infected comput
Located at Groom Lake in the middle of the barren desert of southern Nevada, Area 51 is a U.S Air Force installation that has become infamous for a speculated connection with unidentified flying objects (UFOs). Conspiracy theories surrounding the base suggest that it is used for the testing of alien technology recovered from supposed crash sites, like the famous one in Roswell, New Mexico. This has been fueled by the fact that the base was a secret for many years and is still inaccessible to th
An Application Programming Interface (API) is a set of defined rules that enable different applications to communicate with each other. It acts as an intermediary layer that processes data transfers between systems, letting companies open their application data and functionality to external third-party developers, business partners, and internal departments.[1]
The definitions and protocols within an API help businesses connect the many applications they use in day-to-day operations, saving emp
The US Securities and Exchange Commission (SEC) this past week approved new rules that require publicly traded companies to publicize details of a cyber-attack within four days of identifying that it has a "material" impact on their finances, marking a major shift in how computer breaches are disclosed. "Whether a company loses a factory in a fire, or millions of files in a cybersecurity incident, it may be material to investors," the SEC chair said. "Currently, many public companies provide c
ChatGPT is a generative AI model that applies user inputs to train itself and continuously becomes more efficient. Because ChatGPT has accumulated many more user interactions since its launch, it should, in theory, be much smarter as time passes. Researchers from Stanford University and UC Berkeley conducted a study to analyze the improvement in ChatGPT's large language models over time, as the specifics of the update process are not publicly available. To experiment, the study tested both GP
MSMQ is a proprietary messaging protocol developed by Microsoft that allows applications running on separate computers to communicate in a failsafe manner. MSMQ ensures reliable delivery by placing messages that fail to reach their intended destination in a queue and then resending them once the destination is reachable. RabbitMQ is an open-source messaging queuing protocol similar to MSMQ.
The MSMQ service is hosted as a standalone Windows service under MQSVC.EXE. The MSMQ operation is implem
Google’s malware scanning platform VirusTotal published an recent apology after hundreds of individuals working for defense and intelligence agencies globally had their names and email addresses accidentally exposed by an employee.
In a public statement, VirusTotal said it apologized “for any concern or confusion” the exposure may have caused and said it took place on 29 June, when the employee accidentally uploaded a CSV file to the platform.[1] “This CSV file contained limited information of
Anyone can become a phishing attack expert on underground forums for as little as US$ 50. For about a year, a new Phishing-as-a-Service (PaaS) offering has been used to target Microsoft 365 accounts in the manufacturing, healthcare, technology, and real estate sectors, according to cyber threat researchers. Named ‘Greatness,’ the service has been used in several phishing campaigns since mid-2022, mainly targeting organizations in the US, with other victims in the UK, Australia, Canada, and Sou
Trend Micro has always taken extremely seriously its commitment to secure the connected, digital world. But we also know that in the fight against cybercrime, its resources are most effective when shared and combined with others working towards the same goals. That's why Trend Micro has no issues about teaming up with other security vendors, as well as academics and law enforcement agencies. Red Sky Alliance has always held this collaborative approach.
This "better together" approach has seen
This week, Rust-based file-encrypting ransomware was found to be impersonating the cybersecurity firm Sophos https://www.sophos.com as part of its operation. The malware named ‘SophosEncrypt’, the malware is being offered under the Ransomware-as-a-Service (RaaS) business model and appears to have already been used in malicious attacks. After several security researchers warned of the new RaaS, Sophos said it was aware of the brand's impersonation and was investigating the threat.
See: https:/
In 2019, a video surfaced of then - US Speaker of the House Nancy Pelosi that appeared to show her in an impaired condition. The video was a deepfake featuring footage modified to make the Speaker seem intoxicated or unwell. Yet despite its inauthenticity, the video went viral and received millions of views on social media. Today, many users remain unable to tell the difference between deepfakes and legitimate media.
What Are Deepfakes? Deepfakes are synthetic videos, images, or audio record
Generative artificial intelligence (AI) could be used by foreign adversaries to interfere in next year’s presidential election, President Joe Biden’s nominee to lead US Cyber Command and the NSA warned this past week. “As we look at this election cycle, the area that we do have to consider that will be slightly different will be the role of generative AI as part of this,” an Air Force Lt. General told the US Senate Armed Services Committee during his second nomination hearing. “And so, our con
Buying a house these days is almost insurmountable. Who can afford to pay cash for a decent house, or even the minimum downpayment? That’s where lenders come in. Banks and finance companies have been doing this for years. But now there is an elephant in the room, called AI. The top US bank regulator is warning that lenders need to ensure that artificial intelligence tools don't perpetuate biases and discrimination in credit decisions.[1]
Federal Reserve Vice Chair for Supervision Michael Ba