X-Industry

The White House National Security Council this week kicked off its international counter-ransomware event with participation from more than 30 nations, not including Russia or China. This gathering aims to improve global network resilience, address illicit cryptocurrency use, and elevate both law enforcement collaboration and diplomatic efforts. 

In a pre-event press call on 12 October 2021, a senior administration official said, "In this first round of discussions, we did not invite the Russian

This joint Cybersecurity Advisory was developed by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) to provide information on BlackMatter ransomware.  Since July 2021, BlackMatter ransomware has targeted multiple US critical infrastructure entities, including two US Food and Agriculture Sector organizations.  This advisory provides information on cyber actor tactics, techniques, and procedures (TTPs) ob

Several cyber-attacks were prevented by Israel’s Health Ministry’s Cyber Security Center over this past weekend, the Health Ministry reported on 17 October.  Some 627 cyberattacks per organization were observed in Israel’s health sector – 72% more than the average on previous weekends, Check Point said.  These attacks are more than in any other sector, where there was an average of 267 attacks per organization and no significant increase, the cyber security firm noted.[1]

Barzilai Medical Center

Warnings have been issued for years.  The techniques were simple enough: penetrate the platform through the onboard navigation system and then go horizontally across the onboard networks to gain control of key systems such as steering and the throttle.  The hackers did exactly this and surprisingly without foreknowledge of the specific systems they were to hack prior to beginning the penetration.  They were in and through the navigation interface in a remarkably short time and had control of bot

Activity Summary - Week Ending 15 October 2021:

• Red Sky Alliance identified 37, 307 connections from new IP’s checking in with our Sinkholes
• Analysts identified 1,873 new IP addresses participating in various botnets
• Sality remains the top Malware Variant at 33,705 times seen
• AtomSilo targeting Confluence
• FamousSparrow and Hotels
• BloodyStealer
• Another .edu Hit in the UK
• Pointing a Finger at China
• Spanish Melia Hotels hacked
• Afghan Telcom Roshan

Link to full report: IR-21-288-001_weekly_288.pdf

On 5 October 2021, an anonymous user on the 4chan technology board posted claiming to have a large data breach of Twitch proprietary code.  Watch our REDSHORT Webinar. The user called out Twitch for being a “toxic community,” ending its post with #DoBetterTwitch (a variation of the trending TwitchDoBetter hashtag responding to the ‘Twitch Hate Raids’).

The post briefly describes content found in leak data, including source code for Twitch and other products and Streamer payout data.

Twitch r

A US Pentagon official recently said he resigned his post because US cybersecurity is allegedly no match for China, calling it 'kindergarten level.'  This senior cybersecurity official Nicholas Chaillan said he quit because he thought it was impossible for the US to compete with China on artificial intelligence (AI). He joined the US Air Force as its first chief software officer in August 2018 and worked to equip this branch and the Pentagon with the most secure and advanced software available.

The US head of the US National Security Agency (NSA), Cyber Command says the US will continue to battle ransomware for many years into the future. Some of the highest-ranking cybersecurity officials in the US government discussed the pervasive threat of ransomware on 05 October 2021, comparing it to an issue of national security with the ability to inflict measurable damage on major world powers.

Speaking at security firm Mandiant's Cyber Defense Summit, the deputy national security adviser for

Sometimes the direct approach is the best.  Dutch cybercrime police have a message for almost 30 users of an on-demand distributed-denial-of-service site: “We see what you're doing, now cut it out or we're going to arrest you.”  Not for the first time, the move shows police in Europe attempting to move offenders, who are often young men, away from criminality, rather than arresting them outright.

On 11 October 2021, Dutch National Police said they issued a written warning to 29 individual hacker

Recently, a US federal magistrate judge recommended the dismissal of a female’s lawsuit against famous soccer player - Cristiano Ronaldo.  The recommended dismissal is largely because her attorneys relied on confidential documents obtained through a hacker.  In the 6 October ruling, the federal magistrate warned of “far-reaching, dangerous consequences on the legitimacy of the judicial process” if “hacked privileged documents” become “fair game for an attorney to use to create and prosecute the

Activity Summary - Week Ending 8 October 2021:

• Red Sky Alliance identified 45,583 connections from new IP’s checking in with our Sinkholes
• Analysts identified 1,245 new IP addresses participating in various botnets
• Researchers observed 10 unique email accounts compromised with keyloggers
• Ranion is a Ransom-as-a-Service
• Ransomware Operations are Short-Lived
• Cyber-Attack turns Fatal
• Indiana hospital and Ransomware
• Protecting the Healthcare Sector
• What’s a Slacktivist?
• The Anthropocene Period

Lin

Port industry leaders recently submitted cybersecurity guidelines to the United Nations International Maritime Organization (IMO) for consideration.  The IMO Member States should seize this opportunity and amend the International Ship and Port Facility Security (ISPS) Code to enact cybersecurity standards for ports and port facilities.  Specifically, IMO Member States should amend the code, using the new industry guidelines as a model, to require port facilities to conduct regular cybersecurity

Facebook has been having its share of problems.  From a global outage to a Whistleblower gone public with claims that Instagram causes youth-based psychological issues, the social media giant is now on the defensive.  US Congress is currently taking another, yet closer, look at oversight of social media platforms. 

Facebook and its Instagram and WhatsApp platforms are finally back in operation after a worldwide outage hit the services and the businesses and people who rely on its platforms.  Fac

An Android Trojan has now achieved a victim count of over 10 million in at least 70 countries.  Researchers say the infections are generating millions of dollars a month in recurring revenue.  According to Zimperium zLabs, the new malware has been embedded in at least 200 malicious applications, many of which have managed to circumvent the protections offered by the Google Play Store, the official repository for Android apps.

The researchers say that the operators behind the Trojan have managed

Ever think about scamming the harassing telephone scammers?  Three to four days a week, a US Los Angeles based voice actor calls back telephones thieves and messes with their heads.  For the past two years, this champion of anti-scamming, runs a sort of reverse call center, deliberately ringing the people most of us hang up on those scammers who pose as tax agencies or tech-support companies or inform you that you’ve recently been in a car accident you somehow do not recall.  When the actor gets

Cyber threat hunting is an active cyber defense activity.  It is "the process of proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions."  This contrasts with traditional threat management measures, such as firewalls, intrusion detection systems, malware sandbox, and SIEM systems, which typically involve an investigation of evidence-based data after there has been a warning of a potential threat.

To maximize the chance

Many believe that the Mafia of old has long since been active.  Not so, says Europol.  The new and improved Mafia organized crime ring thrived on violence, intimidation and $12 million in online fraud profits; all specialties of the Mafia.  International law enforcement has busted up an extensive cybercrime operation run by a gang with ties to the Italian Mafia.

The group allegedly used phishing attacks to defraud hundreds of victims. The suspects used various lures to convince victims (mostly I

Activity Summary - Week Ending 1 October 2021:

• Red Sky Alliance identified 28,292 connections from new IP addresses connecting to Sinkholes
• Analysts identified 482 new IP addresses participating in various botnets
• Amazon Data Services Canada has a compromised IP
• #1 Malware for 29 Sept, FoggyWeb
• Blackmatter Ransomware, Again
• iTerm2 App
• German Elections and Russia
• South Africa Ransomware Attack
• French Shipper hit Again
• British Giant Group hit with a ‘sophisticated’ cyber-attack
• Lithuania and Chin

Cybersecurity is always low on upper management's priorities during a merger or acquisition, but it shouldn’t be.  "Companies that are being bought and sold are often prime targets for cyberattacks," explained the CEO of cybersecurity solutions provider Industrial Defender, during a recent interview.[1] "By enacting Operational Technology (and proactive cyber intelligence) security measures, organizations can avoid an exciting company milestone from becoming an infrastructure and security nightm