Link to full report: IR-22-126-001_weekly126.pdf
Our weekly Cyber Threats & Vulnerabilities Report is provided to our Red Sky Alliance Members to consolidate both prominent government and private cyber security reporting which include descriptions (TTPs), indicators of compromise (IoCs) and at times remediation directions.
Link to full report: IR-22-125-001_IntelSummary125.pdf
Just yesterday, I gave a very brief talk on the ethics and morals of hackers. My focus was centered on the criminality of hacking, but the same holds true with nation-state level cyber actors. The Russia Matters publication has provided a series of opinions on why Russia has not initiated a full scale cyber-attack, often called ‘cybergeddon’ upon its adversaries. Russia’s war in Ukraine, now nearing its 10-week mark, has been devastating, killing thousands of civilians, and forcing millions t
When one of your enemies begins attacking another one of your other enemies, does this mean that your first enemy is now an ally? I will let the philosophers answer this question. A China-linked state-sponsored cyberespionage group has started targeting the Russian military in recent attacks, which aligns with China’s interests in the Russia-Ukraine war. Tracked as Mustang PANDA, Bronze President, RedDelta, HoneyMyte, Red Lichand TA416, the government-backed hacking group previously focused
Black Basta, a new ransomware group, has made their presence felt by claiming responsibility for twelve ransomware attacks in the month of April. Black Basta, like many other ransomware operations, uses double-extortion tactics, stealing victim data before encrypting systems to leverage payment. The group then uses their Tor site and slowly leaks victim data, applying pressure to victims to pay the ransom for the decryption key. Notable targets from the first stretch of attacks include the A
With apologies to singer/songwriter Bob Dylan, “The answer my friend, is blowing in the wind.” Hackers do not care if the energy source is renewable or fossil fuel, they will attack it and turn out your lights and everything electric (yes, your network). German wind turbine giant Deutsche Windtechnik https://www.deutsche-windtechnil.com has issued a notification to warn that some of its IT systems were impacted in a targeted professional cyberattack earlier in April 2022.
The incident, which the
Those readers who were born before the Internet Age may remember seeing the Wanted Posters of criminals on the walls of US Post Offices. There were stated cash rewards for those who provided information that led to the wanted criminal’s arrest. Yes, you actually went into a federal building and mailed a letter with a postage stamp attached. What is a postage stamp? We will cover this subject in another article. The US authorities are offering a multimillion-dollar reward for anyone with info
Link to full report: IR-22-119-001_weekly119.pdf
There are many things you can do to protect yourself against cyberattacks but if you still do not remember the basics, then your organization is an easy target for cyber criminals. Please review what Red Sky Alliance recommends at the end of this article.
A security vulnerability that was left unpatched for three years allowed a notorious cyber-criminal gang to breach a network and plant ransomware. The BlackCat ransomware attack against the undisclosed organization took place in March 2022
Our weekly Cyber Threats & Vulnerabilities Report is provided to our Red Sky Alliance Members to consolidate both prominent government and private cyber security reporting which include descriptions (TTPs), indicators of compromise (IoCs) and at times remediation directions.
Link to full report: IR-22-118-001_IntelSummary118.pdf
The financial sector is a prime target for criminal cartels and nation-state actors. Criminals seek a lucrative market, and nation-states treat profit as a form of sanctions-busting. The high volume of Russian-speaking gangs and the current sanctions against the Russian state makes Russia a major threat to financial institutions today.
The reason that financial institutions are under constant attack is simple: that’s where the money is today. This is no different than the statement made by the
Has the notorious REvil, aka Sodinokibi, ransomware operation come back? Researchers suspect former developers may have restarted the server and data leak site. On 20 April 2022, the original Happy Blog leak site began redirecting to the new blog, which lists both old and seemingly new victims, including Oil India Limited. Cybersecurity researchers on Twitter attributed a recent ransomware attack at Oil India Limited to either REvil or imposters using the gang's name.
In early April 2022, at th
Adaptive security is a cybersecurity model made up of four phases, prediction, prevention, detection, and response. The process was developed in response to the de-centralization of IT ecosystems to accommodate hybrid working environments and the porting of systems to the cloud.
The perimeter that once defined a network no longer exists. Organizations are leveraging cloud technology and shifting towards hybrid work environments. The de-centralization of IT ecosystems is becoming increasingly
White hat hackers recently won $40,000 for cracking a system used by most major industrial companies, including the ones that manage our power grids, and they told MIT Technology Review it was extremely easy. The challenge was to hack industrial control systems, specifically the hardware and software used to control power grids, water treatment facilities, and other critical infrastructure.
Because so many people rely on this infrastructure, hackers can ask for and receive large ransoms in exc
Electric vehicles (EV) appear to be a vital part of the present (and future) state of the US auto market. In the past, there has been EV hope and hype; now the rapid adoption of electric vehicles is finally here. As an example, Tesla was only one month away from bankruptcy in the recent past and now is thriving. In 2011, there were only 16,000 battery and plug-in hybrid electric vehicles on the road. In mid-2021, that number had grown to over 2 million vehicles. In fact, auto executives expe
Our weekly Cyber Threats & Vulnerabilities Report is provided to our Red Sky Alliance Members to consolidate both prominent government and private cyber security reporting which include descriptions (TTPs), indicators of compromise (IoCs) and at times remediation directions.
Link to full Intelligence Report : IR-22-111-001_IntelSummary111.pdf
The Sandworm Group, a Russian based APT, which recently made headlines after their botnet of machines infected with Cyclops Blink malware, was taken down by the US Department of Justice, has been busy crafting attacks targeting the Ukrainian power grid. The Computer Emergency Response Team of Ukraine (CERT-UA), had to step in and take action to thwart the attack on the country’s energy facilities. Blame for the attack has been placed on Sandworm in support of Russian military actions in Easter
Sound merger and acquisition often checks on a company’s cyber safeguarding and data transfer provisions said the President of investment banking and dealership advisory firm Presidio Group. Specifically, auto dealership purchase agreements many times include representations that the seller has complied with Gramm-Leach-Bliley and has taken reasonable steps to protect their computer systems and customers’ information, said a principal attorney and partner with Holland & Knight in Denver, CO who
According to security firm PeckShield, a credit-focused, Ethereum-based stablecoin protocol known as Beanstalk is the latest target of cyber criminals. The DeFi protocol was exploited on 17 April in a flash-loan attack[1] due to which Beanstalk lost around $182 million in crypto assets. As a result, the market for Beanstalk’s stablecoin, BEAN, collapsed. As per CoinGecko, the token’s market went down by 86% from its $1 peg.[2]
Of interest is that the incident is the second massive nine-figure
