Cloud computing giant Rackspace, located in San Antonio TX, confirmed earlier this week that a ransomware attack caused a widespread outage that halted email services for thousands of people. Since last Friday, the company has been dealing with an outage that took down the Microsoft Outlook Web App for thousands of customers and caused other downstream issues. The company runs a lucrative business centered on hosting Microsoft Exchange infrastructure, which offers customers Microsoft email, cal
All Articles (2535)
Sort by
Back in 1969, the rock group – The Rolling Stones – recorded an album titled “Let it Bleed.” The album sold over 2.4 million copies, and in 1997, it was voted the 27th "Best Album Ever." The current "Bleed You" malicious cyber campaign is far from being popular and is trying to take advantage of a known remote code execution (RCE) vulnerability in Windows Internet Key Exchange (IKE) Protocol Extensions. More than 1,000 systems are unpatched and vulnerable to compromise.
If an attacker gains cont
According to cyber security professionals, ZIP and RAR files have overtaken Office documents as the file most used by cyber criminals to deliver malware, according to an analysis of real-world cyberattacks and data collected from millions of PCs. The research, based on customer data found in the period between July and September 2022, 42% of attempts at delivering malware attacks used archive file formats, including ZIP and RAR.
That means cyberattacks attempting to exploit ZIP and RAR formats
A vulnerability has been discovered in Google Chrome which could allow for arbitrary code execution.[1] Successful exploitation of this vulnerability could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacte
It happens in minutes, even seconds. In Singapore, a man who filed a dispute over a faulty computer with the Consumers Association of Singapore reportedly lost $149,000 in a matter of minutes after he clicked on a live chat icon in an e-mail purportedly from the consumer watchdog. Mike (not his real name), who is in his early 50’s and works in the education industry, was one of at least 10 victims who fell prey to the phishing e-mails in October.
The police said the total losses amounted to at
Guatemala’s Foreign Ministry reporting it is currently investigating a ransomware attack that occurred earlier this year. The Ministry of Foreign Affairs shared the Law on Access to Public Information with The Record and said they were unable to comment on the cyberattack because of it. “The Ministry is not in a position to respond to your request, since it is in the investigation phase,” a spokesperson said.[1]
Group: onyx Approx. Time: 2022-11-21 08:12:06.653586 Title: https://t.co/vlKIf |
Activity Summary - Week Ending on 2 December 2022:
- Red Sky Alliance identified 30,052 connections from new IP’s checking in with our Sinkholes
- Microsoft in Singapore hit 111x
- Nivdort Malware Variant moves up in Collections
- Analysts identified 1,256 new IP addresses participating in various Botnets
- Tridas eWriter
- Remcos
- NY Suffolk County Hit
- German Festo and CODESYS
- Guadeloupe
- UK Cyber Regulation
Link to full report: IR-22-336-001_weekly336.pdf
A cruel business email compromise (BEC) gang called Lilac Wolverine is hacking people's email accounts and sending messages to their contacts claiming the account owner needs to send a gift to an unwell friend to manipulate people into sending online gift cards. Detailed by cybersecurity researchers, this organized cybercriminal group has fine-tuned techniques pulling on people's heartstrings.
They include false claims that the gift cards are meant for people diagnosed with serious illnesses or
The Killnet group and its collaborators are claiming they were able to pull off a trio of symbolic distributed denial-of-service (DDoS) attacks aimed at punishing some of the most critical supporters of Ukraine against the Russian invasion: Elon Musk's Starlink satellite broadband service and the websites of the White House in the US and the Prince of Wales in the UK. Researchers at Trustwave were able to find evidence corroborating the Russian-backed threat group's claims.[1]
Just last month
Over the past six months, the infamous Emotet botnet has shown almost no activity, and now it is distributing malicious spam. Emotet is by far one of the most dangerous trojans ever created. The malware became a very destructive program as it grew in scale and sophistication. The victim can be anyone from corporate to private users exposed to spam email campaigns.
The botnet distributes through phishing containing malicious Excel or Word documents. When users open these documents and enable
One month after a cyber-attack brought down government servers and websites in Vanuatu, it frustrated officials who are still using private Gmail accounts, personal laptops, pen and paper, and typewriters to run its government of the prime minister. This attack took place just a few days after the current Prime Minister took charge. the crash. The malware attack on Vanuatu’s government networks has caused delays in communication and coordination within the Pacific island nation of 314,000 peo
A hacker has leaked 5.3 million Twitter account details on a cybercrime forum while another researcher, Chad Loder, claims there is another Twitter breach involving “perhaps over 100 million accounts.”
On 7 August 2022, Hackread.com reported a story detailing a Twitter data breach involving 5.4 million accounts. Now, the very same data has been leaked on a hacker forum which surfaced as an alternative to popular and now-sized Raidforums.
The data is currently available for download (Screenshot
With women’s rights at issue, hackers have disrupted the works of Iran’s Fars news agency, one of the main sources of news disseminated by the state during protests over Mahsa Amini's death, the agency reported. Iran has been shaken by numerous in country and international protests since Amini’s death while in custody on 16 September after her arrest for an alleged breach of the country's dress code for women. Iran’s first protests focused on the state-mandated hijab, or headscarf, for women,
Activity Summary - Week Ending on 25 November 2022:
- Red Sky Alliance identified 26,613 connections from new IP’s checking in with our Sinkholes
- Contabo GmbH in Germany hit 100x
- Analysts identified 769 new IP addresses participating in various Botnets
- New RapperBot Campaign
- Somnia Ransomware
- New Inlock and Xorist Variants
- Debugging .NET Malware
- Iranian Drones
- City of Westmount, Quebec hit
- Nord Stream2 and AIS
- Kiwi Attacks
Link to full report: IR-22-329-001_weekly329.pdf
The SEC's new rule requires public companies to report material cybersecurity incidents within four business days after determining that an event has occurred. Many organizations ignored the topic when discussions about cybersecurity came up, but as more businesses are victimized by hackers and experience effects that hit their bottom line in ways that require them to share the information with regulators. But changes are coming to the rules of the Securities and Exchange Commission that will
A China-based cyber actor group is leveraging the trust associated with popular international brands to orchestrate a large-scale phishing campaign dating back as far as 2019. The threat actor, Fangxiao, is said to have registered over 42,000 imposter domains, with initial activity observed in 2017. Fangxiao targets businesses in multiple verticals, including retail, banking, travel, and energy. The offers promised financial or physical incentives are used to trick victims into further sprea
Swashbuckling pirates and sabotage on the high seas have gone digital. Ransomware has replaced the cutlass. In fact, the entirety of modern conflict has evolved into Fifth Generation Warfare with information and perception as its framework. Often referred to as the "Gray Zone" or "hybrid warfare," the term encompasses cyberattacks, nonviolent economic pressure and disinformation campaigns.[1]
It’s the weaponization of anything. The threat is massive and echoed by many. Klaus Schwab, Founder
Security researchers are alerting about an ongoing supply chain attack that uses malicious Python packages to distribute an information stealer. The attackers have been active since October 2022. The attack was uncovered by investigators on 01 November 2022, with the attackers copying existing popular libraries and injecting a malicious ‘import’ statement into them. The purpose of the injected code is to infect the victim’s machine with a script that runs in the background. The script, which f
The holidays are when people unknowingly let their guard down, and cybercriminals know it. They take advantage of people at home who are in a good mood, excitedly awaiting packages that are gifts for family or friends; and they also know employee counts are low as the staff takes vacation time and someone not used to a certain role might be covering for another employee. It is a holiday recipe for potential disaster.
See: https://redskyalliance.org/xindustry/holiday-2021-tip-to-stay-safe-1
Th
Recorded Future has shared information regarding potential threats to the 2022 World Cup soccer matches set in Qatar. Email-based phishing attacks targeting the Middle East doubled in October in the lead up to the World Cup in Qatar, according to new research from Trellix. Many of the emails purport to come from the FIFA help desk or ticketing office while some impersonate specific team managers and departments. Others claim to be notifications about bans implemented by FIFA, or spoof Snoonu,
