The prevalence of ransomware has had a devastating impact on businesses over the past few years, with insurance underwriters seeing increasingly large ransomware payouts. As a result, some core cyber security hygiene fundamentals are being required by insurers to qualify for coverage. Many companies wrongly assume that having backups in the cloud can prevent or reduce the impacts of a ransomware attack. For example, secure cloud backup has become a hard and fast requirement. Most cyber insu
All Articles (2242)
Sort by
A recent bipartisan report by the US Senate’s Homeland Security and Governmental Affairs Committee shows that key government agencies have made little progress in terms of cybersecurity over the past two years. A report published in 2019 found that eight federal agencies failed to meet even the basic cybersecurity standards and protocols. Two years later, cybersecurity at those agencies was again analyzed and the findings are as described in the new report “stark.”
The new report, titled “Feder
Federal law enforcement officials announced on 26 October 2021 that a wide-ranging, global illicit drug crackdown yielded 150 arrests and the seizure of more than $31.6 million in cash and virtual currencies. The 10-month law enforcement initiative called Operation Dark HunTOR, after the encrypted Internet tool, was conducted in partnership with international counterparts. The operation produced 234 kilograms (500 lbs.) of seized drugs. Of those arrested, 65 were in the US and the remaining w
Microsoft has teamed up with Intel and Goldman Sachs to push for hardware security improvements that could help to mitigate supply chain risks. Working under the auspices of the non-profit Trusted Computing Group (TCG), the companies have created a new Supply Chain Security workgroup that will aim to bring in experts from across the tech sphere.
The TCG argued that malicious and counterfeit hardware is particularly difficult to detect as most organizations don’t have the tools or in-house knowl
Creating human-like AI is about more than mimicking human behavior technology must also be able to process information, or ‘think’, like humans too if it is to be fully relied upon. New research, published in the journal Patterns and led by the University of Glasgow’s School of Psychology and Neuroscience, uses 3D modeling to analyze the way Deep Neural Networks are part of the broader family of machine learning process information, to visualize how their information processing matches that of
Auto manufacturers cannot afford to penny-pinch on cyber security and should manage risk from the very beginning of the design process and across the software development lifecycle and supply chain. Cyber security affects our everyday lives, from the small-scale phishing emails you receive in your inbox to the ransomware attack that shut down the Colonial Pipeline earlier this year and caused panic and a run on fuel. And it’s not just fuel that can be affected by cybersecurity attacks, but als
When a business, government agency or any other organization gets hit by ransomware and opts to pay a ransom to its attacker in exchange for a decryption key or some other promise, on average it pays $140,000. This is the average amount disclosed by ransomware incident response firm Coveware, based on thousands of incidents it investigated from July through August 2021.
In a new report detailing Q3 trends, Coveware says that the average ransom payment remained largely steady, compared to Q2, wh
Ukrainian authorities have detain a criminal gang who laundered funds for Russian hacking groups. Ukraine’s national police detained suspects on 25 October 2021, for stealing funds from cryptocurrency wallets and laundering profits for cybercrime organizations.
The arrests took place as part of a joint investigation with US authorities, the Ukrainian National Police (NPU) said in a press release. An undisclosed number of suspects were detained following house searchers across the country.
A
Activity Summary - Week Ending 22 October 2021:
- Red Sky Alliance identified 22,569 connections from new IP’s checking in with our Sinkholes
- Analysts identified 594 new IP addresses participating in various Botnets
- Sality remains the top Malware Variant at 20279 times seen
- FontOnLake Malware
- Tanglebot
- Harvester APT
- LightBasin - China
- Missouri Teacher’s Pension System
- Sinclair Broadcast Group
- “Huawei on Wings”
- Rising Hackers in Vietnam and Turkey
Link to full report: IR-21-295-001_weekly_295.pdf
Several top US federal agencies on 14 October 2021 issued a joint advisory around potential cyber threats to the nation's water facilities.
Officials cite "ongoing malicious cyber activity by cyber threat actors targeting the information technology and operational technology networks, systems and devices" of US water and wastewater systems.
See: https://redskyalliance.org/xindustry/water-is-worth-fighting-for
The advisory co-authored by the FBI, Cybersecurity, and Infrastructure Security Agenc
In 1963, Agent 007 is seen in the movie From Russian with Love battling a secret crime organization known as SPECTRE. Russians Rosa Klebb and Kronsteen are out to grab a decoding device known as the Lektor, using the beautiful Tatiana to lure James Bond into helping them. Bond willingly travels to meet Tatiana in Istanbul, Turkey where he must rely on his wits to escape with his life in a series of deadly encounters with the enemy.
Sometime fiction is closer to life than we think. James Bond a
The White House National Security Council this week kicked off its international counter-ransomware event with participation from more than 30 nations, not including Russia or China. This gathering aims to improve global network resilience, address illicit cryptocurrency use, and elevate both law enforcement collaboration and diplomatic efforts.
In a pre-event press call on 12 October 2021, a senior administration official said, "In this first round of discussions, we did not invite the Russian
This joint Cybersecurity Advisory was developed by the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) to provide information on BlackMatter ransomware. Since July 2021, BlackMatter ransomware has targeted multiple US critical infrastructure entities, including two US Food and Agriculture Sector organizations. This advisory provides information on cyber actor tactics, techniques, and procedures (TTPs) ob
Several cyber-attacks were prevented by Israel’s Health Ministry’s Cyber Security Center over this past weekend, the Health Ministry reported on 17 October. Some 627 cyberattacks per organization were observed in Israel’s health sector – 72% more than the average on previous weekends, Check Point said. These attacks are more than in any other sector, where there was an average of 267 attacks per organization and no significant increase, the cyber security firm noted.[1]
Barzilai Medical Center
Warnings have been issued for years. The techniques were simple enough: penetrate the platform through the onboard navigation system and then go horizontally across the onboard networks to gain control of key systems such as steering and the throttle. The hackers did exactly this and surprisingly without foreknowledge of the specific systems they were to hack prior to beginning the penetration. They were in and through the navigation interface in a remarkably short time and had control of bot
Activity Summary - Week Ending 15 October 2021:
- Red Sky Alliance identified 37, 307 connections from new IP’s checking in with our Sinkholes
- Analysts identified 1,873 new IP addresses participating in various botnets
- Sality remains the top Malware Variant at 33,705 times seen
- AtomSilo targeting Confluence
- FamousSparrow and Hotels
- BloodyStealer
- Another .edu Hit in the UK
- Pointing a Finger at China
- Spanish Melia Hotels hacked
- Afghan Telcom Roshan
Link to full report: IR-21-288-001_weekly_288.pdf
On 5 October 2021, an anonymous user on the 4chan technology board posted claiming to have a large data breach of Twitch proprietary code. Watch our REDSHORT Webinar. The user called out Twitch for being a “toxic community,” ending its post with #DoBetterTwitch (a variation of the trending TwitchDoBetter hashtag responding to the ‘Twitch Hate Raids’).
The post briefly describes content found in leak data, including source code for Twitch and other products and Streamer payout data.
Twitch r
A US Pentagon official recently said he resigned his post because US cybersecurity is allegedly no match for China, calling it 'kindergarten level.' This senior cybersecurity official Nicholas Chaillan said he quit because he thought it was impossible for the US to compete with China on artificial intelligence (AI). He joined the US Air Force as its first chief software officer in August 2018 and worked to equip this branch and the Pentagon with the most secure and advanced software available.
The US head of the US National Security Agency (NSA), Cyber Command says the US will continue to battle ransomware for many years into the future. Some of the highest-ranking cybersecurity officials in the US government discussed the pervasive threat of ransomware on 05 October 2021, comparing it to an issue of national security with the ability to inflict measurable damage on major world powers.
Speaking at security firm Mandiant's Cyber Defense Summit, the deputy national security adviser for
Sometimes the direct approach is the best. Dutch cybercrime police have a message for almost 30 users of an on-demand distributed-denial-of-service site: “We see what you're doing, now cut it out or we're going to arrest you.” Not for the first time, the move shows police in Europe attempting to move offenders, who are often young men, away from criminality, rather than arresting them outright.
On 11 October 2021, Dutch National Police said they issued a written warning to 29 individual hacker
