In the realm of cyber security, the objective is to shield systems, networks, and software applications from digital assaults. These digital threats typically have the intentions of either evaluating, altering, or compromising confidential data, extracting money from users, or disrupting regular business operations. The task of establishing robust cyber security defenses presents a formidable challenge in the contemporary landscape, chiefly due to the proliferation of devices surpassing the huma
All Articles (1944)
Sort by
A Chinese cyber espionage group targeting organizations and individuals in China and Japan has remained under the radar for roughly five years, cybersecurity firm ESET https://www.eset.com reports. Researchers have tracked it as Blackwood and active since at least 2018, the Advanced Persistent Threat (APT) actor has been using Adversary-in-the-Middle (AitM) attacks to deploy a sophisticated implant via the update mechanisms of legitimate software such as Sogou Pinyin, Tencent QQ, and WPS Office
Albabat, also known as White Bat, is a financially motivated ransomware variant written in Rust that identifies and encrypts files important to the user and demands a ransom to release them. It first appeared in November 2023 with the variant Version 0.1.0. Version 0.3.0 was released in late December, followed by version 0.3.3 in mid-January 2024.
Link to full report: IR-24-029-001_WhiteBat.pdf
Researchers from Microsoft reported on 25 January 2024 that the Russian state-sponsored threat actors responsible for a cyberattack on its systems in late November 2023 have been targeting other organizations and that it's currently beginning to notify them. The development comes a day after Hewlett Packard Enterprise (HPE) revealed that it had been the victim of an attack perpetrated by a hacking crew tracked as APT29, which is also known as BlueBravo, Cloaked Ursa, Cozy Bear, Midnight Blizzar
“Vote early and often.” In his book Capone, author John Kobler attributes the phrase to the gangster Al Capone. In the United States, Republicans accused their opponents of inviting such corruption with their support of the National Voter Registration Act of 1993, the "Motor Voter Law."
See: https://redskyalliance.org/xindustry/election-day-concerns
Jen Easterly, Director of the US Cybersecurity and Infrastructure Security Agency (CISA), stated in an interview on 19 January 2024 that "the Ame
Despite improving preparedness, US small businesses are still highly vulnerable to cyber incidents. A recent report by Hiscox USA indicates that while the small business segment paid less to respond to a cyber incident this past year, it was offset by increased attacks and breaches.
In its annual cyber readiness report, Hiscox revealed the median cost of cyber-attacks decreased for small businesses in the US from $10,000 in 2022 to $8,300 in 2023. At the same time, the median number of attacks
The sandwich chain Subway www.subway.com has launched an investigation after the infamous LockBit ransomware group claimed over last weekend that it hacked into the company’s systems and stole vast amounts of information. “The biggest sandwich chain is pretending that nothing happened,” the LockBit gang said in a message posted on its website. “We exfiltrated their SUBS internal system which includes hundreds of gigabytes of data and all financial expects of the franchise, including empl
The US Securities and Exchange Commission on 22 January 2024 revealed that hackers used SIM swapping to take over its X (formerly Twitter) account. The hack occurred on 09 January 2024, when a post sent from the agency’s @SECGov account on the social platform announced that a long-awaited bitcoin exchange-traded fund (ETF) was approved. The post caused the price of bitcoin to spike more than $1,000. Shortly after the post, the SEC Chairman announced on his personal account that the SEC’s acc
The threat actors associated with the Medusa ransomware have ramped up their activities following the debut of a dedicated data leak site on the dark web in February 2023 to publish sensitive data of victims unwilling to agree to their demands. As part of their multi-extortion strategy, this group will provide victims with multiple options when their data is posted on their leak site, such as time extension, data deletion, or downloading all the data. These options have a price tag depending
Google continues to struggle with cybercriminals running malicious ads on its search platform to trick people into downloading booby-trapped copies of popular free software applications. The malicious ads, which appear above organic search results and often precede links to legitimate sources of the same software, can make searching for software on Google a dicey affair.
Google says keeping users safe is a top priority, and that the company has a team of thousands working around the clock to cr
The Fidelity National Financial (FNF) cyber-attack leaked the personal data of 1.3 million customers, the company has disclosed in a new filing with the Securities and Exchange Commission. FNF is one of the largest title insurance and transaction services providers in the United States, with a market capitalization of $13.3 billion, an annual revenue of over $10 billion, and a workforce of about 23,000 people.[1]
The November 2023 cyber-attack disrupted the company’s operations for nearly a wee
A recent article raised the question of whether North Korea was the perpetrator of the cyber-attacks against Sony Pictures in December 2014. Despite the difficulties typically associated with such activities, the US Federal Bureau of Investigation (FBI) quickly attributed (25 days) the attacks to North Korea, even though an enigmatic group calling itself “Guardians of Peace” took responsibility. Nevertheless, once the FBI official blamed North Korea, no one in the government appeared to questi
Several US federal agencies published a guide of cybersecurity best practices for the water and sanitation sector following criticism from a US government watchdog about the government’s work with the industry. This past week, the US Environmental Protection Agency (EPA) partnered with the FBI and Cybersecurity and Infrastructure Security Agency (CISA) to release a manual providing the water industry with more information on cyber incident response as well as the roles, resources and responsibi
Below is a research and analysis of the PixieFAIL by the researchers at QuarksLab. Nine vulnerabilities that affect EDK II, the de-facto open source reference implementation of the UEFI specification and possibly all implementations derived from it. The vulnerabilities are present in the network stack of EDK II and can be exploited during the network boot process.[1]
Network boot is a standard feature on enterprise computers and servers. Using network boot to load an OS image from the network
High-profile individuals working on Middle Eastern affairs at universities and research organizations in Belgium, France, Gaza, Israel, the UK, and the US have been targeted by an Iranian cyber espionage group called Mint Sandstorm since November 2023. The threat actor "used bespoke phishing lures in an attempt to socially engineer targets into downloading malicious files," the Microsoft Threat Intelligence team reported in a recent analysis, describing it as a "technically and operationally ma
The operators behind the now-defunct Inferno Drainer created more than 16,000 unique malicious domains over a span of one year between 2022 and 2023. The scheme leveraged high-quality phishing pages to lure unsuspecting users into connecting their cryptocurrency wallets with the attackers' infrastructure that spoofed Web3 protocols to trick victims into authorizing transactions. A crypto drainer is a malicious tool or script specially designed to transfer or redirect cryptocurrency from a vict
Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments. Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate
The proper eyewear can be a game-changer for IT professionals who spend their working life in front of screens. In a recent interview Anthony Czajkowski, a licensed optician and an eyewear industry veteran for more than 30 years with his optometry practice at the Omega Eye Center in Coral Springs, Florida, offers his opinions.
Progressive lenses, the basis for technology lenses, have a long history. In 1959, multifocal technology was revolutionized when French engineer Bernard Martinez invented
If you used the investing app Robinhood, you could qualify for part of a $20 million class action settlement resolving allegations that the investment app's negligence led to personal information being leaked. Robinhood's cybersecurity system "lacks simple and almost universal security measures used by other broker-dealer online systems, such as verifying changes in bank account links," according to a February 2021 complaint.
If your Robinhood account was accessed by unauthorized users between
Traditional password-only authentication systems have proven to be vulnerable to a wide range of cyberattacks. To safeguard critical business resources, organizations are increasingly turning to multi-factor authentication (MFA) as a more robust security measure. MFA requires users to provide multiple authentication factors to verify their identity, providing an additional layer of protection against unauthorized access. Cybercriminals are constantly investigating ways to bypass MFA systems. O
