New guidance from the National Institute of Standards and Technology spells out security measures for "critical software" used by federal agencies and minimum standards for testing its source code. The best practices could be a model for the private sector as well. NIST's release of best practices carries out a mandate in President Joe Biden's May executive order on cybersecurity, which, in part, called for agencies to address supply chain threats, such as that posed by the SolarWinds incident
All Articles (2242)
Sort by
U.S. crime-fighting agencies testified in front of Congress during the last week of July 2021, and the hearing had a chilling title: "America Under Cyber Siege: Preventing and Responding to Ransomware Attacks"
Since January 2021, ransomware attacks have disrupted critical infrastructure, the food supply, IT management, healthcare, education, transportation, and many other sectors of the economy.For the most part, criminal and nation-state actors continue to launch attacks with little fear of fac
Cyber-security researchers at Ben-Gurion University in Israel are very good at looking at situations from a leftfield thinking perspective, recently regarding eavesdropping on your private conversations. Conventional thinking is to breach your privacy by compromising passwords to access your networks, or the use of vulnerabilities in your software or operating system. If you thought that ‘physical access’ to your smart speakers, or most any speaker, was required to listen in to the audio bein
A recent report by Ponemon Institute[1] and commissioned by Team Cymru found that half of the organizations surveyed experienced disruptive cyber-attacks from repeat sophisticated threat actors, the majority of whose exploits were unresolved. Although organizations acknowledged experiencing disruptive attacks and from repeat offenders, total remediation was not possible. According to the report, this situation left personal data and organizations’ infrastructure at risk of more attacks. Last
Some things seem to come full circle. Morse Code was invented in the 1800’s by Samuel Morse when he worked with an electrical telegraph system sending pulses of electric current and an electromagnet. His code used the pulse and breaks between them to transmit information. Popular with amateur radio operators, this code is no longer required if you want to get a pilots or air traffic controller license, though these individuals often have a basic understanding of the code. Morse code is a meth
What happens when your expert consultant team that has been advising your organization about what you need to do to protect your firm from cyber threats becomes “front page news?” The consultancy Accenture, which offers cybersecurity services, confirmed Wednesday it had been hit by a cyber incident. The ransomware gang LockBit took credit for the attack. Dublin, Ireland-based Accenture declined to give details on when the incident occurred, its duration or the attack type.
See for more informat
Every few months, enterprising cyber criminals are offering new services to enable cybercrimes, thefts and paid ransoms. These new “services” make crime easier for lower skilled criminals and increase profits for all members of the ransomware supply chain. TM: General Mills
Cyber threat actors who want to take down bigger targets more easily and quickly, ransomware gangs are increasingly tapping initial access brokers, who sell ready access to high-value networks. On average, such access is so
Activity Summary - Week Ending 13 August 2021:
- Red Sky Alliance identified 38,261 connections from new unique IP addresses
- Analysts observed 39 unique email accounts compromised with Keyloggers
- Researchers identified 3,451 new IP addresses participating in various Botnets
- Conti Exposed by m1Geelka
- RATs – more Remote Access Trojans
- Bandook Malware
- Poly Network Hit
- Ransomware Directly affecting Public Safety
- China & Israel
- New AdLoad Malware
- Perfume and Cyber
Link to full report: IR-21-225-001_w
Cyber threats are not been the only problem for supply chains this past year. The physical problems of moving large quantities of goods in a reasonable time period are turning into an equally insurmountable problem for all supply chain members. All consumers will be paying higher prices for nearly every product. US rail yards, ports, and warehouses are choked with freight, with too few people to move it quickly, causing delays and rising prices for companies and consumers.
California ports in
Red Sky Alliance has previously reported on John Deer’s cyber woes. No industry sector is immune from cyber threats, hacking or mischief. Recently, numerous vulnerabilities were uncovered in tractor manufacturer John Deere's systems that underscore the cyber risks that come with the productivity gains from high-tech farming. An Australian researcher who goes by the nickname Sick Codes, his LinkedIn profile (11) Sick Codes | LinkedIn remotely presented his latest findings on 08 August 2021 at
The U.S. needs to devise ways to counter Chinese cyber activity including the theft of intellectual property and cyberattacks on government networks and critical infrastructure that poses a direct threat to U.S. national security, according those who testified at a Senate hearing this first week in August 2021. All organizations need to take immediate steps to stop cyber breaches to protect their data and intellectual Property. The government cannot curb or stop it, so it is in the hands of al
On 5 August 2021 a threat actor using the handle m1Geelka, made a post on the Russian XSS cybercriminal forum. In the post, they claim to have leaked the manuals and instructions used by the Conti ransomware group whom with they were previously associated. These posts provide valuable insight into Conti operations. While the group is highly likely to change its exposed infrastructure and their tactics, techniques, and procedures (TTP’s), network defenders are now able to research this informa
Supply chain networks have for some time been driven by technology over the years and have evolved accordingly. The same technologies that make supply chains faster and more effective also threaten their cybersecurity. Supply chains have vulnerabilities along touchpoints with manufacturers, suppliers, and other service providers.
With constant global cyber threats, it is vital that companies involved in the supply chain understand risks and how to respond to them. So, what is the best way to p
A data lake is an unstructured repository of data that allows for the storage of different data types from different sources. Depending on the requirements, a typical organization will require both a data warehouse and a data lake as they serve different needs and use cases. A data warehouse is a database optimized to analyze relational data coming from transactional systems and lines of business applications. The data structure and schema are defined in advance to optimize for fast SQL queri
Activity Summary - Week Ending 30 July 2021:
- Red Sky Alliance identified 29,998 connections from new unique IP addresses
- Analysts identified 7,608 new IP addresses participating in various Botnets
- Do you used Cucurut on YouTube?
- ‘dmechant’ Malware - Still on the Radar
- Candiru’s Spyware
- Google Chrome Security update
- DNS Cache Poisoning
- RedLine Malware and the Olympics
- Israel and Japan working to Protect the Olympics
- IceFog at the Summer Olympics?
- BlackMatter group
Link to full report: IR-21-211
Earlier this month, the infamous hacking group LulzSec’s founder issued a stern warning to the US. If 2020 was coined The Year of the Digital Pandemic, then 2021 has still not discovered any digital vaccines. Cyber-attacks have grown rapidly over the past year, and are showing no indications of slowing down. One ‘former’ Black Hat hacker expressed his growing concern at the lack of preparedness the United States has shown.
The US government has been attacked by several world superpowers durin
There appears to be continuing data breach campaign inside the THORChain’s security system. THORChain is a cross-chain DeFi protocol that was hacked last week for the first time and suffered a loss of $8.3 million. Now it has been hacked again, and this time, attackers allegedly managed to steal $8 million worth of cryptocurrency Ether.
According to THORChain, the decentralized e-commerce exchange has become a victim of a sophisticated attack on its ETH router. THORChain posted to Twitter to a
Red Sky Alliance has been monitoring a global phishing campaign which leverages the Ex-Robotos phishing kit to gain access to usernames and passwords of targeted victims. This specific attacker generally targets engineering organizations but has been seen targeting other industries as well. They have been sending out emails since May of 2021, though the tool has been publicly available for purchase since 1 July 20191. Phishing plays a major role in cyber-attacks and often leads to data breaches
Recently, ransomware criminals claimed as trophies at least three North American insurance brokerages that offer policies to help others survive the very network-paralyzing, data-pilfering extortion attacks they themselves apparently suffered.
Cybercriminals who hack into corporate and government networks to steal sensitive data for extortion routinely try to learn how much cyber insurance coverage the victims have. Knowing what victims can afford to pay can give them an edge in ransom negotiati
There’s an old saying in the American West: “Whiskey is for drinking; water is for fighting.” Back in March, Red Sky Alliance presented facts surrounding the Oldsmar, Florida water treatment cyber-attack. Well, this critical infrastructure in the US remains a target to cyber-criminals.
The idea that access to water, especially the clean, drinkable kind, is something that is worth fighting for is nothing new. But cyber security was never a real factor in water safety. Recent incidents have e
