Almost 2 years ago (09-2019), Red Sky Alliance reported on the negative ramifications of TikTok: “TikTok is a popular social media app for sharing short user-created video clips. TikTok is a youth-oriented app that is used primarily by those in the 16-24 age demographic. TikTok is hugely popular with about 500 million monthly users worldwide and more than 26 million users in the United States. The problem is that TikTok is a Chinese social media app, developed in China by a young engineer nam
All Articles (2242)
Last October, the information technology (IT) department at the University of Vermont Medical Center (UVM) began receiving reports of malfunctioning computer systems across its network. Employees reported they were having trouble logging into business and clinical applications. Some reported the systems were not working at all. Within a few hours, the IT department began to suspect the hospital was experiencing a cyberattack. At that time, the possibility was very much a reality to the IT te
Activity Summary - Week Ending 23 July 2021:
- Red Sky Alliance identified 19,903 connections from new unique IP addresses
- Top observed Attacker Server (C2): Alexey[.]rybalov@yandex.ru & taleq[.]simeon888@mail.com
- Analysts identified 2,670 new IP addresses participating in various Botnets
- DLL Side-Loading Technique
- dmerchant
- WildPressure
- China keeps pulling Triggers
- Russia Cyber-Attacks
- Saudi Aramco Hit with Ransomware
- Cell Phones and Spying
- Norway blaming China for March cyber-attack
- What will b
In the past several weeks, South Africa has experience violent riots in response to the arrest of its former president.[1] The unrest is having serious repercussions for the country's mining sector. The outbursts, located in the province of KwaZulu Natal, are hampering the activity of local mines, but also that of Durban and Richards Bay port terminals. On 22 July, a cyber-attack has directly disrupted the operation of South Africa’s busiest container terminal. It’s the largest on the Afric
Cybersecurity professionals, including the US expert team at the Cybersecurity and Infrastructure Security Agency (CISA), often focus on promoting best practices: the necessary steps that organizations must take to secure their enterprises. It is equally important for organizations to focus on stopping bad practices.
High-risk and dangerous technology practices are often accepted because of competing priorities, lack of incentives, or resource limitations that preclude sound risk management deci
A password, sometimes called a passcode, is secret data and is typically a string of characters, usually used to confirm a user's identity. Traditionally, passwords were expected to be memorized, but due to the large number of password-protected services that a typical individual accesses, this can make memorization of unique passwords for each service (nearly) impractical.
Using the terminology of the US-based NIST Digital Identity Guidelines, the secret is held by a party called the claimant
Palo Alto Networks, Unit 42 has provided great research on the Mespinoza criminal cyber group. As cyber extortion flourishes, ransomware gangs are constantly changing tactics and business models to increase the chances that victims will pay increasingly large ransoms. As these criminal organizations become more sophisticated, they are increasingly taking on the appearance of professional enterprises. One good example is Mespinoza ransomware, which is run by a prolific group with a penchant fo
The National Security Agency, the FBI and other agencies are tracking an ongoing Russian cyberespionage campaign in which attackers are using brute-force methods to access Microsoft Office 365 and other cloud-based services, according to an alert published Thursday. The campaign, which started in 2019, has targeted "hundreds" of businesses, government agencies and organizations worldwide, mainly in the U.S. and Europe, the NSA reports. The victims include several U.S. Department of Defense unit
COVID-19 has changed many companies’ hybrid work force procedures, but with vaccines reaching new heights, many workers are returning to their offices. As the US opens back up and employees get back in the offices, violence and physical threats to businesses are being seen at an unsettling, record-high pace, according to the Ontic Center for Protective Intelligence.
The study showcases the collective perspectives of physical security directors, physical security decision-makers, chief security
Hackers have recently tampered with critical infrastructure entities in the US. This includes the Colonial Pipeline incident that affected the supply of gas and the JBS Foods hack that affected operations of the meat-packing giant. Neither of these ransomware attacks had any severe, real-world consequences. Some people could not put gas in their cars for a few days, or the price of meat might have gone up in some areas, but no lives were immediately threatened.
But what if the hackers decided
Data management has bothered large companies for decades. Almost all firms spend both time and money on it and still find the results unsatisfactory. While the issue does not appear to be growing worse, resolving it is increasingly urgent as managers and companies strive to become more data-driven, leverage advanced analytics and artificial intelligence, and compete with data.
Most companies struggle with a few common but significant data management issues:
- First, companies have concentrated
A recent cyber security blog by researcher Maahnoor Siddiqui, he provides a clear picture of the threats and vulnerabilities in the Transportation supply chain. A concern shared by Red Sky Alliance. Our 40-minute commute to work in the morning can feel like an insular event. Whether it is by bus, train, ferry, or car; it can be hard to place this single event within the vast network of transit that occurs every day. These small personal journeys make up a highly interconnected transportation
Die Zahl der registrierten Cyberkriminalität steigt im deutschen Cyberspace weiter an, wobei sich Cyberkriminelle zunehmend auf "größere Beute" konzentrieren. Die Zahl der DDoS-Attacken nimmt weiter zu, ebenso deren Intensität. Die Täter sind global vernetzt und agieren mit zunehmender Geschicklichkeit und Professionalität. Die Dark-Web-Underground-Economy wächst und stellt eine kriminelle, globale Parallelökonomie dar, die primär auf finanziellen Profit aus ist. Haupttreiber des Profits ist
Fool me once, shame on you. Fool me twice, shame on me. We have all been duped at some level by devious on-line schemers. In the Cyber World, it sounds like old news. Phishing is a type of social engineering tactic where an attacker sends a fraudulent ("spoofed") message designed to trick a human victim into revealing sensitive information to the attacker, then introduce malicious software on the victim's infrastructure like ransomware. Phishing attacks have become increasingly sophisticate
Activity Summary - Week Ending 16 July 2021:
- Who’s TBoy Ken?
- Red Sky Alliance observed 12 unique email accounts compromised with Keyloggers
- Analysts identified 56,261 connections from new unique IP Addresses
- 2,346 new IP addresses were seen participating in various Botnets
- Diavol & Wizard Spider
- ChaChi, a new Golang RAT
- Cyber Security in Australia
- A Close look at COVID-21, huh?
- Iranian Trains hit with Cyber-attack, Again
- Internet Down in Cuba, Porque?
Link to full Report:
The number of recorded cybercrimes continues to rise in the German cyberspace, with cybercriminals focusing increasingly on “larger prey.” The number of DDoS attacks continues to rise, as is their intensity. The perpetrators are globally networked and are acting with increasing skill and professionalism. The dark web underground economy is growing and represents a criminal, global parallel economy, which is primarily seeking financial profit. The main driver of profit is still Ransomware, posing
After 500 million LinkedIn users were affected in a data-scraping incident in April 2021, it has happened again with big security consequences. A new posting with 700 million LinkedIn records has appeared on a popular hacker forum. Analysts from Privacy Sharks found the data put up for sale on RaidForums by a hacker calling himself “GOD User TomLiner.” The dark web advertisement, posted 22 June 2021, claims that 700 million records are included in the cache, and included a sample of 1 million
For years, Red Sky Alliance has helped monitor cyber security threats and vulnerabilities during mergers and acquisitions (M&A’s). Supporting businesses with cyber security is a big part of our business model. For decades, corporate consolidation has been growing and now the US President is taking aim at this trend in a new Executive Order (E.O.), dated 9 July 2021.
Our friends at the US National Defense Transportation Association (NDTA) shared that this new E.O. is affecting the transportatio
The current US administration has a message for Russia: Rein in the criminal hackers operating from inside your borders who hit Western targets, or we will do it for you. The White House says that is the imperative being stressed in ongoing talks between high-level officials in the US and Russian national security teams following the mid-June summit in Geneva between the US President and the Russian President.
Experts say disrupting ransomware will take more than diplomacy, and needed cybersec
Patches to fix a severe flaw in the Windows Print spooler are now available for Windows 10 Version 1607, Windows Server 2012 and Windows Server 2016. Microsoft (MS) has now released patches to protect all versions of Windows against the critical PrintNightmare flaw. MS recently deployed fixes to cover most but not all editions of Windows. They patched the remaining versions of Windows, according to an update on its message center page.
Newly patched as of 7 July 7 are Windows 10 version 1607,