X-Industry

Wall Street, especially the insurance markets, is very concerned about the cyber security risks that state and local governments are facing, including a cascade of ransomware attacks targeting a public sector which is still struggling with how to manage more and more on-line services during the never ending COVID-19 pandemic. 

“The landscape is changing quite rapidly right now, from the cybersecurity insurance and the threat landscape side, which leaves local governments in the middle dealing wi

Since the beginning of COVID-19, now well over a year, some company managers thought that people would come flocking back to the office once generous unemployment benefits ended.  Instead, after Republican states cut the $300-a-week Federal benefit and other benefits expired, there has been no rush to return to the workforce.  There are many reasons for this.  People do not want to catch COVID-19 and new variants; people are sick of their bad jobs; early retirement; and the one I care about toda

We live in a fast paced, ‘instant’ world.  What we used to measure in days and hours are now measured in seconds.  In purchasing, consumers expect immediate sales and services – all at their fingertips, which include product deliveries right to their doorsteps.  Buying a car is no different as purchasers want cars NOW and have them delivered in their driveways.  Various on-line auto sales services have sprung up and are highly successful.  One such company is being looked at very closely by the

Activity Summary - Week Ending on 22 December 2021:

• Red Sky Alliance identified 30,069 connections from new IP’s checking in with our Sinkholes
• dauction.ru Still has Issues after 4 weeks !
• Analysts identified 5,039 new IP addresses participating in various Botnets
• Log4j Vulnerability
• BlackCat
• AgentTesla Additions
• Iran Hackers
• Cyber and Medical Devices
• Attacking K-12 School Apps
• Cyber Port Protection
• Finite Recruitment

Link to full report: IR-21-356-001_weekly356.pdf

Unless you have been living in a cave, everyone knows that supply chain issues and delays are widespread and affect many industries.  For small businesses, it is even worse.  Large companies, including major retailers, are using their own shipping to get needed supplies and inventory in time.  Whether you have a retail outlet or an e-commerce store, it can be a challenge to keep popular items stocked and deal with impatient customers.  Here are some ways you can prepare for these challenges and

The US and the UK have ‘quietly’ sent cyber warfare experts to Ukraine to help sabotage any cyber warfare threats like that in the 2015 Ukraine power grid hack when Russian hackers remotely took over a power company’s control center.  It was the first publicly international acknowledged attack using digital weaponry that attacked the Ukrainian power grid, causing power outages across the country.  In the hopes of protecting the Ukraine, as the US and allies speculate the next move of Russia, bot

Ransomware is now a primary threat for businesses, and with the past year or so considered the "golden era" for operators, cybersecurity experts believe this criminal enterprise will reach new heights in the future.  These are only a handful of 2021's high-profile victims of threat groups including DarkSide, REvil, and BlackMatter.  According to Kela's analysis of dark web forum activity, the "perfect" prospective ransomware victim in the US will have a minimum annual revenue of $100 million and

Remember “War driving” and setting up “Honeypots?”  What has been used in the past to gauge cyber vulnerabilities are being used again. The Honeypot is one of the oldest tricks used for luring hackers into the system. The Honeynet is a group of computer systems that together creates a trap for hackers. It is more powerful for catching the hackers as the chances for the possible information loss are lessened because the entire system is put together to track down hackers.

Recently, cybersecurity

Activity Summary - Week Ending on 17 December 2021:

• Red Sky Alliance identified 39,374 connections from new IP’s checking in with our Sinkholes
• ru Still has Issues after 3 weeks
• Analysts identified 4,459 new IP addresses participating in various Botnets
• Zoho ManageEngine
• Manga
• Log4j
• Ransomware bad actor arrested in Romania
• Volvo Snatched
• AgentTesla
• Cyber Attacks are a National Security Concern
• Kronos Attack

Link to full report: IR-21-351-001_weekly351.pdf

Researchers have found that 1.5 million dark web payment card data belong to US citizens.  Visa cards were the most frequent, with 913,955 found on the darknet, followed by Mastercard with 406,851 cards and American Express with over 143,836.  And, Australia and Hong Kong were the next most affected places, with details on 419,806 and 399,537 cards found, respectively.  According to research, a card's vulnerability depends on the proportion of non-refundable cards, the country's population, and

Here is an old story that is still funny to those of us who used floppy disks.  If you do not remember them, skip to paragraph 2. There have always been funny stories about failed recoveries from cyber incidents.  A dedicated client regularly took backups on disk, giving them to his system administrator and asking for them to be filed for emergencies. It was only when a failure occurred that he asked for the latest backup disk and discovered it had been filed in a ring folder, with two neat punc

The operators of TrickBot malware have infected an estimated 140,000 victims across 149 countries a little over a year after attempts were to dismantle its infrastructure.  The advanced Trojan is fast becoming an entry point for Emotet, another botnet that was taken down at the start of 2021.  Emotet is believed to have originated in the Ukraine is also known as Heodo which was first detected in 2014.  See:  https://redskyalliance.org/xindustry/this-may-be-the-end-of-emotet

Most of the victims d

We talk about them all of the time, we sell access via APIs, we use them constantly, but how many readers can explain them?   Let’s revisit our college days without the bell-bottomed jeans and mullet haircuts.

Computer Science 101:   API is the acronym for Application Programming Interface, which is a software intermediary that allows two applications to talk to each other.  This is elementary to data communications.  Every time you use an app like Facebook, send an instant message, or check the

During the first nine months of 2021, 40,000 people reported losing over $148 million in gift cards to scammers.  And we are only now entering the Christmas season.   According to the Federal Trade Commission (FTC), these are staggering numbers that have increased each year for the past several years.  Since 2018, gift cards have been the most frequently reported payment method for fraud.  According to the FTC, most gift card scams start with a phone call from someone impersonating a branch of t

Preventing a cyberattack is more cost-effective than reacting to one and we have seen that many boardrooms still are not willing to assign the needed budget.  Too many organizations still are not willing to spend money on preventive cybersecurity because they view it as an unnecessary additional expense.  Later, find they have to spend much more budget dollars recovering from a cyber incident after they get hacked.

Cyberattacks like ransomware, business email compromise (BEC) scams, and data bre

The new ransomware operation, which debuted in November 2021, has the potential to be the most sophisticated ransomware of the year, with a highly adjustable feature set that allows for assaults on a wide range of corporate setups. Details have emerged about what is the first Rust language based ransomware strain identified that has already amassed "some victims from different countries" since its launch last month.

The ransomware, now named BlackCat, was disclosed by MalwareHunterTeam  https://

A major outage in Amazon’s cloud computing network had severely disrupted services at a wide range of US companies beginning on 07 December 2021.  Amazon and some other services including Prime Video and Alexa were affected by computer problems.   Thousands of users in the United States have reported problems on the outage tracking website Downdetector.  There are reports in the US that customers of McDonald's, Netflix, Disney, and several other AWS clients, are had issues too.

Downdetector http

Some new business models are too good to be true, especially if they serve criminals.  Many ransomware-wielding attackers continue to rely on several Cybercrime-as-a-Service providers to support their ability to easily gain access to targets and steal data.  An increasing number of ransomware operations also run data leak sites to pressure nonpaying victims into meeting attackers' ransom demands, researchers say.   One star player in the ransomware ecosystem remains the initial access brokers.  

Activity Summary - Week Ending on 10 December 2021:

• Red Sky Alliance identified 44,043 connections from new IP’s checking in with our Sinkholes
• dauction.ru Still has Issues
• Analysts identified 3,806 new IP addresses participating in various Botnets
• Phobos Ransomware
• Yanluowang Ransomware
• The Snatch Hacking Group
• USB drives – Old Tactic
• Hacker arrested in Ottawa
• Becoming a Pro
• Trains, Planes and Automobiles
• MatchMG

Link to full report: IR-21-344-001_weekly344.pdf

The holiday shopping season is now at full throttle, and so is the risk of a cyber-attack. Threat actors often get to work during the holidays.  IT staff is heading out for vacation, and everyone is in a hurry.  This means we might skimp on security.  Still, there are some holiday cybersecurity tips that will help make the season go smoothly.  Today we would like to share some common sense, and very valuable tips by Jonathan Reed.[1]

During the holidays, online shopping and overall activity dram