There are many things you can do to protect yourself against cyberattacks but if you still do not remember the basics, then your organization is an easy target for cyber criminals. Please review what Red Sky Alliance recommends at the end of this article.
A security vulnerability that was left unpatched for three years allowed a notorious cyber-criminal gang to breach a network and plant ransomware. The BlackCat ransomware attack against the undisclosed organization took place in March 2022
Our weekly Cyber Threats & Vulnerabilities Report is provided to our Red Sky Alliance Members to consolidate both prominent government and private cyber security reporting which include descriptions (TTPs), indicators of compromise (IoCs) and at times remediation directions.
Link to full report: IR-22-118-001_IntelSummary118.pdf
The financial sector is a prime target for criminal cartels and nation-state actors. Criminals seek a lucrative market, and nation-states treat profit as a form of sanctions-busting. The high volume of Russian-speaking gangs and the current sanctions against the Russian state makes Russia a major threat to financial institutions today.
The reason that financial institutions are under constant attack is simple: that’s where the money is today. This is no different than the statement made by the
Has the notorious REvil, aka Sodinokibi, ransomware operation come back? Researchers suspect former developers may have restarted the server and data leak site. On 20 April 2022, the original Happy Blog leak site began redirecting to the new blog, which lists both old and seemingly new victims, including Oil India Limited. Cybersecurity researchers on Twitter attributed a recent ransomware attack at Oil India Limited to either REvil or imposters using the gang's name.
In early April 2022, at th
Adaptive security is a cybersecurity model made up of four phases, prediction, prevention, detection, and response. The process was developed in response to the de-centralization of IT ecosystems to accommodate hybrid working environments and the porting of systems to the cloud.
The perimeter that once defined a network no longer exists. Organizations are leveraging cloud technology and shifting towards hybrid work environments. The de-centralization of IT ecosystems is becoming increasingly
White hat hackers recently won $40,000 for cracking a system used by most major industrial companies, including the ones that manage our power grids, and they told MIT Technology Review it was extremely easy. The challenge was to hack industrial control systems, specifically the hardware and software used to control power grids, water treatment facilities, and other critical infrastructure.
Because so many people rely on this infrastructure, hackers can ask for and receive large ransoms in exc
Electric vehicles (EV) appear to be a vital part of the present (and future) state of the US auto market. In the past, there has been EV hope and hype; now the rapid adoption of electric vehicles is finally here. As an example, Tesla was only one month away from bankruptcy in the recent past and now is thriving. In 2011, there were only 16,000 battery and plug-in hybrid electric vehicles on the road. In mid-2021, that number had grown to over 2 million vehicles. In fact, auto executives expe
Our weekly Cyber Threats & Vulnerabilities Report is provided to our Red Sky Alliance Members to consolidate both prominent government and private cyber security reporting which include descriptions (TTPs), indicators of compromise (IoCs) and at times remediation directions.
Link to full Intelligence Report : IR-22-111-001_IntelSummary111.pdf
The Sandworm Group, a Russian based APT, which recently made headlines after their botnet of machines infected with Cyclops Blink malware, was taken down by the US Department of Justice, has been busy crafting attacks targeting the Ukrainian power grid. The Computer Emergency Response Team of Ukraine (CERT-UA), had to step in and take action to thwart the attack on the country’s energy facilities. Blame for the attack has been placed on Sandworm in support of Russian military actions in Easter
Sound merger and acquisition often checks on a company’s cyber safeguarding and data transfer provisions said the President of investment banking and dealership advisory firm Presidio Group. Specifically, auto dealership purchase agreements many times include representations that the seller has complied with Gramm-Leach-Bliley and has taken reasonable steps to protect their computer systems and customers’ information, said a principal attorney and partner with Holland & Knight in Denver, CO who
According to security firm PeckShield, a credit-focused, Ethereum-based stablecoin protocol known as Beanstalk is the latest target of cyber criminals. The DeFi protocol was exploited on 17 April in a flash-loan attack[1] due to which Beanstalk lost around $182 million in crypto assets. As a result, the market for Beanstalk’s stablecoin, BEAN, collapsed. As per CoinGecko, the token’s market went down by 86% from its $1 peg.[2]
Of interest is that the incident is the second massive nine-figure
The US government is sounding the alarm after discovering new custom tools capable of full system compromise and disruption of ICS/SCADA devices and servers. Investigators reported that a custom-made, modular ICS attack framework can be used to disrupt and/or destruct devices in industrial environments.
A joint advisory from the Department of Energy, CISA, NSA, and the FBI warned that unidentified APT actors have created specialized tools capable of causing major damage to PLCs from Schneider El
Activity Summary - Week Ending on 15 April 2022:
✓ Red Sky Alliance identified 5,384 connections from new IP’s checking in with our Sinkholes
✓ Turkish Netmax being Hit
✓ Analysts identified 1,361 new IP addresses participating in various Botnets
✓ BeastMode
✓ Deep Panda
✓ Verblecon
✓ EnemyBot
✓ Ukraine Stops RU Energy Attack
✓ India Grid
Link to full report: IR-22-105-001_weekly105.pdf
Our weekly Cyber Threats & Vulnerabilities Report is provided to our Red Sky Alliance Members to consolidate both prominent government and private cyber security reporting which include descriptions (TTPs), indicators of compromise (IoCs) and at times remediation directions.
Link to full report: IR-22-104-001_IntelSummary104.pdf
Business Email Compromise or BEC scammers use a variety of techniques to hack into legitimate business email accounts and trick employees to send wire payments or make purchases of merchandise or gift cards. Targeted phishing emails are a common type of attack, but experts say the scammers have been quick to adopt new technologies, like “deep fake” audio generated by artificial intelligence to pretend to be executives at a company and fool subordinates into sending money.
All accounting personne
The international Anonymous hacktivists group has targeted the Russian Ministry of Culture and leaked 446 GB worth of data online. The cyberattack was carried out as part of their collective’s ongoing operation OpRussia against the country’s invasion of Ukraine.
Anonymous is a group of hacktivists that publicly announced a cyberwar against Russia after the country invaded Ukraine in late February 2022. The latest to suffer a data leak is Russia’s Ministry of Culture. As seen by Hackread.com,
Any cyber professionals, at any level, will attest that what they desperately need is coffee to stay awake while working. Russian analysts, both good and bad, are now in serious trouble. Commodity traders are diverting coffee shipments that were initially expected to go to Russia, and some have stopped selling to that market altogether, attendees at a US coffee conference said.
Although food trade is not included in sanctions imposed on Russia after its invasion of Ukraine, difficulties in pr
A spokesman from the United States said on 07 April 2022 that it had secretly removed malware from computer networks around the world in recent weeks, a step to pre-empt Russian cyberattacks and send a message to President Vladimir V. Putin of Russia. The actions, made public by Attorney General Merrick B. Garland, comes as U.S. officials warn that Russia could try to strike American critical infrastructure including financial firms, pipelines and the electric grid in response to the sanctions
Understandable fears of an unparalleled Russian cyberwar began to grow around the same time Russia began staging its military on their border with Ukraine. Some people pictured a Russian digital assault not just on Ukraine but on all the West. At least a few people thought the Kremlin might team up with ransomware gangs to punish those who defied the invasion. Others were afraid that conflict between Putin’s hackers and Ukraine might spin out of control and spur a broader cyber melee around the
