X-Industry

There was an old 60’s movie called, The Spy who came in from the Cold.  Well the FBI could be sidelined in new cybersecurity legislation and left out in the cyber security cold.  In the view of America’s most powerful law enforcement agency, that could be a big problem.

In testimony to the US Congress, the current assistant director of the FBI’s Cyber Division, said that the Biden administration is “troubled” by legislation proposed by the US Senate and House Homeland Security committees requiri

US college campus delivery robots are making an impact.  Delivery robot vendors are making a play for campuses across the country to establish a new market in a defined and structured environment, free of much of the regulatory complications of municipalities and ordinances.  But what about cyber threats and hacking of these new helpers?  The robots are no different from anyother cyber challenges.

Starship Technologies is delivering 30 autonomous robots for food service to South Dakota State Un

Activity Summary - Week Ending on 12 November 2021:

• Red Sky Alliance identified 27,845 connections from new IP’s checking in with our Sinkholes
• Analysts identified 3,224 new IP addresses participating in various Botnets
• Sality remains the top Malware Variant at 24,282 Observation
• Chaos Ransomware
• Fake Ecommerce and Black Friday
• Robinhood Hit (Again)
• CISA 22-01
• Ukraine & Gamaredon SSU Arrests
• Pakistan and Russia
• Cyber Attack US Federal Indictments
• FIN7 still Kicking Around

Link to full repo

The U.S. Department of State will create a Bureau of Cyberspace and Digital Policy, led by a Senate-confirmed ambassador-at-large, to advance its cybersecurity diplomacy efforts, according to U.S. Secretary of State Antony Blinken. The move is a response to a challenging global threat landscape including ransomware attacks believed to be regularly carried out from Russian soil.

Readers can see the current state of cyber security for federal agencies HERE

Blinken formally announced the office whi

Grief, a ransomware group with ties to Russia-based Evil Corp, claims to have stolen data from the gun-rights group and has posted files on its dark web site. A ransomware group tied to Russia claims to have stolen data from the National Rifle Association (NRA) in a ransomware attack on the controversial gun-rights group, which has declined to comment on the situation.

The Grief ransomware gang listed the NRA as a victim of its nefarious activity on its data-leak site. Brett Callow, a threat ana

With the ability to largely secure critical infrastructure from ground level attacks and a current strong focus on cybersecurity, a potential new attack vector from the air is being presented with the wide availability of citizen drones.

Originally reported through Popular Mechanics[1] who obtained reports in a 28 October 2021 US government bulletin, media describes a crashed drone found on the roof of a building next to a Pennsylvania substation in July 2020.  Experts believe the drone was like

Ransomware has been a cyber security issue for the past several years and somewhat hits its peak - with the Colonial Pipeline ransomware attack.  Ransomware is defined as a form of malicious software that is designed to restrict users from accessing their computers or files stored on computers until they pay a ransom to cybercriminals.

Ransomware typically operates via the cryptovirology methods or using cryptography (encryption) to design powerful malicious software.  The software then uses sym

Robinhood was known for “Stealing from the Rich, and Giving to the Poor.”  Not so in the last two years.  For the second time Robinhood Markets Inc. has been attacked by cyber criminals.  Robinhood said personal information of about 7 million people, which is approximately a third of its customers, was compromised in a data breach last week.  The bad actors then demanded a ransom payment.  The intruder obtained email addresses of about 5 million people as well as full names for a separate group

Area Maritime Security Committees 2020 Annual Report – Challenges, Suggestions, Accomplishments, and Best Practices.  The Office of Port and Facility Compliance is pleased to announce the publication of a consolidated report[1] on the status and work completed in 2020 by Area Maritime Security Committees.  Area Maritime Security Committees 2020 Annual ReportArea Maritime Security Committees 2020 Annual Report.[2]

Area Maritime Security Committees (AMSCs) provide a valuable forum to discuss and a

During October 2021, the cyber sector celebrated the 18^th year of the Cybersecurity Awareness Month, which was previously known as National Cybersecurity Awareness Month.  Under the slogan “Do Your Part #BeCyberSmart”, the Cybersecurity and Infrastructure Security Agency (CISA) together with the National Cyber Security Alliance (NCSA) each year encourage individuals and organizations to own their role in protecting cyberspace by emphasizing personal accountability and the importance of taking pr

Activity Summary - Week Ending on 5 November 2021:

• Red Sky Alliance identified 18,221 connections from new IP’s checking in with our Sinkholes
• Analysts identified 5,681 new IP addresses participating in various Botnets
• Sality remains the top Malware Variant at 16191 Observation
• UpdateAgent Variant (Wizard Update)
• NPM Library Hijacked
• Black Friday and Cyber Monday
• Squid Games
• High/Low Risk Countries
• Nuclear Ransomware
• Lockean in France
• Tobacco Company being Hit

Link to full report: IR-21-309-00

Cybersecurity researchers are warning about a rise in cyber criminals going after mobile devices as a means of gaining entry to networks.  There has been a surge in mobile phishing attacks targeting the energy sector as cyber attackers attempt to break into networks used to provide services including electricity and gas.

The energy industry is highly critical, providing people with vital services required for everyday use.  That role makes it a prime target for cyber criminals.  That risk was de

The secure messaging service Signal[1] has released the details of a search warrant it received from the Santa Clara, California Police which shows the efforts US law enforcement agencies will go to force online platforms into disclosing the personal information of their users.  In the search warrant, the police sought to get the name, street address, telephone number, and email address of a specific Signal user, which is not necessarily unusual.  It also wanted billing records, the dates of whe

CISA issued Binding Operational Directive (BOD) 22-01, Reducing the Significant Risk of Known Exploited Vulnerabilities to evolve the approach to vulnerability management and keeping pace with threat activity.  The directive establishes a CISA managed catalog of known exploited vulnerabilities and requires federal civilian agencies to identify and remediate these vulnerabilities on their information systems.

Although BOD 22-01 requires action from federal civilian agencies only, CISA strongly re

Cyber threat actors must hate children this year.  Ferrara Candy the company that makes Nerds, Laffy Taffy, Now and Laters, SweetTarts, Jaw Busters, Nips, Runts and Gobstoppers announced that it was hit with a ransomware attack just weeks before it prepares for one of its biggest holidays, Halloween. The Illinois-based company released a statement that on 09 October 2021, they "disrupted a ransomware attack" that encrypted some of their systems. 

"Upon discovery, we immediately responded to secu

Activity Summary - Week Ending on 27 October 2021:

• Red Sky Alliance identified 36,141 connections from new IP’s checking in with our Sinkholes
• Analysts identified 41,071 new IP addresses participating in various Botnets
• Sality remains the top Malware Variant at 32074 times seen
• Harvester Part II
• Vulnerability on Confluence Server
• EntroLink
• Russia, Russia, Russia
• Iranian Gas Stations
• Walmart
• COP = Climate Activism escalation
• Climate and Animal Rights Activists join Forces to eliminate Meat

Link

The prevalence of ransomware has had a devastating impact on businesses over the past few years, with insurance underwriters seeing increasingly large ransomware payouts.  As a result, some core cyber security hygiene fundamentals are being required by insurers to qualify for coverage.   Many companies wrongly assume that having backups in the cloud can prevent or reduce the impacts of a ransomware attack.   For example, secure cloud backup has become a hard and fast requirement. Most cyber insu

A recent bipartisan report by the US Senate’s Homeland Security and Governmental Affairs Committee shows that key government agencies have made little progress in terms of cybersecurity over the past two years.  A report published in 2019 found that eight federal agencies failed to meet even the basic cybersecurity standards and protocols. Two years later, cybersecurity at those agencies was again analyzed and the findings are as described in the new report “stark.”

The new report, titled “Feder

Federal law enforcement officials announced on 26 October 2021 that a wide-ranging, global illicit drug crackdown yielded 150 arrests and the seizure of more than $31.6 million in cash and virtual currencies.  The 10-month law enforcement initiative called Operation Dark HunTOR, after the encrypted Internet tool, was conducted in partnership with international counterparts.  The operation produced 234 kilograms (500 lbs.) of seized drugs.  Of those arrested, 65 were in the US and the remaining w