Here is an old story that is still funny to those of us who used floppy disks. If you do not remember them, skip to paragraph 2. There have always been funny stories about failed recoveries from cyber incidents. A dedicated client regularly took backups on disk, giving them to his system administrator and asking for them to be filed for emergencies. It was only when a failure occurred that he asked for the latest backup disk and discovered it had been filed in a ring folder, with two neat punc
All Articles (2634)
Sort by
The operators of TrickBot malware have infected an estimated 140,000 victims across 149 countries a little over a year after attempts were to dismantle its infrastructure. The advanced Trojan is fast becoming an entry point for Emotet, another botnet that was taken down at the start of 2021. Emotet is believed to have originated in the Ukraine is also known as Heodo which was first detected in 2014. See: https://redskyalliance.org/xindustry/this-may-be-the-end-of-emotet
Most of the victims d
We talk about them all of the time, we sell access via APIs, we use them constantly, but how many readers can explain them? Let’s revisit our college days without the bell-bottomed jeans and mullet haircuts.
Computer Science 101: API is the acronym for Application Programming Interface, which is a software intermediary that allows two applications to talk to each other. This is elementary to data communications. Every time you use an app like Facebook, send an instant message, or check the
During the first nine months of 2021, 40,000 people reported losing over $148 million in gift cards to scammers. And we are only now entering the Christmas season. According to the Federal Trade Commission (FTC), these are staggering numbers that have increased each year for the past several years. Since 2018, gift cards have been the most frequently reported payment method for fraud. According to the FTC, most gift card scams start with a phone call from someone impersonating a branch of t
Preventing a cyberattack is more cost-effective than reacting to one and we have seen that many boardrooms still are not willing to assign the needed budget. Too many organizations still are not willing to spend money on preventive cybersecurity because they view it as an unnecessary additional expense. Later, find they have to spend much more budget dollars recovering from a cyber incident after they get hacked.
Cyberattacks like ransomware, business email compromise (BEC) scams, and data bre
The new ransomware operation, which debuted in November 2021, has the potential to be the most sophisticated ransomware of the year, with a highly adjustable feature set that allows for assaults on a wide range of corporate setups. Details have emerged about what is the first Rust language based ransomware strain identified that has already amassed "some victims from different countries" since its launch last month.
The ransomware, now named BlackCat, was disclosed by MalwareHunterTeam https://
A major outage in Amazon’s cloud computing network had severely disrupted services at a wide range of US companies beginning on 07 December 2021. Amazon and some other services including Prime Video and Alexa were affected by computer problems. Thousands of users in the United States have reported problems on the outage tracking website Downdetector. There are reports in the US that customers of McDonald's, Netflix, Disney, and several other AWS clients, are had issues too.
Downdetector http
Some new business models are too good to be true, especially if they serve criminals. Many ransomware-wielding attackers continue to rely on several Cybercrime-as-a-Service providers to support their ability to easily gain access to targets and steal data. An increasing number of ransomware operations also run data leak sites to pressure nonpaying victims into meeting attackers' ransom demands, researchers say. One star player in the ransomware ecosystem remains the initial access brokers.
Activity Summary - Week Ending on 10 December 2021:
- Red Sky Alliance identified 44,043 connections from new IP’s checking in with our Sinkholes
- dauction.ru Still has Issues
- Analysts identified 3,806 new IP addresses participating in various Botnets
- Phobos Ransomware
- Yanluowang Ransomware
- The Snatch Hacking Group
- USB drives – Old Tactic
- Hacker arrested in Ottawa
- Becoming a Pro
- Trains, Planes and Automobiles
- MatchMG
Link to full report: IR-21-344-001_weekly344.pdf
The holiday shopping season is now at full throttle, and so is the risk of a cyber-attack. Threat actors often get to work during the holidays. IT staff is heading out for vacation, and everyone is in a hurry. This means we might skimp on security. Still, there are some holiday cybersecurity tips that will help make the season go smoothly. Today we would like to share some common sense, and very valuable tips by Jonathan Reed.[1]
During the holidays, online shopping and overall activity dram
The FBI has seized 39.9 bitcoins from an alleged affiliate of the notorious REvil ransomware group, which has been tied to illicit profits of more than $200 million. The seizure occurred 03 August 2021 and was reported on 30 November 2021 in a complaint for forfeiture filed by acting U.S. Attorney Chad E. Meacham in the U.S. District Court for the Northern District of Texas, backed by FBI Special Agent Joshua Jacobs. It says the funds were seized from an Exodus wallet, which refers to a piece of
The Port of Rotterdam in the Netherlands has launched its Secure Data Sharing Program through its Port Community System (PCS) PortBase. The Port of Rotterdam is the largest seaport in Europe, and the world's largest seaport outside of East Asia. From 1962 until 2004, it was the world's busiest port by annual cargo tonnage. This port will serve as a leader in Port Cyber Security.
With worldwide calls for better cybersecurity on the rise following reports that the cybercrime underground is rip
In the US Great Depression, there was a song called, ‘Brother, can you spare a Dime.” Now it is $25.00. In 2021, there has been a surge in cyber criminals selling access to compromised corporate networks as hackers look to cash in on the demand for vulnerable networks from gangs looking to initiate ransomware attacks. Some access has been offered at only $25.00. How would you feel if your organization’s network access was on the “Bargain Rack?”
Researchers at cybersecurity company Group-IB a
It has been over two years since the UK’s data protection watchdog warned the behavioral advertising industry that it is ‘totally out of control.’ The UK’s Information Commissioner's Office (ICO) reportedly has not taken any action to stop the systematic unlawfulness of the tracking and targeting industry abusing Internet users’ personal data to try to manipulate their attention. That is not in terms of enforcing the law against offenders and stopping what digital rights campaigners have descr
Activity Summary - Week Ending on 3 December 2021:
- Red Sky Alliance identified 35,939 connections from new IP’s checking in with our Sinkholes
- Dauction.ru has Issues
- Analysts identified 4,712 new IP addresses participating in various Botnets
- Unpatched Information & Windows
- PowerShortShell
- Banking Trojans and the Play Store
- Vestas Wind Systems
- US Military Veterans Targeted
- IKEA and the SquirrelWaffle
- WSpot in Brazil
- Walmart and Cyber Monday
Link to full report: IR-21-337-001_weekly337a.pdf
Don’t ignore those pesky emails from HP requesting that you download the most recent software updates. Vulnerabilities in more than 150 multi-function printers from HP demonstrate that any type of device that connects to a network can expand the perceived threat surface. Helsinki, Finland-based F-Secure https://www.f-secure.com/us-en found exploitable vulnerabilities in more than 150 HP multi-function printers. It reported its findings to HP in the spring of 2021. HP has updated the printe
The Five Eyes is an intelligence alliance comprising Australia, Canada, New Zealand, the United Kingdom, and the United States. These countries are parties to the multilateral UKUSA Agreement, a treaty for joint cooperation in signals intelligence. What effects one of these partner countries will affect all of them. China, Russia and Iran pose three of the biggest threats to the U.K. in a fast-changing, unstable world, the head of Britain’s foreign intelligence agency said 29 November 2021. M
It is never easy to negotiate with criminals, especially in the cyber-world we live in. Organizations that fall victim to a ransomware attack should never let the cyber criminals know they have cyber insurance, because if the attackers know that their victim holds an insurance policy, they are more likely to outright demand the ransom payment in full. Criminals are smart and cunning.
Cybersecurity researchers recently examined over 700 negotiations between ransomware attackers and ransomware v
It is the most wonderful time of the year… unless you get scammed. The holiday shopping season is in full swing, and so are fraudsters looking to steal your money and more. With more people shopping online, digital retailers make getting your holiday shopping done easy; you can buy what you need without going outside. It also comes with its own unique risks. Digital payment fraud has been growing with criminals paying special attention to the Black Friday shopping season.
“The total number of
In today’s business world, mergers and acquisitions are commonplace as businesses combine, acquire, and enter various partnerships. Mergers and Acquisitions (M&A) are filled with often very complicated and complex processes to merge business processes, management, and a whole slew of other aspects of combining two businesses into a single logical entity. There have been cyber-attacks on companies during M&As, yet there is a growing concern with M&A activities and cyber security.
The use of alt
