All Articles (689)

Sort by

9712251854?profile=RESIZE_400xSeveral cyber-attacks were prevented by Israel’s Health Ministry’s Cyber Security Center over this past weekend, the Health Ministry reported on 17 October.  Some 627 cyberattacks per organization were observed in Israel’s health sector – 72% more than the average on previous weekends, Check Point said.  These attacks are more than in any other sector, where there was an average of 267 attacks per organization and no significant increase, the cyber security firm noted.[1]

Barzilai Medical Center

9709443281?profile=RESIZE_400xWarnings have been issued for years.  The techniques were simple enough: penetrate the platform through the onboard navigation system and then go horizontally across the onboard networks to gain control of key systems such as steering and the throttle.  The hackers did exactly this and surprisingly without foreknowledge of the specific systems they were to hack prior to beginning the penetration.  They were in and through the navigation interface in a remarkably short time and had control of bot

9704153466?profile=RESIZE_400xActivity Summary - Week Ending 15 October 2021:

  • Red Sky Alliance identified 37, 307 connections from new IP’s checking in with our Sinkholes
  • Analysts identified 1,873 new IP addresses participating in various botnets
  • Sality remains the top Malware Variant at 33,705 times seen
  • AtomSilo targeting Confluence
  • FamousSparrow and Hotels
  • BloodyStealer
  • Another .edu Hit in the UK
  • Pointing a Finger at China
  • Spanish Melia Hotels hacked
  • Afghan Telcom Roshan

Link to full report: IR-21-288-001_weekly_288.pdf


On 5 October 2021, an anonymous user on the 4chan technology board posted claiming to have a large data breach of Twitch proprietary code.  Watch our REDSHORT Webinar. The user called out Twitch for being a “toxic community,” ending its post with #DoBetterTwitch (a variation of the trending TwitchDoBetter hashtag responding to the ‘Twitch Hate Raids’).

The post briefly describes content found in leak data, including source code for Twitch and other products and Streamer payout data.



Twitch r

9701453695?profile=RESIZE_400xA US Pentagon official recently said he resigned his post because US cybersecurity is allegedly no match for China, calling it 'kindergarten level.'  This senior cybersecurity official Nicholas Chaillan said he quit because he thought it was impossible for the US to compete with China on artificial intelligence (AI). He joined the US Air Force as its first chief software officer in August 2018 and worked to equip this branch and the Pentagon with the most secure and advanced software available.

9690728900?profile=RESIZE_400xThe US head of the US National Security Agency (NSA), Cyber Command says the US will continue to battle ransomware for many years into the future. Some of the highest-ranking cybersecurity officials in the US government discussed the pervasive threat of ransomware on 05 October 2021, comparing it to an issue of national security with the ability to inflict measurable damage on major world powers.

Speaking at security firm Mandiant's Cyber Defense Summit, the deputy national security adviser for

9680917286?profile=RESIZE_400xSometimes the direct approach is the best.  Dutch cybercrime police have a message for almost 30 users of an on-demand distributed-denial-of-service site: “We see what you're doing, now cut it out or we're going to arrest you.”  Not for the first time, the move shows police in Europe attempting to move offenders, who are often young men, away from criminality, rather than arresting them outright.

On 11 October 2021, Dutch National Police said they issued a written warning to 29 individual hacker

9670267679?profile=RESIZE_400xRecently, a US federal magistrate judge recommended the dismissal of a female’s lawsuit against famous soccer player - Cristiano Ronaldo.  The recommended dismissal is largely because her attorneys relied on confidential documents obtained through a hacker.  In the 6 October ruling, the federal magistrate warned of “far-reaching, dangerous consequences on the legitimacy of the judicial process” if “hacked privileged documents” become “fair game for an attorney to use to create and prosecute the

9657763476?profile=RESIZE_400xActivity Summary - Week Ending 8 October 2021:

  • Red Sky Alliance identified 45,583 connections from new IP’s checking in with our Sinkholes
  • Analysts identified 1,245 new IP addresses participating in various botnets
  • Researchers observed 10 unique email accounts compromised with keyloggers
  • Ranion is a Ransom-as-a-Service
  • Ransomware Operations are Short-Lived
  • Cyber-Attack turns Fatal
  • Indiana hospital and Ransomware
  • Protecting the Healthcare Sector
  • What’s a Slacktivist?
  • The Anthropocene Period


9654396667?profile=RESIZE_400xPort industry leaders recently submitted cybersecurity guidelines to the United Nations International Maritime Organization (IMO) for consideration.  The IMO Member States should seize this opportunity and amend the International Ship and Port Facility Security (ISPS) Code to enact cybersecurity standards for ports and port facilities.  Specifically, IMO Member States should amend the code, using the new industry guidelines as a model, to require port facilities to conduct regular cybersecurity

9651443878?profile=RESIZE_400xFacebook has been having its share of problems.  From a global outage to a Whistleblower gone public with claims that Instagram causes youth-based psychological issues, the social media giant is now on the defensive.  US Congress is currently taking another, yet closer, look at oversight of social media platforms. 

Facebook and its Instagram and WhatsApp platforms are finally back in operation after a worldwide outage hit the services and the businesses and people who rely on its platforms.  Fac

9642156265?profile=RESIZE_400xAn Android Trojan has now achieved a victim count of over 10 million in at least 70 countries.  Researchers say the infections are generating millions of dollars a month in recurring revenue.  According to Zimperium zLabs, the new malware has been embedded in at least 200 malicious applications, many of which have managed to circumvent the protections offered by the Google Play Store, the official repository for Android apps.

The researchers say that the operators behind the Trojan have managed

9648218468?profile=RESIZE_400xEver think about scamming the harassing telephone scammers?  Three to four days a week, a US Los Angeles based voice actor calls back telephones thieves and messes with their heads.  For the past two years, this champion of anti-scamming, runs a sort of reverse call center, deliberately ringing the people most of us hang up on those scammers who pose as tax agencies or tech-support companies or inform you that you’ve recently been in a car accident you somehow do not recall.  When the actor gets

9641896275?profile=RESIZE_400xCyber threat hunting is an active cyber defense activity.  It is "the process of proactively and iteratively searching through networks to detect and isolate advanced threats that evade existing security solutions."  This contrasts with traditional threat management measures, such as firewalls, intrusion detection systems, malware sandbox, and SIEM systems, which typically involve an investigation of evidence-based data after there has been a warning of a potential threat.

To maximize the chance

9641497900?profile=RESIZE_400xMany believe that the Mafia of old has long since been active.  Not so, says Europol.  The new and improved Mafia organized crime ring thrived on violence, intimidation and $12 million in online fraud profits; all specialties of the Mafia.  International law enforcement has busted up an extensive cybercrime operation run by a gang with ties to the Italian Mafia.

The group allegedly used phishing attacks to defraud hundreds of victims. The suspects used various lures to convince victims (mostly I

TLP: WHITE    October 1, 2021


Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Successful exploitation of the most severe of these vulnerabilities could allow an attacker to execute arbitrary code in the context of the browser. Depending on the privileges associated with the application, an attacker could view, change, or delete data. If this application has been configured to have fewer user right

9633476875?profile=RESIZE_400xActivity Summary - Week Ending 1 October 2021:

  • Red Sky Alliance identified 28,292 connections from new IP addresses connecting to Sinkholes
  • Analysts identified 482 new IP addresses participating in various botnets
  • Amazon Data Services Canada has a compromised IP
  • #1 Malware for 29 Sept, FoggyWeb
  • Blackmatter Ransomware, Again
  • iTerm2 App
  • German Elections and Russia
  • South Africa Ransomware Attack
  • French Shipper hit Again
  • British Giant Group hit with a ‘sophisticated’ cyber-attack
  • Lithuania and Chin

9629233486?profile=RESIZE_400xCybersecurity is always low on upper management's priorities during a merger or acquisition, but it shouldn’t be.  "Companies that are being bought and sold are often prime targets for cyberattacks," explained the CEO of cybersecurity solutions provider Industrial Defender, during a recent interview.[1] "By enacting Operational Technology (and proactive cyber intelligence) security measures, organizations can avoid an exciting company milestone from becoming an infrastructure and security nightm

9621574087?profile=RESIZE_400xThe Quadrilateral Security Dialogue (Quad) has signaled its commitment to cybersecurity by announcing a dedicated new group that will promote best practices and shared standards.  The announcement came after the first-ever in-person meeting of the Quad, which comprises the US, India, Japan, and Australia in an alliance of democratic nations designed to counter Chinese aggression.

A White House briefing on the leaders’ summit detailed multiple areas of cooperation between the four nations, from C

9624873068?profile=RESIZE_400xThe US Department of Commerce is currently requesting public input on a previous administration cybersecurity executive order that requires cloud providers to verify the identities of certain users.  The goal of the executive order is to identify malicious cyber actors operating abroad and leveraging US technologies. 

Executive Order (EO) 13984 was signed on 19 January 2021 by President Trump, along with other mandates focused on national security.  While incumbent President Joe Biden has revers