All Articles (2261)

Sort by

13247018662?profile=RESIZE_400xTrustwave researchers have recently released a report about a phishing campaign they had been tracking which had experienced a significant increase in activity in August of 2024 and targeting primarily Microsoft 365 users. This campaign has been linked to the phishing kit called Rockstar 2FA.  The Rockstar 2FA phishing kit has been deemed to be an updated version of the DadSec phishing kit. Microsoft tracks the threat actor behind these phishing kits under the moniker Storm-1575.

Rockstar operat

13245388853?profile=RESIZE_400xImagine a world where every car dealership in the country sells the same bland, featureless sedan.  No variety, no personality, just four wheels, a steering wheel, and a shrug-worthy lack of innovation.  That’s what one-size-fits-all cybersecurity looks like for managed security service providers (MSSPs): A cookie-cutter offering that nobody truly loves, everyone tolerates, and eventually, someone else customizes better.[1] 

Mike Saylor, CEO and co-founder of Black Swan Cybersecurity, has spent

13229596287?profile=RESIZE_400xIn September 2024, researchers observed an attack using the notorious SmokeLoader malware to target companies in Taiwan, including those in manufacturing, healthcare, information technology, and other sectors. SmokeLoader is well-known for its versatility and advanced evasion techniques, and its modular design allows it to perform a wide range of attacks.  While SmokeLoader primarily serves as a downloader to deliver other malware, in this case, it carries out the attack itself by downloading pl

13236522289?profile=RESIZE_400xFortiGuard Labs gathers data on ransomware variants of interest that are gaining traction within its datasets and the OSINT community. The report below provides brief insights into the evolving ransomware landscape.

Interlock Ransomware Overview - Interlock is a new ransomware variant that was first publicly discovered in an available file-scanning site in early October 2024. This could indicate that the ransomware emerged as early as September. The Interlock ransomware comes in Windows and Free

13229176473?profile=RESIZE_400xA ransomware attack on supply chain software firm Blue Yonder in turn hit a dozen big names in food and retail with business disruptions, Starbucks and Walgreens among them.  The software is widely used by a range of Fortune 500 companies, and the full list of potentially impacted victims remains unclear.  Companies such as grocery giant Kroger (and its recently acquired subsidiary Albertsons), Anheuser-Busch and Ford are known to use the software but have not confirmed any impact as of yet.  Se

13224549256?profile=RESIZE_400xNetwork-attached storage devices like NetApp contain volumes of data which are vital to business operations.  With broad access available to so many users, protecting NetApp storage from malware is critical to operational stability and integrity. Organizations worldwide face increasingly sophisticated threat actors. AI-powered threat detection can level the playing field, protect business data, and stop attacks before they begin. 

The Challenge - Legacy AV solutions have long dominated storage s

13223776865?profile=RESIZE_400xTwo Internet cables between Germany and Finland, as well as between Lithuania and Sweden, have experienced sudden outages. Located in northern Europe, the Baltic Sea is an active commercial shipping route ringed by nine countries, including Russia. The affected countries, all members of NATO, say that it is unlikely to be accidental. This happened in the same waterway in which a significant gas pipeline and other underground cables were previously damaged in mysterious circumstances in 2022. No,

12057871866?profile=RESIZE_400x

Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate

13223510085?profile=RESIZE_400xAfter being deported from South Korea, a Russian cybercriminal leader has made his first appearance in the US District Court for the District of Maryland to face his charges. Evgenii Ptitsyn, 42, is a Russian national who allegedly administered the sale, distribution, and operation of Phobos ransomware, which has been used against more than 1,000 victims, including public and private entities in the United States and globally. According to the indictment, its affiliates have extorted ransom paym

13222727095?profile=RESIZE_400xThe US Coast Guard has issued a second security directive warning that Chinese ship-to-shore cranes used widely in the United States pose a cybersecurity risk. Maritime Security Directive 105-5 calls on port operators to take “risk management” measures to mitigate the threats.

Built-in vulnerabilities for remote access and control of the cranes “combined with intelligence regarding China’s interest in disrupting US critical infrastructure, necessitate immediate action,” according to a portion of

13164005455?profile=RESIZE_400xThe US Department of Justice is reportedly seeking to force Google to sell Chrome, according to Bloomberg.  Prying the browser from the rest of the company is only one of the measures the DOJ will ask the courts to enforce, following a ruling that the company maintained an illegal search monopoly.   While ripping Chrome from Google might seem a relatively simple measure, there are a huge number of complicating factors that make it a trickier operation than it might first appear, factors that cou

13198643056?profile=RESIZE_400xCyberVolk is a politically motivated hacktivist collective that launched its own RaaS in June 2024. The group uses DDoS and ransomware attacks to undermine and disrupt the operations of those opposed to Russian interests.

The group has become an increasingly prominent player within the cybercrime ecosystem, adapting and repurposing existing commodity malware to advance its causes. Highly skilled actors within the collective expand and revise such tools, effectively making them more sophisticated

13197313878?profile=RESIZE_180x180Most people watch online scams, but if you are not careful, you might do the scammers' work for them. A new study from GenDigital, the company behind cybersecurity brands like Norton, Avast, LifeLock, AVG, ReputationDefender, and CCleaner, shines some light on "scam yourself" attacks that are on the rise dramatically. Instead of using other nefarious methods, these scams rely on social engineering to get people to download malware themselves.
Gen says millions of people have fallen for these sca

13186295697?profile=RESIZE_400xA skilled and prolific hacker has been given a five-year sentence on 14 November 2024 for laundering the proceeds of one of the biggest ever crypto-currency thefts.  His crime involved the 2016 theft of a reported 120,000 bitcoins from cryptocurrency exchange Bitfinex, worth over $9bn at today's heightened exchange rate.   Ilya Lictenstein has been sentenced to five years in jail after he attempted to launder the money with the help of his wife Heather Morgan, who used the alias 'Razzlekhan' to

13193143874?profile=RESIZE_400xThe country's National Cyber Security Centre (NCSC) has uncovered a new malware campaign targeting Swiss residents through fake postal letters. The scam involves fraudulent correspondence disguised as official communication from MeteoSwiss, the Federal Office of Meteorology and Climatology. It urges recipients to scan a QR code and download a malicious weather app for Android devices.

See: https://redskyalliance.org/xindustry/malicious-qr-codes

The fake “Severe Weather Warning App” app mimics t

13183099264?profile=RESIZE_400xHappy Thanksgivinglets go shopping.  As we head into the rush of the holiday season, it can be easy to pay less attention to certain details like ADs promoting excessive discounts, unusual web addresses and text messages about undeliverable packages, which can all be signs of online shopping scams.  Between October and December 2023, $95.2 million in losses from online shopping scams were reported to the US Federal Trade Commission by consumers, according to the New York State Department of S

13174368075?profile=RESIZE_400xEfforts by the US DHS, Transportation Security Administration (TSA) to address cybersecurity issues faced significant criticism this week from government watchdogs, members of Congress and regulated companies.  A US Government Accountability Office (GAO) report last week said four of the six cybersecurity recommendations made to TSA since 2018 have still not been addressed, including one centered around the agency’s efforts to protect companies from ransomware.  “For example, in January 2024, GA

13186343875?profile=RESIZE_180x180So, the other day, I was walking down our main street, and I noticed a girl wearing bell-bottom pants. Wow, that takes me back to the late 1960s and into the ’70s. Everyone was wearing bell-bottom pants back then. I even had a few pairs myself. In truth, that fad started with sailors wearing bell-bottom pants. The British Navy began the “fad” in 1813, and the US Navy followed close behind. Was this fad coming back? Well, what is old often becomes new again. BTW, Wrangler sells women’s bellbottom

13183000284?profile=RESIZE_400xAs many are preparing for the holiday season, the US DHS, Transportation Security Administration (TSA) is projecting record-breaking travel for Thanksgiving in the next three (3) days.  TSA is prepared to screen more than 18 million people from Tuesday, 26 November, to Monday, 2 December, a 6% increase from last year.  Passenger volumes reached a record high in 2024, too, with a 17% increase from 2022.

TSA believes the three busiest days will be Tuesday and Wednesday before Thanksgiving and Sund

13159774667?profile=RESIZE_400xLaw enforcement officials warn that securely stored iPhones awaiting forensic examination are mysteriously rebooting, making them much more challenging to unlock, per a document obtained by 404 Media. 404 Media obtained the document from a mobile forensics source and verified it with another source. The document notes that some iPhones in a forensics lab, including those in Airplane mode or a Faraday box, rebooted unexpectedly, losing their “After First Unlock” (AFU) state. iPhones in an “After