All Articles (1333)

Sort by

11001479897?profile=RESIZE_400xRecently, cyber threat actors have been observed using AI-generated YouTube Videos to spread various stealer malware such as Raccoon, RedLine, and Vidar.   The videos lure users by pretending to be tutorials on downloading cracked software versions such as Photoshop, Premiere Pro, Autodesk 3ds Max, AutoCAD, and other licensed products available only to paid users.  Nothing is free on the Internet; you may be paying with a malware infection.


11000905285?profile=RESIZE_400xCybercriminals have started taking advantage of Silicon Valley Bank’s (SVB) downfall to carrying out scams that can steal money and bank account information or infect customers’ systems with malware.  SVB was shut down on 10 March 2023 by the California Department of Financial Protection and Innovation and the Feds after the bank failed to raise capital to keep running.[1]


SVB customers are expected to transfer their financial oper

11000532066?profile=RESIZE_400xMalware has a way of grabbing all the attention in the media and keeping companies on their toes.  The world watched as wipers were deployed to Ukrainian organizations after the Russian invasion of Ukraine, which marked the beginning of a time of instability that included ransomware and InfoStealers, as well.  Adding to the negative cybersecurity load of 2022, the contemporary version of ransomware celebrated its 10-year anniversary.

And if that were not enough, researchers have seen that a cybe

10999187252?profile=RESIZE_400xKill Chain - In today’s wildly unpredictable threat landscape, the modern enterprise should be familiar with the cyber kill chain concept.  A cyber kill chain describes the various stages of a cyberattack pertaining to network security.  Lockheed Martin developed the original cyber kill chain framework to help organizations identify and prevent cyber intrusions.   The steps in a kill chain trace the typical stages of an attack from early reconnaissance to completion.  Analysts use the framework

10998110089?profile=RESIZE_400xAn open source Adversary-in-The-Middle (AiTM) phishing kit has found new users in the cybercrime world for its ability to make cyberattacks at scale.  Microsoft Threat Intelligence is tracking the threat actor behind the development of the kit under its emerging name DEV-1101.  An AiTM phishing attack typically involves a threat actor attempting to steal and intercept a target's password and session cookies by deploying a proxy server between the user and the website.

Such attacks are more effec

10999205498?profile=RESIZE_400xRed Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associated

10998658499?profile=RESIZE_400xThe latest edition of the CrowdStrike Global Threat Report[1] comes at an important time for protectors around the world.  As organizations focus on managing remote and hybrid teams, operationalizing years of digital transformation and navigating an uncertain global economy, adversaries have become more sophisticated, relentless and damaging in their attacks.  As a result, a number of disruptive trends emerged in 2022 that threaten productivity and global stability.

The year started ominously as

10998572882?profile=RESIZE_400xFortinet warns that a recently addressed FortiOS vulnerability has been exploited by a sophisticated threat actor in highly targeted attacks against governmental and government-related entities.  Patched last week, the bug is tracked as CVE-2022-41328 and is described as a medium-severity path traversal issue leading to command execution.  When it announced the availability of fixes, Fortinet failed to mention that this was actually a zero-day vulnerability.[1]  “An improper limitation of a path

10998526880?profile=RESIZE_400xOur US government just loves acronyms.  Well, here’s a brand new one - RVWP.  The Department of Homeland Security (DHS), Cybersecurity infrastructure Security Agency (CISA) is telling organizations across all sectors and of all sizes they are often impacted by damaging ransomware incidents.  Many of these incidents are perpetrated by ransomware threat actors using known vulnerabilities.  By urgently fixing these vulnerabilities, organizations can significantly reduce their likelihood of experien

10997443262?profile=RESIZE_400xAnother day and another US Securities and Exchange Commission (SEC) crypto crackdown case.  Recently, the US regulator announced emergency action against investment adviser BKCoin Management in connection with an alleged fraud scheme.  

The SEC alleged on 07 March 2023 that Miami-based BKCoin Management raised $100 million from at least 55 investors to plug into cryptocurrency. Instead, it was used to spend on luxury items and make “Ponzi-like payments” to investors to hide their fraud.  The inv

10997071889?profile=RESIZE_400xSome CISOs and security professionals respond to threats with the same phrase, “I don’t care who is attacking me, I just want it to stop.”  They deploy an array of security tools to better block attacks, and they hope the malicious actors will go elsewhere. Does this work?  Some mature security teams have mature detection and intelligence programs that place a serialized code on the bottom of their SOC and intelligence reports that ultimately accumulate to a dollar loss prevention number.  But v

10997991696?profile=RESIZE_192XA new hacking group is targeting European countries and organizations in an espionage campaign that began in June 2022, according to new research.  Cisco’s Talos cybersecurity team calls the new group “YoroTrooper” and said it has already successfully compromised accounts connected to a “critical” European Union healthcare agency and the World Intellectual Property Organization (WIPO).  The researchers also found that it attacked several embassies.  “Our assessment is that the operators of this

10997392868?profile=RESIZE_400xMost of us have had or heard from a friend who has been the target of an email scammer pretending to be a friend in distress who needs money wired out of town or out of the country.  Now scammers are using the telephone to inform you that your loved one is in distress.  And the caller may sound “just like” your friend/relative. At that moment, your instinct would be to do anything to help them escape danger, including wiring money.  My father was a victim of such a scam, but he called me first f

10995733863?profile=RESIZE_180x180As high tech companies continue to leverage the powers of artificial intelligence, US regulators are worried that the technology's fortitude will outpace existing laws and provisions.  As a result, the US Chamber of Commerce called for AI to be regulated.  US lawmakers say that without proper legislative oversight, AI could become a national security risk or a hindrance to educational integrity.  Little legislation currently exists to regulate AI, which is a significant concern for US policymake

10997028665?profile=RESIZE_400xAccording to researchers, two out of every five (40.6%) operational technology (OT) computers used in industrial settings were affected by malware in 2022.  The data comes from a report published recently by security researchers at Kaspersky.  The figures represent a 6% increase compared with the previous half of the year and almost 1.5 times more than in the second half of 2021.

“Overall, 2022 stands out for its abnormal absence of seasonal changes.  Our team observed a steadily high rate of at

10997026087?profile=RESIZE_400xNorth Rhine-Westphalia Polizei reported on 06 March 2023, that they have disrupted an international cybercrime gang which has been blackmailing large companies and institutions for years, raking in millions of euros and US Dollars.  Working with law enforcement partners including Europol, the US FBI and authorities in Ukraine, police in Duesseldorf said they were able to identify 11 individuals linked to a group that has operated in various guises since at least 2010.

The gang allegedly behind t

10995668265?profile=RESIZE_400xThe notorious carding marketplace BidenCash recently released information on more than 2.1 million credit and debit cards.  The criminal site uses the president’s name and photo to trade in stolen data.  Carding marketplaces, also referred to as card shops, are cybercrime websites that facilitate the trading and unauthorized use of stolen payment card details.  The site active for less than a year, BidenCash has quickly become one of the top carding marketplaces, making a name for itself by rele

10995134480?profile=RESIZE_400xRecorded Future: ChatGPT is a chatbot developed by OpenAI, an artificial intelligence (AI) laboratory based in the US, which uses the GPT-3 family of autoregressive (AR) language models. ChatGPT launched on November 30, 2022, and has been subject to widespread attention. Among the potential advantages of ChatGPT, we have also identified several potential use cases ripe for abuse. While ChatGPT has the potential to be abused by nation-state actors to enable cyberespionage, information operations

10996058480?profile=RESIZE_400xCalifornia - Silicon Valley Bank (SVB),, a lender that was a fixture in the venture capital space for decades, collapsed on 10 March 2023.  The California Department of Financial Protection and Innovation closed SVB and named the FDIC as the receiver.  The trouble started on 08 March 2023 after SVB suddenly announced a plan to raise billions in capital to cover big losses. It set off widespread panic among investors and the tech founders they backed.  Shares of the company fell b

10994577899?profile=RESIZE_400xCheck out these top 8 cyber security tools to protect yourself from cyber threats.  Software for cyber security and privacy is essential for any company or individual.  The process of preventing cyberattacks on the network, system, or applications is known as cybersecurity.  It is used to prevent identity theft, cyberattacks, unauthorized data access, and cyber threats.[1]

Security of applications, data, networks, disaster recovery, and operations, among other things are the various cybersecurit