US officials say North Korea pulled off an elaborate plan to trick American companies into hiring thousands of skilled IT workers who later sent the money they earned back to be used for the country's weapons program. The FBI and the Justice Department (DOJ) said they shut down 17 websites that were used by IT worker to "defraud US and foreign businesses, evade sanctions and fund the development of the Democratic People’s Republic of Korea government’s weapons program." They also seized $1.5 m
All Articles (1934)
Sort by
Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments. Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate
CYBERSECURITY BEST PRACTICES, MALWARE, PHISHING, AND RANSOMWARE, CYBER THREATS AND ADVISORIES
The link below provides is document is a one-stop resource to help organizations reduce the risk of ransomware incidents through best practices to detect, prevent, respond, and recover, including step-by-step approaches to address potential attacks. This publication was developed through the Joint Ransomware Task Force (JRTF), an interagency body established by Congress in the Cyber Incident Reporting
The advanced persistent threat (APT) actor known as ToddyCat has been linked to a new set of malicious tools that are designed for data exfiltration, offering a deeper insight into the hacking crew's tactics and capabilities. ToddyCat is a Chinese APT actor who has launched a campaign against telecom and government sectors in Asian countries. The campaign has been named “Stayin’ Alive.” The Stayin' Alive campaign consists of mostly downloaders and loaders, some of which are used as an initial
A recent cyber security research project provided that Millennial and Gen Z office workers are more likely to have unsafe cybersecurity habits when compared to Gen X and older (those above 40 years of age).
This is true about performing password hygiene, clicking on phishing links and sharing devices with family and friends:
- 38% of office workers under 40 use the same passwords on multiple devices, compared to 28% of office workers older than 40.
- 34% of office workers under 40 shared work devic
The United States and United Arab Emirates (UAE) have finalized an agreement that sets out how the two countries will cooperate on cybersecurity and digital resilience. The memorandum of understanding signed by the Treasury Department and the UAE’s Cyber Security Council calls for increased information sharing about digital threats to the financial sector; more staff training and visits; and “competency-building activities” like joint online exercises, according to the Treasury.[1]
“As cyber-at
Axiom Space https://www.axiomspace.com has selected an unconventional partner to assist in its development of spacesuits that will be worn by the next NASA astronauts to walk on the moon. Prada https://www.prada.com will add style to future space missions. Axiom Space and Prada, the Italian luxury fashion house, announced 04 October 2023 that they would collaborate on spacesuits Axiom is developing for use on Artemis missions, starting with Artemis 3 in 2025. Axiom Space will take advantage o
Colonial Pipeline said there has been no disruption to pipeline operations or their systems after a ransomware gang made several threats last Friday; yes Friday the 13th. The company, which runs the largest pipeline system for refined oil products in the US, addressed claims made by the Ransomed.vc gang that data had been stolen from their systems.
“Colonial Pipeline is aware of unsubstantiated claims posted to an online forum that its system has been compromised by an unknown party. After wor
The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and Multi-State Information Sharing and Analysis Center (MS-ISAC) are releasing this joint Cybersecurity Advisory (CSA) in response to the active exploitation of CVE-2023-22515. This recently disclosed vulnerability affects certain versions of Atlassian Confluence Data Center and Server, enabling malicious cyber threat actors to obtain initial access to Confluence instances by creating unauthoriz
Recently a user on the social media platform X devised and successfully executed a plan that caused Bing Chat to solve a CAPTCHA filter. CAPTCHA filters are visual puzzles that are easily solved by humans but difficult for automated programs. This is to prevent applications like bots from filling out forms on the Internet. Bing Chat is a public large-language model (LLM), similar to ChatGPT but hosted by Microsoft, which Denis Shiryaev, CEO of neural.love https://neural.love was feeding a CA
In a US Securities and Exchange Commission 8-K disclosure filing on 05 October 2023, MGM Resorts reported losing around $100 million after the 11 September 2023 breach incident.
In an open letter published recently, MGM CEO Bill Hornbuckle said that "the vast majority of our systems have been restored," adding, "We also believe that this attack is contained. As part of our remediation efforts, we have rebuilt, restored, and further strengthened portions of our IT environment.[1] We will offer
Cybersecurity has always been a race between cybercriminals and defenders. Defense against attackers will improve to adapt to new threats, and then attackers respond by refining their tactics to find the next vulnerability in the defense. It's one of the most dynamic environments in the world of computer science.
One of the most successful and increasingly prevalent ways of attack has come from social engineering, which is when criminals manipulate humans directly to gain access to confidential
A new deceptive campaign has been observed hijacking GitHub accounts and committing malicious code disguised as Dependabot contributions with an aim to steal passwords from developers. The malicious code exfiltrates the GitHub project's defined secrets to a malicious C2 server and modify any existing javascript files in the attacked project with a web-form password-stealer malware code effecting any end-user submitting its password in a web form. The malware is also designed to capture GitHub
Do oil and gas tankers have a use for artificial intelligence (AI)? That is the question Rigzone posed to maritime risk intelligence company Dryad Global, who in turn outlined a range of ways these tankers can utilize the technology. Data mining was one use case Dryad highlighted in its response. “Throughout a tanker’s journey, they create and receive a continuous stream of data,” a company spokesperson told Rigzone. “People are limited in their abilities to process and sort it. AI mines rea
A previously unknown government-backed hacking group is targeting organizations in the manufacturing, IT, and biomedical sectors across Taiwan, Vietnam, the US and an unnamed Pacific island, according to new research from Symantec.
Researchers are tracking the group under the name “Grayling” and said in a report released earlier this week that it is using custom-made malware as well as publicly available tools to attack its targets. The attacks, which began in February and continued through May
A group of academic researchers has devised a technique to extract sounds from still images captured using smartphone cameras with rolling shutter and movable lens structures. The movement of camera hardware, such as the Complementary Metal-oxide–Semiconductor (CMOS) rolling shutters and the moving lenses used for Optical Image Stabilization (OIS) and Auto Focus (AF), create sounds that are modulated into images as imperceptible distortions.[1]
These types of smartphone cameras, the researchers
US Authorities have shared a joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors. #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. Visit stopransomware.gov to see all #StopRansomware advisories and to learn
Red Sky Alliance has long presented evident of China’s modern-day Silk Road initiatives. Much of the Chinese targets were in Africa; many tying in cyber as the linkage. Below is a good exposé by Sentinel Labs. In the evolving cyber threat landscape, it’s always important to constantly challenge our biases. There are large pockets of important threat activity occurring in regions around the world less commonly addressed in Western threat research. While much attention has rightfully been dra
Elon Musk’s SpaceX has received its first contract from the US Space Force to provide customized satellite communications for the military under the company’s new Starshield program, extending the provocative billionaire’s role as a defense contractor.
See: https://redskyalliance.org/xindustry/starlink-to-the-rescue-1
Space Exploration Technologies Corp. is competing with 15 companies, including Viasat Inc., for $900 million in work orders through 2028 under the Space Force’s new “Proliferated
Politically-motivated hackers from all over the world have leapt into the escalating conflict between Israel and the Palestinian group Hamas. Hacktivists are using tactics similar to what was seen at the beginning of the Ukraine-Russia war: leaking stolen documents and launching distributed denial-of-service and defacement attacks on government websites, media outlets, and critical infrastructure.[1]
The recent surge in hacktivism comes on the heels of the Red Cross issuing ethical guidelines f
