All Articles (1894)

Sort by

10237187095?profile=RESIZE_192XFor years, cyber threat professionals have warned against installing Kaspersky on any computer.  Now, German cybersecurity agency BSI on 16 March 2022 urged consumers not to use anti-virus software made by Russia's Kaspersky, warning the firm could be implicated in hacking assaults amid Russia's war in Ukraine.   Russia's military and intelligence activities in Ukraine, and its threats to EU and NATO allies, particularly Germany, mean there is "a considerable risk of a successful IT attack", the

10235226663?profile=RESIZE_400xSince declaring cyberwar on Russia through the #OpRussia campaign, the hacktivist group Anonymous has been busy.  It has been three weeks since the Anonymous collective tweeted their declaration of war, and in that time the decentralized group has been a mainstay of news headlines.   

Since Russia invaded Ukraine the Anonymous twitter account, @YourAnonNews has gained close to 500,000 followers.  In the hybrid war format where both acts of kinetic war and cyber war have been documented many hack

10229169082?profile=RESIZE_400xIran’s Revolutionary Guard has added “smart submarines,” unmanned underwater vehicles, to its navy for the first time, a report presented on Iranian state TV.  Its Guard’s Navy unveiled the vessels, along with new missiles and speedboats, at a ceremony in Iran’s southern port city of Bandar Abbas.[1]

Its new speedboats can travel at up to 95 knots (about 109 mph) and are able to launch missiles and rockets.  The report also said the Guard’s navy was equipped with new maneuverable missiles with a

10226651692?profile=RESIZE_400xA provocative piece from Vox, explains the current state of the Russian Cyber War.   After three weeks of fighting, Russia is beginning to deploy increasingly brutal tactics in Ukraine, including indiscriminate shelling of cities and “medieval” siege warfare. Other elements of its military strategy, however, are conspicuously absent in cyberwarfare.  Russia has a history of employing cyberwarfare tactics, which some experts believed could feature prominently in its invasion of Ukraine. The cyber

10219803084?profile=RESIZE_400xActivity Summary - Week Ending on 18 March 2022:

  • Red Sky Alliance identified 16,707 connections from new IP’s checking in with our Sinkholes
  • Malicious Keylogger data is back with 20 Keylogged emails
  • Analysts identified 3,8171 new IP addresses participating in various Botnets
  • Soul Searcher
  • SharkBot
  • Blue, Yellow and Gray Zones
  • Open-Source Reverse Tunneling Tool
  • Strengthening American Cybersecurity Act
  • Vessel Impersonation

Link to full report: IR-22-077-001_weekly077.pdf

10220071260?profile=RESIZE_400xIn the US, the FBI has issued an alert about the RagnarLocker ransomware group targeting at least 52 entities across 10 critical infrastructure sectors.  The FBI recently released a flash alert, warning users and organizations in the US to remain vigilant about the RagnarLocker ransomware group's growing footprint.  "As of January, the FBI has identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including entities in the critical manufact

10220067257?profile=RESIZE_400xRemember the joke line, “We are from the government and we are here to help you?”  The recent news from the White House is an indication of more regulation, disclosures, reporting to tax agencies, and taxes are ahead for cryptocurrency users.

President Joe Biden announced a new approach to oversight of cryptocurrencies to support innovation and protect consumers.  The White House has unveiled a new executive order for the nation's plan to establish a framework to both develop opportunities and m

10215100865?profile=RESIZE_400xRed Sky Alliance performs queries of our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Email subject line Motor Vessel (MV) or Motor Tanker (MT) keyword usage is a common lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which Red Sky Alliance directly observed the vessel being impersonated, with assoc

10208479289?profile=RESIZE_400xA new reflection/amplification DDoS method is being used in attacks that provides a record-breaking amplification ratio of almost 4.3 billion to 1.  Distributed Denial of Service (DDoS) attacks target servers or networks with many requests and high volumes of data, aiming to deplete their available resources and cause a service outage.  The amplification ratio is critical when conducting attacks, as the higher the number, the easier it is for threat actors to overwhelm well-protected endpoints w

ragnarlocker.jpg?profile=RESIZE_400xUS federal authorities first became aware of RagnarLocker in April 2020 and subsequently produced a cyber report to disseminate known indicators of compromise (IOCs) at that time.  The linked report provides  updated and additional IOCs to supplement that report.  As of January 2022, analysts have identified at least 52 entities across 10 critical infrastructure sectors affected by RagnarLocker ransomware, including entities in the critical manufacturing, energy, financial services, government,

10202124065?profile=RESIZE_400xActivity Summary - Week Ending on 11 March 2022:

  • Red Sky Alliance identified 20,047 connections from new IP’s checking in with our Sinkholes
  • Malicious Keylogger data is back with 22 Keylogged emails
  • Analysts identified 3,431 new IP addresses participating in various Botnets
  • Remote Utilities Software
  • Stone Panda
  • Slug & the Daxin Backdoor
  • Mitre ATT&CK - Sightings Ecosystem
  • Nvidia Attack
  • DDoS Annoyance?
  • Oil & Gas Saudi Arabia - Formbook Malware
  • DarkNet City

 

Full report: IR-22-070-001_weekly070.

10200055882?profile=RESIZE_400xThe US president signed an executive order (E.O.) on 9 March for “ensuring responsible innovation in digital assets.”  The E.O. is designed to, among other things, crack down on the use of cryptocurrency among cybercriminals.[1]

This long-awaited directive orders federal agencies, including the Department of Justice and the Treasury Department, to coordinate their approach to the booming cryptocurrency sector.  Although the order does not lay out specific policy suggestions, it takes aim at cons

10200049488?profile=RESIZE_400xAt the start of March, residents of Kyiv had been bracing themselves for a 40-mile-long convoy of Russian tanks, armored vehicles, and towed artillery to arrive for an assault on the Ukrainian capital.  Days later, they are still waiting.   Perhaps Russian men are too disinclined to ask for directions

On 03 March 2022, US intelligence suggested that the convoy was still stalled some distance from Kyiv, backing claims made by both the Ukrainian government and UK's defense ministry.  "We still ass

10199981459?profile=RESIZE_400xOur readers who are old enough to remember using walkie-talkies to talk with their friends or used them in the military will find this of interest.  A walkie-talkie, more formally known as a handheld transceiver, is a hand-held, portable, two-way radio transceiver.  It was developed during WW II to eliminate the need for wire connected combat (field) telephones.  Interesting enough that they are still being used on the precipice of WW III. 

Walkie-talkie communication app Zello https://zello.com

10184219479?profile=RESIZE_400xSince the beginning of phishing, fraudulent invoicing and purchasing schemes have been one of the most common lures, because they make money.  The usual modus operandi involves appealing to the recipient’s desire to avoid incurring a debt, especially where a business may be involved.  Researchers recently came across an interesting phishing e-mail masquerading as a purchase order addressed to a Ukrainian manufacturing organization that deals with raw materials and chemicals.  The e-mail containe

10178762480?profile=RESIZE_400xDuring 2022, cyber-attacks are increasing and evolving.  The attacks range from simple to complex and both are used by hackers to gain access, cloak their malware and execute their payload or exfiltrate data.  Like trained invaders, their attack will begin with reconnaissance. Cyber actors will do their best to uncover exposed assets and probe their target's attack surface for gaps that can be used as future entry points.  The first line of defense is to limit the potentially useful information

10178672901?profile=RESIZE_400xIn the last couple of years, cyber security has become a significant challenge for the maritime industry. Please join Jim McKee for The 2022 SMART4SEA Virtual Forum on a new era of cyberattacks. Every business and every individual can be subject to cyber threats. Cybercrime is a massive business; hackers are very well-organized, and they put a lot of time and effort before launching a cyber-attack. Please join Jim McKee, For Panel 3, https://youtu.be/b3ktJcPjJPE The 2022 SMART4SEA Virtual Forum

10177930093?profile=RESIZE_400xThe Russian government announced on 04 March 2011 that it will begin to “partially restrict” access to Facebook, according to an announcement from its internet regulatory agency Roskomnadzor.  Russia claimed that it would implement the measures, which were not specified after Facebook put its own restrictions on four Russian state-linked media outlets, the television network Zvezda, news agency RIA Novosti, and the websites Lenta.ru and Gazeta.ru.

“On 24 February 2022, Roskomnadzor sent requests