X-Industry

COVID-19 has changed many companies’ hybrid work force procedures, but with vaccines reaching new heights, many workers are returning to their offices.  As the US opens back up and employees get back in the offices, violence and physical threats to businesses are being seen at an unsettling, record-high pace, according to the Ontic Center for Protective Intelligence.

The study showcases the collective perspectives of physical security directors, physical security decision-makers, chief security

Hackers have recently tampered with critical infrastructure entities in the US.  This includes the Colonial Pipeline incident that affected the supply of gas and the JBS Foods hack that affected operations of the meat-packing giant.  Neither of these ransomware attacks had any severe, real-world consequences.  Some people could not put gas in their cars for a few days, or the price of meat might have gone up in some areas, but no lives were immediately threatened.

But what if the hackers decided

Data management has bothered large companies for decades.  Almost all firms spend both time and money on it and still find the results unsatisfactory.  While the issue does not appear to be growing worse, resolving it is increasingly urgent as managers and companies strive to become more data-driven, leverage advanced analytics and artificial intelligence, and compete with data.

Most companies struggle with a few common but significant data management issues:

• First, companies have concentrated

A recent cyber security blog by researcher Maahnoor Siddiqui, he provides a clear picture of the threats and vulnerabilities in the Transportation supply chain.  A concern shared by Red Sky Alliance.  Our 40-minute commute to work in the morning can feel like an insular event.  Whether it is by bus, train, ferry, or car; it can be hard to place this single event within the vast network of transit that occurs every day.  These small personal journeys make up a highly interconnected transportation

Die Zahl der registrierten Cyberkriminalität steigt im deutschen Cyberspace weiter an, wobei sich Cyberkriminelle zunehmend auf "größere Beute" konzentrieren.  Die Zahl der DDoS-Attacken nimmt weiter zu, ebenso deren Intensität.  Die Täter sind global vernetzt und agieren mit zunehmender Geschicklichkeit und Professionalität.  Die Dark-Web-Underground-Economy wächst und stellt eine kriminelle, globale Parallelökonomie dar, die primär auf finanziellen Profit aus ist.  Haupttreiber des Profits ist

Fool me once, shame on you.  Fool me twice, shame on me.  We have all been duped at some level by devious on-line schemers.  In the Cyber World, it sounds like old news.  Phishing is a type of social engineering tactic where an attacker sends a fraudulent ("spoofed") message designed to trick a human victim into revealing sensitive information to the attacker, then introduce malicious software on the victim's infrastructure like ransomware.  Phishing attacks have become increasingly sophisticate

Activity Summary - Week Ending 16 July 2021:

• Who’s TBoy Ken?
• Red Sky Alliance observed 12 unique email accounts compromised with Keyloggers
• Analysts identified 56,261 connections from new unique IP Addresses
• 2,346 new IP addresses were seen participating in various Botnets
• Diavol & Wizard Spider
• ChaChi, a new Golang RAT
• Cyber Security in Australia
• A Close look at COVID-21, huh?
• Iranian Trains hit with Cyber-attack, Again
• Internet Down in Cuba, Porque? 

Link to full Report:

IR-21-197-001_weekly

The number of recorded cybercrimes continues to rise in the German cyberspace, with cybercriminals focusing increasingly on “larger prey.” The number of DDoS attacks continues to rise, as is their intensity. The perpetrators are globally networked and are acting with increasing skill and professionalism. The dark web underground economy is growing and represents a criminal, global parallel economy, which is primarily seeking financial profit. The main driver of profit is still Ransomware, posing

After 500 million LinkedIn users were affected in a data-scraping incident in April 2021, it has happened again with big security consequences.  A new posting with 700 million LinkedIn records has appeared on a popular hacker forum.  Analysts from Privacy Sharks found the data put up for sale on RaidForums by a hacker calling himself “GOD User TomLiner.”  The dark web advertisement, posted 22 June 2021, claims that 700 million records are included in the cache, and included a sample of 1 million

For years, Red Sky Alliance has helped monitor cyber security threats and vulnerabilities during mergers and acquisitions (M&A’s).  Supporting businesses with cyber security is a big part of our business model.  For decades, corporate consolidation has been growing and now the US President is taking aim at this trend in a new Executive Order (E.O.), dated 9 July 2021.

Our friends at the US National Defense Transportation Association (NDTA) shared that this new E.O. is affecting the transportatio

The current US administration has a message for Russia: Rein in the criminal hackers operating from inside your borders who hit Western targets, or we will do it for you.  The White House says that is the imperative being stressed in ongoing talks between high-level officials in the US and Russian national security teams following the mid-June summit in Geneva between the US President and the Russian President. 

Experts say disrupting ransomware will take more than diplomacy, and needed cybersec

Patches to fix a severe flaw in the Windows Print spooler are now available for Windows 10 Version 1607, Windows Server 2012 and Windows Server 2016.  Microsoft (MS) has now released patches to protect all versions of Windows against the critical PrintNightmare flaw.  MS recently deployed fixes to cover most but not all editions of Windows.  They patched the remaining versions of Windows, according to an update on its message center page.

Newly patched as of 7 July 7 are Windows 10 version 1607,

In 1909, a new warfighting domain was created with the US Army’s purchase of the Wright Model A aircraft.  Back then, taking the fight to the air was unfamiliar and on the cutting edge of technology, but fast forward to today, the US Department of Defense finds itself once again facing new and unfamiliar warfighting domains and now, there is a sense of urgency to be ready.[1] 

“Up until two years ago, traditional communications squadrons were focused on information and technology (IT) support fo

The National Institute of Standards and Technology (NIST) has published its definition of what "critical software" means for the U.S. federal government, as the standards agency begins fulfilling some of the requirements laid out in President Joe Biden's executive order on cybersecurity.

As part of Biden's executive order published on 12 May 2021, federal agencies are now required to reexamine their approach to cybersecurity, which includes developing new ways to evaluate the software that depar

Activity Summary - Week Ending 9 July 2021:

• Red Sky Alliance identified 56,261 connections from new unique IP addresses
• Analysts identified 2,346 new IP addresses participating in various Botnets
• 12 unique email accounts compromised were seen with Keyloggers
• RevengeRAT & Aviation
• Kaseya Attack
• Babuk Locker
• PayLoad Bin
• Space ISAC & Microsoft
• SideCopy
• A change in social media collection?
• DuckDuckGo, Good to Go

Link to full report: IR-21-190-001_weekly_190.pdf

Last weekend did not start out so nice.  The hacking group behind what media is calling ‘colossal ransomware attack’ has demanded $70m (£50.5m) paid in Bitcoin in return for a "universal decryptor" that it says will unlock the files of all victims.  The Russian associated REvil group is saying its malware, which initially targeted US IT firm Kaseya, has hit one million "systems." 

This number has not been totally verified and the exact total of victims is unknown.  Yet, victims include 500 Swedi

Activity Summary - Week Ending 2 July 2021:

• Red Sky Alliance identified 19,270 connections from new unique IP addresses
• Analysts identified 2,543 new IP addresses participating in various Botnets
• 13 unique email accounts compromised with keyloggers were Observed
• Netfilter
• PJobRAT Spyware
• Mirai Knockoffs
• Salvation Army Hit
• Conti & Canada
• DragonForce / Israeli Banking
• Fancy Lazarus attempts an attack on German Banks - Denied

Link to full report: IR-21-183-001_weekly_183_FINAL.pdf

Post offices in the US still post the FBI’s Most Wanted List.  The wanted criminal profiles are normally in a locked glass case somewhere in the lobby.  A looked at the photos and associated descriptions, it is amazing that even in our digital world -criminals can still commit major crimes and still lurk without leaving a digital sign for authorities to follow.  But cyber criminality is here and now and pose a huge threat to everyone, in any country.  Now the US Secret Service is asking for our

The average cost of a ransomware attack in 2020 was approximately $761,000.  The average cost of remediating a ransomware attack has more than doubled in the last 12 months.  Remediation costs, including business downtime, lost orders, operational costs, and more, grew from an average of approximately $761,000 in 2020 to approximately $1.85 million in 2021.[1] 

The importance of cybersecurity is no secret to anyone who uses a computer or an iPhone.  Senior executives at businesses of all sizes u

IT companies are making up the majority of organizations being targeted amid new activity by the group behind last year’s SolarWinds supply-chain attack, with at least one victim coming from Microsoft’s customer support ranks. 

On 25 June 2021, the Microsoft Threat Intelligence Center said it was monitoring new activity from the Nobelium threat actor, which Microsoft is calling the group, with the vendor observing password spray and brute-force attacks, among other potential methods and tactics.