X-Industry

Known for the sophistication of its operations, the ransomware gang Medusa has been responsible for known attacks on over 300 organizations in the critical infrastructure sectors, including medical, education, legal, insurance, manufacturing, and technology operations. Once hit by a Medusa ransomware attack, victims are told to pay a ransom to decrypt their files to prevent them from being released onto the Internet.

See: https://redskyalliance.org/redshorts2023/medusa-ransomware-gang-picks-up-

One of the world’s largest genetic testing companies, 23andME, just filed for bankruptcy over the weekend.  Now millions of DNA samples and private information could end up in the hands of another company.  Genetic testing companies allow customers to send in a saliva sample and learn about ancestry as well as potential health issues.  “I think there are benefits here and there but I think if someone’s collecting a lot of your DNA and storing that data it’s like who else has access,” said one De

A surge in browser-based phishing attacks has been recorded over the past year, with 752,000 incidents identified between 2023 and 2024, marking a 140% increase Year over Year (YoY). The rise of artificial intelligence (AI)- driven phishing techniques and the exploitation of enterprise browsers have contributed to this trend. According to a new report by Menlo Security, cybercriminals are increasingly focusing on browsers as their primary attack vector, leveraging sophisticated evasion technique

Exec. Summary – The research paper below addresses detecting false data attacks (FDAs) in power systems. While improving the operation of the power system, integrating multi-layered cyber-physical networks poses substantial security risks. In particular, the FDAs can fool the Chi-square detector-based detection mechanism by manipulating the communication layer data. For this reason, researchers focus on proposing a novel spatial–temporal features-based detection framework against false data atta

Doomsday movies and TV shows have continuously been a staple in American entertainment. These fictionalized end-of-the-world scenarios range from the spread of mysterious diseases to catastrophic weather events and even aliens and zombies taking over.  But in recent years, a new threat has arisen in apocalyptic content: cyber-attacks.

In 2023, the Netflix film "Leave the World Behind," based on the novel of the same name, shares the story of two families stuck in a Long Island home trying to nav

Have you heard of the British mathematician, Andrew Wiles?  You could say he was into numbers.  In 1637 Pierre de Fermat developed a theorem that stated that there can be no integer greater than 2 that satisfied the equation an+bn=cn.  Fermat died before he wrote down the proof.  For over 350 years, not one mathematician could provide the proof.  However, in 1995, after a seven-year effort, Andrew Wiles published the proof using algebraic geometry and number theory.  Who cares, right.  Keep read

A bipartisan group of five US Members of Congress and Senators has called for full transparency in the ongoing legal battle between Apple and the UK government over law enforcement access to encrypted data. In a 13 March 2025 letter, the group requested the Investigatory Powers Tribunal (IPT), part of the UK’s Home Office, to “remove the cloak of secrecy related to notices given to American technology companies by the UK.” Specifically, the five US legislators referred to a reported technical ca

Cisco Talos observed threat actors abusing Cascading Style Sheets (CSS) to evade detection and track user behavior, raising security and privacy concerns, including potential fingerprinting. Cascading Style Sheets (CSS) is a style sheet language used to control the appearance and layout of web pages. It defines styles for HTML elements, including colors, fonts, spacing, and positioning. CSS helps separate content from design, allowing developers to create visually appealing and responsive websit

In Star Trek: The Next Generation episode “The Drumhead,” a Starfleet officer’s suspected espionage sparks an overzealous investigation that turns into a witch hunt, driven by paranoia.  Captain Picard’s warning about the dangers of overreaction, “With the first link, the chain is forged…,” underscores the importance of caution when assigning blame. This is highly relevant to the hacking of Ranveer Allahbadia’s YouTube channel, where suspicions point to Chinese hackers.  Although China has a his

In 2020, cybersecurity company Mandiant’s computer system was compromised by an intruder exploiting an innocuous crack: routine software updates pushed out by another company, SolarWinds.  Mandiant was one of nearly 18,000 organizations to receive the compromised software.

The attack, a supply-chain hack by a Russian intelligence agency, demonstrates the trade-off between system coordination and vulnerability to attack, according to science and technology scholar Rebecca Slayton.[1]   “Standards

The websites of over 100 car dealerships were found serving malicious ClickFix code after a third-party domain was compromised in a supply chain attack.  As part of the compromise, a threat actor infected LES Automotive, a shared video service unique to dealerships, so that websites using the service would serve a ClickFix webpage to their visitors.

A ClickFix attack relies on malicious code on a webpage to display a prompt to the user, asking them to fix an error or perform a reCAPTCHA challeng

The Dark Storm hacktivist group claims to be behind DDoS attacks causing multiple X worldwide outages on Monday, leading the company to enable DDoS protections from Cloudflare. While X owner Elon Musk did not specifically state that DDoS attacks were behind the outages, he did confirm that it was caused by a "massive cyberattack." "There was (still is) a massive cyberattack against X," Musk posted on X. "We get attacked every day, but this was done with a lot of resources. Either a large, coordi

Giving the Raspberries is not very nice, but that’s what the Mora_001 group does. A new ransomware operation with ties to the LockBit ransomware group exploits two vulnerabilities impacting Fortinet products. Last week, multiple researchers spotlighted the exploitation of CVE-2024-55591 and CVE-2025-24472 by a new ransomware group called Mora_001. [1]

The Cybersecurity and Infrastructure Security Agency (CISA) gave all federal civilian agencies one week to patch CVE-2024-55591 in January, one of

SideWinder, a likely India-based cyber-espionage group that has been active since 2012, recently ramped up attacks on organizations in the maritime and logistic sectors in Africa and Asia.  In many of the attacks, the threat group has used variously themed phishing emails to lure targets into clicking on a malicious document.  The document contains an exploit for CVE-2017-11882, a memory corruption vulnerability in Microsoft Office that SideWinder has used for years in its campaigns, to drop a p

According to a new study by Mimecast, human error contributed to 95% of data breaches in 2024, driven by insider threats, credential misuse, and user-driven errors. A small fraction of employees contributed disproportionately to these security incidents, with just 8% of staff accounting for 80% of incidents. The report highlighted several high-profile incidents in the past year linked to human error. This included the Change Healthcare ransomware attack, in which an employee’s credentials were c

The latest Thetius report, commissioned by CyberOwl and HFW, gathers insights, assesses current and future cybersecurity challenges, evaluates the industry’s response to evolving regulations and technological advancements, and highlights the importance of integrated cybersecurity practices throughout the vessel lifecycle, from design to maintenance.

Key findings of the report include:

• 7% of stakeholders paid a ransom within the last 12 months. In 2023, nearly 14% admitted to paying a ransom.
• Th

A surge in SIM-swapping fraud across the Middle East has exposed new tactics cybercriminals use to exploit victims. According to a new report by Group-IB, fraudsters increasingly leverage phishing websites and social engineering to bypass security measures, allowing them to hijack mobile numbers and access sensitive accounts.

Investigations have shown that attackers first obtain personal details, such as national IDs and banking information, through fraudulent websites that mimic legitimate serv

Medusa ransomware attacks are increasingly becoming a core tool for a threat group known as "Spearwing," which has amassed hundreds of victims since 2023; nearly 400, in fact, have been listed on its leak site.  The ransom demands when using Medusa ransomware range from $100,000 to a whopping $15 million, according to threat hunters

 See:  https://redskyalliance.org/xindustry/medusa-grew-new-snakes

Researchers believe that Spearwing is taking advantage of the wide-open gap in the ransomware spac

A software developer has been found guilty of sabotaging his ex-employer's systems by running custom malware and installing a "kill switch" after being demoted at the company.  Davis Lu, 55, of Houston, was a software developer for an Ohio company, reportedly Eaton Corp, from November 2007 to October 2019.  Eaton Corporation is a global power management company that provides electrical, hydraulic, and mechanical solutions for various industries.

Following a corporate restructuring in 2018, Lu lo

Like many advanced AI-driven tools, the Chinese DeepSeek AI application offers incredible innovation. However, significant data privacy concerns are raised due to the sensitive nature of the data being processed and the regulatory environment. Integrating large-scale data collection and advanced AI technologies, particularly in healthcare, surveillance, and financial services, exacerbates these concerns.

See: https://redskyalliance.org/xindustry/banning-deepseek-from-govt-devices

The Australian