X-Industry

Russian authorities have arrested three individuals suspected of developing the Mamont malware, a recently identified banking trojan targeting Android devices.  The suspects, whose identities remain undisclosed, were apprehended in the Saratov region. A video released by the Russian Ministry of Internal Affairs (MVD) shows the arrested individuals in handcuffs, being escorted by police officers.

According to the MVD, the trio is linked to over 300 cybercrime incidents. Authorities also seized co

A new report from VicOne, a leading automotive cybersecurity firm, warns of escalating threats in the global auto industry. Despite recent progress in law enforcement efforts, the Shifting Gears: VicOne 2025 Automotive Cybersecurity Report highlights growing vulnerabilities in vehicles, electric charging networks, and artificial intelligence systems.

Cyberattacks between 2022 and 2024 caused tens of billions of dollars in damages. Automotive vulnerabilities reached record highs in 2024, with ove

Recently, over 100 websites belonging to car dealerships were found to serve malicious "ClickFix" code due to a supply chain attack that affected a third-party domain. According to security researcher Randy McEoin, the threat actor infected LES Automotive, a privately held streaming service provider based in Tolland, CT, that primarily focuses on the automotive industry. All websites using LES Automotive's services shared a ClickFix webpage with their visitors. [1]

See: https://redskyalliance.or

A server-side request forgery vulnerability in OpenAI's chatbot infrastructure can allow attackers to direct users to malicious URLs, leading to a range of threat activity.  Attackers are actively exploiting a flaw in ChatGPT that allows them to redirect users to malicious URLs from within the artificial intelligence (AI) chatbot application, with more than 10,000 exploit attempts in a week coming from a single malicious IP address.

Researchers from Veriti discovered the vulnerability in OpenAI’

Known for the sophistication of its operations, the ransomware gang Medusa has been responsible for known attacks on over 300 organizations in the critical infrastructure sectors, including medical, education, legal, insurance, manufacturing, and technology operations. Once hit by a Medusa ransomware attack, victims are told to pay a ransom to decrypt their files to prevent them from being released onto the Internet.

See: https://redskyalliance.org/redshorts2023/medusa-ransomware-gang-picks-up-

One of the world’s largest genetic testing companies, 23andME, just filed for bankruptcy over the weekend.  Now millions of DNA samples and private information could end up in the hands of another company.  Genetic testing companies allow customers to send in a saliva sample and learn about ancestry as well as potential health issues.  “I think there are benefits here and there but I think if someone’s collecting a lot of your DNA and storing that data it’s like who else has access,” said one De

A surge in browser-based phishing attacks has been recorded over the past year, with 752,000 incidents identified between 2023 and 2024, marking a 140% increase Year over Year (YoY). The rise of artificial intelligence (AI)- driven phishing techniques and the exploitation of enterprise browsers have contributed to this trend. According to a new report by Menlo Security, cybercriminals are increasingly focusing on browsers as their primary attack vector, leveraging sophisticated evasion technique

Exec. Summary – The research paper below addresses detecting false data attacks (FDAs) in power systems. While improving the operation of the power system, integrating multi-layered cyber-physical networks poses substantial security risks. In particular, the FDAs can fool the Chi-square detector-based detection mechanism by manipulating the communication layer data. For this reason, researchers focus on proposing a novel spatial–temporal features-based detection framework against false data atta

Doomsday movies and TV shows have continuously been a staple in American entertainment. These fictionalized end-of-the-world scenarios range from the spread of mysterious diseases to catastrophic weather events and even aliens and zombies taking over.  But in recent years, a new threat has arisen in apocalyptic content: cyber-attacks.

In 2023, the Netflix film "Leave the World Behind," based on the novel of the same name, shares the story of two families stuck in a Long Island home trying to nav

Have you heard of the British mathematician, Andrew Wiles?  You could say he was into numbers.  In 1637 Pierre de Fermat developed a theorem that stated that there can be no integer greater than 2 that satisfied the equation an+bn=cn.  Fermat died before he wrote down the proof.  For over 350 years, not one mathematician could provide the proof.  However, in 1995, after a seven-year effort, Andrew Wiles published the proof using algebraic geometry and number theory.  Who cares, right.  Keep read

A bipartisan group of five US Members of Congress and Senators has called for full transparency in the ongoing legal battle between Apple and the UK government over law enforcement access to encrypted data. In a 13 March 2025 letter, the group requested the Investigatory Powers Tribunal (IPT), part of the UK’s Home Office, to “remove the cloak of secrecy related to notices given to American technology companies by the UK.” Specifically, the five US legislators referred to a reported technical ca

Cisco Talos observed threat actors abusing Cascading Style Sheets (CSS) to evade detection and track user behavior, raising security and privacy concerns, including potential fingerprinting. Cascading Style Sheets (CSS) is a style sheet language used to control the appearance and layout of web pages. It defines styles for HTML elements, including colors, fonts, spacing, and positioning. CSS helps separate content from design, allowing developers to create visually appealing and responsive websit

In Star Trek: The Next Generation episode “The Drumhead,” a Starfleet officer’s suspected espionage sparks an overzealous investigation that turns into a witch hunt, driven by paranoia.  Captain Picard’s warning about the dangers of overreaction, “With the first link, the chain is forged…,” underscores the importance of caution when assigning blame. This is highly relevant to the hacking of Ranveer Allahbadia’s YouTube channel, where suspicions point to Chinese hackers.  Although China has a his

In 2020, cybersecurity company Mandiant’s computer system was compromised by an intruder exploiting an innocuous crack: routine software updates pushed out by another company, SolarWinds.  Mandiant was one of nearly 18,000 organizations to receive the compromised software.

The attack, a supply-chain hack by a Russian intelligence agency, demonstrates the trade-off between system coordination and vulnerability to attack, according to science and technology scholar Rebecca Slayton.[1]   “Standards

The websites of over 100 car dealerships were found serving malicious ClickFix code after a third-party domain was compromised in a supply chain attack.  As part of the compromise, a threat actor infected LES Automotive, a shared video service unique to dealerships, so that websites using the service would serve a ClickFix webpage to their visitors.

A ClickFix attack relies on malicious code on a webpage to display a prompt to the user, asking them to fix an error or perform a reCAPTCHA challeng

The Dark Storm hacktivist group claims to be behind DDoS attacks causing multiple X worldwide outages on Monday, leading the company to enable DDoS protections from Cloudflare. While X owner Elon Musk did not specifically state that DDoS attacks were behind the outages, he did confirm that it was caused by a "massive cyberattack." "There was (still is) a massive cyberattack against X," Musk posted on X. "We get attacked every day, but this was done with a lot of resources. Either a large, coordi

Giving the Raspberries is not very nice, but that’s what the Mora_001 group does. A new ransomware operation with ties to the LockBit ransomware group exploits two vulnerabilities impacting Fortinet products. Last week, multiple researchers spotlighted the exploitation of CVE-2024-55591 and CVE-2025-24472 by a new ransomware group called Mora_001. [1]

The Cybersecurity and Infrastructure Security Agency (CISA) gave all federal civilian agencies one week to patch CVE-2024-55591 in January, one of

SideWinder, a likely India-based cyber-espionage group that has been active since 2012, recently ramped up attacks on organizations in the maritime and logistic sectors in Africa and Asia.  In many of the attacks, the threat group has used variously themed phishing emails to lure targets into clicking on a malicious document.  The document contains an exploit for CVE-2017-11882, a memory corruption vulnerability in Microsoft Office that SideWinder has used for years in its campaigns, to drop a p

According to a new study by Mimecast, human error contributed to 95% of data breaches in 2024, driven by insider threats, credential misuse, and user-driven errors. A small fraction of employees contributed disproportionately to these security incidents, with just 8% of staff accounting for 80% of incidents. The report highlighted several high-profile incidents in the past year linked to human error. This included the Change Healthcare ransomware attack, in which an employee’s credentials were c

The latest Thetius report, commissioned by CyberOwl and HFW, gathers insights, assesses current and future cybersecurity challenges, evaluates the industry’s response to evolving regulations and technological advancements, and highlights the importance of integrated cybersecurity practices throughout the vessel lifecycle, from design to maintenance.

Key findings of the report include:

• 7% of stakeholders paid a ransom within the last 12 months. In 2023, nearly 14% admitted to paying a ransom.
• Th