X-Industry

Defending against real-world threats is not just part of the job at Sentinel Labs; it is the reality of operating as a cybersecurity company in today’s landscape.  Real-world attacks against our environment serve as constant pressure tests, reinforcing what works, revealing what does not, and driving continuous improvement across our products and operations.  When you’re a high-value target like Sentinel, for some of the most capable and persistent adversaries out there, nothing less will do.

Di

A new report from VicOne, a leading automotive cybersecurity firm, warns of escalating threats in the global auto industry. Despite recent progress in law enforcement efforts, the Shifting Gears: VicOne 2025 Automotive Cybersecurity Report highlights growing vulnerabilities in vehicles, electric charging networks, and artificial intelligence systems.

Cyberattacks between 2022 and 2024 caused tens of billions of dollars in damages. Automotive vulnerabilities reached record highs in 2024, with ove

Giving the Raspberries is not very nice, but that’s what the Mora_001 group does. A new ransomware operation with ties to the LockBit ransomware group exploits two vulnerabilities impacting Fortinet products. Last week, multiple researchers spotlighted the exploitation of CVE-2024-55591 and CVE-2025-24472 by a new ransomware group called Mora_001. [1]

The Cybersecurity and Infrastructure Security Agency (CISA) gave all federal civilian agencies one week to patch CVE-2024-55591 in January, one of

Cyber security risks, including ransomware, data breaches, and IT disruptions, remained the top business concern worldwide over the past year. A recent Report published by the International Underwriting Association (IUA) underscores the need for cyber business interruption (BI) risks to receive the same attention as information technology security controls and ransomware threats.

The new IUA guide also aims to help insurers navigate money-handling requirements in the European Union. Across the c

Security researchers have reported on one of the fastest-growing and most formidable Ransomware-as-a-Service (RaaS) groups of 2025. Named “BlackLock” (aka El Dorado or Eldorado), the RaaS outfit has existed since March 2024, according to ReliaQuest, and has increased its number of data leak posts by an impressive 1425% quarter-on-quarter in Q4 of last quarter.

The threat intelligence vendor claimed that BlackLock could become the most active RaaS group in 2025. Although, like many other variants

Broadcom researchers recently reported that threat actors behind an RA World ransomware attack against an Asian software and services firm employed a tool that was explosively associated in the past with China-linked APT groups. “Tools that are usually associated with China-based espionage actors were recently deployed in an attack involving the RA World ransomware against an Asian software and services company,” reads the report published by Broadcom.

During the late 2024 attack, the attacker d

The New York Blood Center (NYBC) said it suffered a ransomware attack that disrupted operations and forced it to reschedule some operations.  NYBC is one of the largest independent blood collection and distribution organizations.  It collects about 4,000 units of blood products daily and serves more than 75 million people at over 200 hospitals across the Northeast and 500 nationwide.  The cyber incident occurred while the blood center was already facing a critical shortage due to a decline in th

Enterprise cybersecurity tools, such as routers, firewalls, and VPNs, exist to protect corporate networks from intruders and malicious hackers, something that is particularly important in today’s age of widespread remote and hybrid working. But while pitched as tools that help organizations stay safe from outside threats, many of these products have time and again been found to contain software bugs that allow malicious hackers to compromise the very networks these products were designed to prot

An electric utility serving multiple counties in Mississippi was attacked by cybercriminals last summer in an incident that exposed information of more than 20,000 residents.  The Yazoo Valley Electric Power Association initially warned customers through social media on 26 August 2024 that, due to software problems, they were unable to process payments.  The system was restored by 30 August.

In breach notification letters filed with regulators last week, the utility confirmed it discovered “susp

The previous six months have seen heightened activity regarding new and emerging ransomware operations. Across the tail end of 2024 and into 2025, researchers have seen the rise of groups such as FunkSec, Nitrogen,, and Termite. In addition, we have seen the return of Cl0p and a new version of LockBit (aka LockBit 4.0).

Within this period of accelerated activity, the Ransomware-as-a-Service offerings HellCat and Morpheus have gained additional momentum and notoriety. Operators behind HellCat, in

Cyberattacks targeting healthcare organizations are rising, and the financial and operational toll they take is growing. A recent report from Proofpoint found that 92% of healthcare organizations reported experiencing a cyberattack in 2024, up from 88% in 2023, while the average cost of the most expensive attack was $4.7 million. While safeguarding sensitive patient data remains a top concern, malicious actors leverage artificial intelligence (AI) and machine learning technologies to make threat

Businesses in the UK are set to be protected by a new ransomware ban to address the threat of cybercrime, which is estimated to cost the UK economy billions of pounds every year.   The proposed legislation follows a series of serious ransomware attacks on the National Health Service (NHS), the British Library and the Royal Mail, that have caused severe disruption and cost millions in recovery costs.   The intention is to make public sector and infrastructure organizations less appealing as targe

Cybersecurity researchers have reported that artificial intelligence (AI) assisted with ransomware called FunkSec, which entered the market in late 2024 and claimed more than 85 victims. "The group uses double extortion tactics, combining data theft with encryption to pressure victims into paying ransoms," Check Point Research said in a new report from The Hacker News. "Notably, FunkSec demanded unusually low ransoms, sometimes as little as $10,000, and sold stolen data to third parties at reduc

In the 1970s and 1980s, Casio was best known for its electronic (including scientific) calculators, electronic musical instruments, and affordable digital watches incorporating innovative technology. All the cool kids had a Casio calculator (unfortunately, I was taught on a slide rule). Well, Casio is still around. Japanese electronics manufacturer Casio says that the October 2024 ransomware incident exposed the personal data of approximately 8,500 people. The affected individuals are primarily

Businesses are more likely to face a costly cyber-crime attack than a robbery or fire this year as hackers continue to employ devious social-engineering skills to lure unsuspecting victims.  This reality has been highlighted in several reports by global cybersecurity experts who have analyzed cybercrimes, such as ransomware (where hackers encrypt and steal data), smishing (SMS link scams) and phishing (email link/attachment scams) in recent years and have warned that Artificial Intelligence (AI)

Taiwanese government networks experienced a daily average of 2.4 million cyber-attacks in 2024, most attributed to Chinese state-backed hackers. This represents double the daily average from 2023, which saw 1.2 million daily attacks targeting government networks, Taiwan’s National Security Bureau said in a new report. “Although many of those attacks have been effectively detected and blocked, the growing numbers of attacks pinpoint the increasingly severe nature of China’s hacking activities,” t

Ransomware gang, Brain Cipher, has begun leaking sensitive data stolen from Rhode Island’s RIBridges social services platform earlier in December 2024.  The integrated system, which managed healthcare, social services, and food assistance programs, served some 650,000 citizens including minors, before being taken offline. Exposed information was confirmed by Governor McKee to contain names, addresses, birthdates, social security numbers, and banking details.  Screenshots also suggest that the st

A superseding criminal complaint filed in the US District of New Jersey was unsealed on 30 December 2024, charging a dual Russian and Israeli national for being a developer of the LockBit ransomware group. In August 2024, Rostislav Panev, 51, a dual Russian and Israeli national, was arrested in Israel under a US provisional arrest request to extradition to the United States. Panev is currently in custody in Israel pending extradition on the charges in the superseding complaint. [1]

See: https://

Krispy Kreme has acknowledged that the December 2024 disruption to its online ordering system resulted from a cyber attack.  Krispy Kreme operates four bakeries known as “Doughnut Factories,” 1,521 retail shops, and over 15,000 delivery locations in the United States.  It also partnered with McDonald’s to avail its crispy doughnuts to the restaurant chain’s customers across the country.  “We’re experiencing certain operational disruptions due to a cybersecurity incident, including with online or

Cyberattacks utilizing generative artificial intelligence (GenAI) technology as a tool are expected to grow next year, a government report reported recently.  In 2025, hacking groups are expected to increasingly use various generative AI models, such as ChatGPT, to create spear phishing emails customized to their attack subjects and fake news materials to be used for political propaganda, according to the annual cybersecurity report issued by the Ministry of Science and ICT.  “It will be difficu