X-Industry

The financial sector remains a prime target for cyber-attacks, with attackers constantly seeking to exploit vulnerabilities across the industry's global supply chain.   Cyber risk intelligence firm Bitsight has conducted a comprehensive analysis, mapping 41,511 financial organizations and 50,232 relationships with third-party technology providers.  The aim is to shed light on the hidden pillars of the financial sector and enhance resilience against cyber threats.[1]

For help with Supply Chains: 

Recently, a good friend of mine sent along a joke.  Dave has a dry sense of humor, often sprinkled with sarcasm.  Since many areas of the US have opening seasons for hunting, our online conversations were on that subject.  Dave then posted: “I think I want to try hunting.  When does meatloaf season open?”  That’s so Dave.

To be additionally funny, I asked Artificial Intelligence (AI) about “meatloaf hunting season.”  The immediate response was, “There is no official hunting season for an animal

What's better, prevention or cure?  For a long time the global cybersecurity industry has operated by reacting to attacks and computer viruses.  But given that ransomware has continued to escalate, more proactive action is needed.…  Malware vaccines were a hot topic of discussion at the recent ONE Conference in The Hague, where Justin Grosfelt, senior manager for the Reversing, Emulation, and Testing team at global cybersecurity firm Recorded Future, presented new research showing it is possible

The Russian government's relationship with its cybercriminal ecosystem has transitioned from passive tolerance to active state management, marking a strategic shift. This report, covering 2024–2025, details the "Dark Covenant 3.0," characterized by selective enforcement, choreographed arrests, and direct coordination between criminal leaders and Russian intelligence intermediaries.

Insikt Group found that Russia leverages these criminal groups as geopolitical tools, with detentions and releases

Deep fakes are increasingly sophisticated digital manipulations that can convincingly impersonate individuals or create misleading content.  To stop the spread and impact of deep fakes, it is essential to verify the authenticity of messages, images, and videos before trusting them.  Employing advanced detection tools, such as AI-driven deep fake detectors, and cross-referencing content with trusted sources can help identify fraudulent material.  Additionally, raising awareness and educating empl

Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails. (including all significant vessel keys words).  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observe

The cybersecurity community is spinning from a disturbing indictment that underscores a frightening new dimension of insider risk and supply chain betrayal.   The US Department of Justice (DOJ) has unsealed charges against two former employees of a US-based cybersecurity firm, accusing them of a stunning conflict of interest: allegedly launching the very ransomware attacks they were hired to help victims recover from.[1]

As reported by TechCrunch and BleepingComputer, the individuals are charged

Ukraine’s grain industry has become the latest target of the notorious Russian state-backed hacking unit Sandworm, amid Moscow's ongoing efforts to undermine the country’s wartime economy.  According to new research from the Slovak cybersecurity firm ESET, the Kremlin-linked group deployed multiple data-wiping malware strains against Ukrainian organizations in the grain, energy, logistics, and government sectors between June and September.  While wiper attacks have frequently hit Ukrainian infra

For over ten years, computer scientist Randy Goebel and his colleagues in Japan have been quietly conducting one of the most revealing experiments in artificial intelligence —a legal reasoning competition based on the Japanese bar exam.  The challenge is to have AI systems retrieve relevant laws and then answer the core question at the heart of every legal case of whether the law was broken or not. That yes/no decision, it turns out, is where AI stumbles hardest.  This struggle has profound impl

Every November 11th, the United States observes Veterans Day, a federal holiday dedicated to honoring the men and women who have served in the U.S. Armed Forces. While parades, community events, and expressions of gratitude fill the day, the spiritual heart of this solemn observance beats loudest at Arlington National Cemetery, before the hallowed ground of the Tomb of the Unknowns.

From Armistice to All Veterans: The Evolution of a Holiday - Veterans Day traces its roots to the end of World War

State-backed hackers are for the first time deploying malware that uses large language models during execution, allowing them to dynamically generate malicious scripts and evade detection, according to new research.  Although cybersecurity experts have observed hackers use AI in recent years to do things like increase the number of victims they reach, researchers at Google said recently that they recently observed malware "that employed AI capabilities mid-execution to dynamically alter the malw

The US cybersecurity agency CISA on 27 October 2025 warned that two recent vulnerabilities in DELMIA Apriso factory software have been exploited in attacks.  A manufacturing operations management (MOM) and manufacturing execution system (MES) software made by the French company Dassault Systèmes, DELMIA Apriso, enables the management of the entire manufacturing process.  The two flaws flagged as exploited are tracked as CVE-2025-6204 (CVSS score of 8.0) and CVE-2025-6205 (CVSS score of 9.1) and

Threat actors are impersonating critical and general services, online platforms, and cryptocurrency exchanges in a massive smishing campaign that has been ongoing since April 2024, according to a warning from Palo Alto Networks.  The cybersecurity firm first warned of the campaign in early March 2024, when it identified over 10,000 domains linked to the impersonation of toll and package delivery services.  Roughly a month later, it warned of over 91,500 root domains employed in these attacks.  S

More than a quarter of maritime suppliers have been identified as having ‘high’ or ‘very high’ cyber vulnerabilities, according to new data released by Achilles Network.   The findings come as maritime procurement platform Procureship’s integration with Achilles goes live, enabling shipowners and operators to view verified ESG and cybersecurity indicators directly within their procurement workflows.

More than 1,000 global maritime suppliers were assessed over a 12-month period by the partners, w

Following intelligence shared by research partner Digital Security Lab of Ukraine, SentinelLABS conducted an investigation into a coordinated spearphishing campaign launched on October 8th, 2025, targeting organizations critical to Ukraine’s war relief efforts.

The campaign was initiated through emails that impersonated the Ukrainian President’s Office and contained a weaponized PDF attachment (SHA-256: e8d0943042e34a37ae8d79aeb4f9a2fa07b4a37955af2b0cc0e232b79c2e72f3) embedded with a malicious l

Ransomware infections usually come from malicious hackers. But in a rarity, a string of attacks was sourced to a pair of cybersecurity employees out to extort millions from victims.  Kevin Tyler Martin, a ransomware threat negotiator at cybersecurity provider DigitalMint, and Ryan Clifford Goldberg from Sygnia Cybersecurity Services, are allegedly behind the scheme, according to the Chicago Sun-Times. 

A 12-page court document shows a federal grand jury indicted Goldberg and Martin last month fo

Cybercriminals are targeting trucking and logistics companies with remote monitoring tools to hijack cargo freight, researchers at cybersecurity company Proofpoint have found.  The hackers are collaborating with organized crime groups to compromise companies involved in the freight supply chain, the report stated, further fueling a significant increase in cargo theft in recent years.  The theft of goods in transit in the US increased by 27% in 2024 and is expected to rise by another 22% this yea

It is easy to forget that most of the world’s internet traffic does not traverse satellites or distant clouds, but lies beneath our oceans, coursing through thousands of kilometers of fiber-optic cables.  These lines, laid across the seabed, are the unacknowledged arteries of the modern economy.  They transmit trillions of dollars in financial data daily, underpin critical infrastructure, and form the backbone of global commerce and statecraft. Submarine cables carry more than 95% of global inte

Identity compromise, as explained by Fortinet, remains one of the most pressing threats to cloud infrastructure today.  When attackers gain access to valid credentials, they can often bypass the traditional security controls designed to protect those environments.  In AWS, this type of compromise frequently manifests through abuse of the Simple Email Service (SES), one of the most common tactics observed in real-world intrusions.  SES offers adversaries a convenient and scalable way to conduct i

South Africa has seen its increases in social upheaval and other political struggles.  Cyber-attacks are an additional concern for South Africans to worry about.  South Africa has experienced 110 cybercrime incidents involving extortion, ransomware, and state hacking in the past five years, according to Orange Cyberdefense’s inaugural Security Navigator Africa report.  This is the highest number in Africa and more than double that of Egypt, which ranked second with 46 incidents between 2020 and