X-Industry

Any car dealership is a significant investment.  Not just in terms of financial capital, but also in toil and sweat from the Sales floor to the Dealer Principal’s office.  All of the effort that makes these businesses successful can be neutralized by a single cyber-attack.

CDK has surveyed dealership leadership for five years to understand their approach to cybersecurity and where they see the industry addressing this integral threat to their business.  This year, there are clear indicators that

As consumers took advantage of Black Friday and Cyber Monday deals, historical analysis from TransUnion (NYSE: TRU) and found that 4.6% of attempted ecommerce transactions globally were suspected of being digital fraud from this Thanksgiving to Cyber Monday.  Based on insights from TransUnion’s intelligence network, TransUnion found that the global suspected Digital Fraud rate “was down from 6.0% during the same period in 2023.”[1]

For attempted ecommerce transactions where the consumer was in t

The automobile dealership sector continues to evolve digitally with connected vehicles, cloud-based dealership management systems (DMS), online financing, and electronic sales workflows. But the newly released CDK State of Dealership Cybersecurity 2025 report shows a sector still struggling to keep pace with threat actors who increasingly target these high-value, high-data retail environments.   Despite gains in awareness and investment, dealerships face widening gaps in employee readiness, thir

The cyber threat landscape is constantly evolving, but few threats demand immediate, sector-wide attention like the latest joint advisory on the Akira ransomware.    The US Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and international partners recently issued a crucial advisory (AA24-109A) detailing the tactics, techniques, and procedures (TTPs) of the Akira ransomware group.  Their accompanying press release highlighted the need for decisi

On the surface, the Superbox media streaming devices for sale at retailers like BestBuy and Walmart may seem like a steal: They offer unlimited access to more than 2,200 pay-per-view and streaming services like Netflix, ESPN and Hulu, all for a one-time fee of around $400. But security experts warn these TV boxes require intrusive software that forces the user’s network to relay Internet traffic for others, traffic that is often tied to cybercrime activity such as advertising fraud and account t

A China-linked hacking group known as APT31 has infiltrated Russia’s technology sector for years and quietly exfiltrated data from companies involved in government contracting and systems integration, according to a new report.  The campaign, which ran into this year, was “well-planned” and allowed intruders to remain undetected, Russian cybersecurity firm Positive Technologies said in research published on last week. 

Public reports of Chinese cyber operations against Russia are rare, given the

If you manage Facebook advertising for a small or medium-sized business, open your inbox with suspicion, because attackers have been sending highly convincing invites that appear to come straight from Meta.

Researchers at Check Point found that the attackers used Facebook Business pages and the platform’s invitation feature to send messages that appear to come from the real @facebookmail.com domain, making them much harder to spot with automated filters and human instincts alike.[1]

The campaign

For cybersecurity professionals in the financial services sector, the pressure is relentless.  It is not just the external threat actors; it is the mounting, overlapping demands from regulators that are taxing resources, draining budgets, and leading to what is now officially recognized as compliance fatigue.  The Chief Financial Officer (CFO) is, understandably, under pressure and stressed.

The new Omega Systems Regulatory Pressure & Compliance Fatigue in Financial Services report offers a cruc

A data broker that is owned by major airlines will stop selling hundreds of millions of customer travel records to government agencies in the coming weeks.  News that the Airlines Reporting Corporation (ARC) will shut down its controversial Travel Intelligence Program (TIP) surfaced in a letter ARC CEO Lauri Reishus recently sent to a bipartisan group of lawmakers.

The Travel Intelligence Program (TIP) was a data initiative operated by ARC, a company owned by major airlines.  Through TIP, ARC ag

Europol's Internet Referral Unit (EU IRU) says a 13 November operation across gaming and "gaming-adjacent" services led its partners to report thousands of URLs hosting terrorist and hate-fueled material, including 5,408 links to jihadist content, 1,070 pushing violent right-wing extremist or terrorist propaganda, and 105 tied to racist or xenophobic groups.[1]

The sweeps formed part of a coordinated "Referral Action Day" involving multiple partner countries and marked the IRU's most explicit fo

The quantum technology landscape is rapidly evolving from speculative science to a tangible economic powerhouse, with experts forecasting a market worth up to $97 billion by 2035.  According to a major McKinsey report, quantum computing, communication, and sensing could generate as much as $97 billion in global revenue within a decade, making 2025 a pivotal year in the transition from concept to deployment.  McKinsey's analysis highlights a decisive shift in 2024, in which the focus shifted from

As cyber threats continue to evolve, car dealerships remain vulnerable despite growing awareness and investment. CDK’s State of Dealership Cybersecurity 2025 study reveals that while 90% of dealership leaders recognize the importance of cybersecurity protocols, fewer than half feel confident in their systems’ ability to protect against attacks.

Key insights from this year’s report include:

• Cyberattack Trends: One in five dealerships reported being targeted in 2025, with phishing and ransomware

On 18 November 2025 at 11:20 UTC, Cloudflare's network began experiencing significant failures to deliver core network traffic.  This showed up to Internet users trying to access its customers' sites as an error page indicating a failure within Cloudflare's network.

According to researchers Matthew Prince, the issue was not caused, directly or indirectly, by a cyber-attack or malicious activity of any kind.  Instead, it was triggered by a change to one of its database systems' permissions which

SentinelLABS has provided yet another expert analysis.  Tracking threat actor infrastructure has become increasingly complex.  Modern adversaries rotate domains, reuse hosting, and replicate infrastructure templates across operations, making it difficult to connect isolated indicators to broader activity.  Checking an IP address, a domain, or a certificate in isolation often yields little value when adversaries hide behind short-lived domains and churned TLS certificates.  As a result, analysts

Security solutions firm Sophos has released its fifth annual Sophos State of Ransomware in Retail report.  The report, which surveyed IT and cybersecurity leaders across 16 countries, reveals alarming trends in ransomware incidents affecting the retail sector.  The report highlights that nearly half (46%) of retail ransomware incidents were traced back to an unknown security gap, indicating significant visibility challenges within the retail attack surface.[1]

Among organizations that experience

The federal government confirmed on 14 November that hackers are exploiting a vulnerability affecting Fortinet devices that has caused alarm among cybersecurity experts since early October 2025.  The Cybersecurity and Infrastructure Security Agency (CISA) gave all federal civilian agencies seven days to patch CVE-2025-64446 and released an advisory that said it is “aware of exploitation.”  CISA typically gives agencies 21 days to patch most vulnerabilities added to its list of exploited bugs.  C

In the lead-up to Black Friday and Cyber Monday 2025, the retail sector in the US is facing a significant increase in cyber-attacks targeting both online and brick-and-mortar businesses.  Threat actors have and are leveraging sophisticated phishing campaigns, malicious websites masquerading as legitimate retailers, and ransomware attacks timed to disrupt critical sales periods.  According to recent industry reports, cybercriminals are exploiting the surge in online shopping traffic by deploying

The concept of robots fighting back is explored in both fictional narratives and real-life incidents, raising questions about the implications of advanced robotics and AI.[1]  By now you’ve probably watched a few (dozen) videos from Boston Dynamics, the robotics company that makes its bones on developing bots that can do wildly impressive things.  Heck, you’ve probably seen the firm’s viral videos posted on our page.  Every few months, the Massachusetts-based maker releases clips of its creation

The Dun & Bradstreet Financial Services & Insurance Pulse Survey 2025, built on responses from more than 2,000 senior professionals across five markets (US, UK, Sweden, Germany, Switzerland), reveals a sector racing to modernize but hamstrung by legacy systems, fragmented data, and intensifying cyber risk.  It is a familiar paradox for CISOs: record spending on innovation yet growing unease that resilience isn't keeping pace.  Cybersecurity sits at the very top of industry concern, with 79% of f

The financial sector remains a prime target for cyber-attacks, with attackers constantly seeking to exploit vulnerabilities across the industry's global supply chain.   Cyber risk intelligence firm Bitsight has conducted a comprehensive analysis, mapping 41,511 financial organizations and 50,232 relationships with third-party technology providers.  The aim is to shed light on the hidden pillars of the financial sector and enhance resilience against cyber threats.[1]

For help with Supply Chains: