X-Industry

In today’s cyber threat landscape, no single technology can universally fight every attack. Cyber threats are becoming more advanced, and adversaries are more skilled in exploiting vulnerabilities.  Sophos’ Active Adversary Report for Tech Leaders found the overall median dwell time was just eight days in the first half of 2023, decreasing from 10 days in 2022, suggesting threat actors are speeding up and advancing their attacks.

Preventing the most advanced attacks requires human-led threat hun

Aindrea Campbell knows more than most about high-tech production.  In her previous role, she was senior director of iPad operations at Apple, helping to run the sophisticated assembly lines in China that produce tens of millions of tablet computers each year.  As chief operating officer of Agility Robotics, Campbell will oversee the production of pioneering products in the US.  In September, the company announced that its 70,000 sq ft RoboFab, the “world’s first factory” for building humanlike r

Since the introduction of ChatGPT, the media and security experts have warned that phishing tactic are now more powerful, compelling and increasing in numbers. IBM’s X-Force Red wanted an objective assessment on this subjective assumption.  The method chosen was to test an AI-generated phishing email and a human generated email against employees working for a healthcare firm. Sixteen hundred staff members were selected: 800 received the AI phish, while the other 800 received the human phish.[1]

This Fortiguard article in the Ransomware Roundup covers the Knight ransomware.

Knight Ransomware Overview: 
Knight is a relatively new ransomware group that arrived in August 2023. Like many attackers, the gang behind this variant employs double extortion tactics, where the Knight ransomware encrypts files on victims’ machines and exfiltrates data for extortion purposes.

The predecessor of Knight, Cyclops, had multi-OS tools for Windows, Linux, and Mac OS. So, while FortiGuard Labs had only loc

What if a QR (Quick Response) code was shown on a TV advertising spot, and the company behind that commercial had malicious intent?  For example, the QR code displayed during the AD opened your phone's browser and automatically downloaded and installed a piece of ransomware.  Given the number of people who watch the televised events, the outcome of that attack could have been disastrous.   That is Quishing, fooling a person (or several people) into thinking something is harmless (or necessary),

The cybersecurity landscape is full of threats and new ones are emerging.  This makes it increasingly difficult for businesses to protect themselves and their supply chains from cyberattacks.  One way to mitigate supply chain risk is to implement a global cybersecurity rating system.  This would allow businesses to assess the security posture of their suppliers and identify any potential risks.

Could there be a service/system where businesses could simply check a rating to see how secure their s

The RagnarLocker ransomware’s infrastructure and the website the group used for shaming victims were taken down this week as part of a coordinated law enforcement effort.  Active since 2020, RagnarLocker has been involved in numerous attacks, with at least 52 entities across 10 critical infrastructure sectors falling victims to this ransomware family, according to data from the Federal Bureau of Investigation (FBI).

See:  https://redskyalliance.org/xindustry/ragnar-locker-ransomware

Unlike other

My question is, “Who has not stolen my personal information?”  Equifax, Home Depot, Target, Anthem, and the OPM have already lost my PII.  I recently declined an invitation to register with ID.me, https://www.id.me .  ID.me is an American online identity network company that allows people to provide proof of their legal identity online. ID.me digital credentials can be used to access government services, healthcare logins, or discounts from retailers.  This potential theft will allow an unknown

Last year, Forbes wrote a scary article about facts and patterns that applied to Halloween and Cybersecurity Awareness Month of October.[1]  After another year, the online environment and digital dangers are still unsettling, if not scarier.  So, exploring some of the stats and trends is time again.

“In 2023, the World Economic Forum, for the first time, ranked cybercrime and cybersecurity as one of the top ten global risks over a 2-year and 10-year period.  Legislation in the US and Europe is m

The Fortinet 2023 State of Operational Technology and Cybersecurity Report is their fifth annual study based on data from an in-depth worldwide survey of 570 OT professionals conducted by a respected third-party research company.

Protecting OT systems is now more critical than ever as more organizations connect their OT environments to the internet.  Although IT/OT convergence has many benefits, it is being hampered and handicapped by advanced and destructive cyberthreats. The spillover of these

As October is winding down, we turn our focus to Training.  October 2023 marks the 20th annual Cybersecurity Awareness Month.  While it was initially founded as a national movement in the US, Cybersecurity Awareness Month has since grown into a global initiative.  And for good reason.  Today's cybersecurity market is suffering from a skills gap of 3.4 million trained professionals, with security practitioners being overwhelmed by a continuous onslaught of increasingly sophisticated attacks while

Back in 1975, singer-songwriter Barry Manilow wrote and sang a song, I Write the Songs.  Forty-eight years later, Barry might be out of a job with AI now writing songs.  Universal Music https://www.universalmusic.com sued AI startup Anthropic https://www.anthropic.com  over “systematic and widespread infringement of their copyrighted song lyrics,” per a filing in a Tennessee federal court in October 2023.  One example from the lawsuit: When a user asks Anthropic’s AI chatbot Claude about the lyr

A multistate lawsuit against software company Blackbaud has been settled, according to the North Carolina Attorney General’s office.  North Carolina Attorney General Josh Stein recently announced the $49.5 million settlement with Blackbaud.  Multiple states had brought a suit against the software company for its deficient data security practices and response to a 2020 ransomware attack that exposed the personal information of millions of people across the country.  Why is this Important?

The Nor

Ukrainian hackers collaborated with the country's security services, the SBU, to breach Russia's largest private bank, a source within the department confirmed to Recorded Future News.  Last week, two groups of pro-Ukrainian hackers, KibOrg and NLB, hacked into Alfa-Bank and claimed to obtain the data of more than 30 million customers, including their names, dates of birth, account numbers, and phone numbers, according to a post on their official website.

Alfa-Bank was sanctioned by the United S

SentinelLabs has provided a timely report on the current cyber posture regarding the Israel-Hamas War.  Since the start of the Israel-Hamas war, the cyber domain has played a critical role in the conflict, albeit in ways the world may not have expected. Immediately following the attacks from Hamas on 7 October, social media became a hotbed of disinformation, inaccurate self-described OSINT investigators, and public confusion.  Unfortunately, leading social media platforms failed to stop the spre

Using a trending item as a malicious lure is relatively common; to do it in a period of military conflict and deliberately target users in the affected region is a different step.  Recently, a genuine app: RedAlert - Rocket Alerts, has been popular among users in the Israel and Gaza region, since it allows individuals to receive timely and precise alerts about incoming airstrikes.  However, a malicious, spoofed version of the app was detected last week, which collected personal information inclu

The hackers behind the ransomware attack that crippled operations at MGM Resorts are “one of the most dangerous financial criminal groups” currently operating, researchers at Microsoft said last week.  In a blog, the researchers explained the tactics used by Octo Tempest, a group also known as Scattered Spider, 0ktapus or UNC3944.

The group has been in the limelight since its attack on MGM Resorts left parts of Las Vegas paralyzed for days and cost the casino giant an estimated $100 million.  Th

In a world driven by connectivity and digitalization, the maritime industry is not immune to the growing threat of cyberattacks.  A recent report by Thetius, law firm HFW, and maritime cybersecurity company CyberOwl reveals a sobering truth: the average cost of a cyberattack in the maritime sector has soared to $550,000, a threefold increase from $182,000 in 2022.  Moreover, ransom demands have skyrocketed by more than 350%, with an average payment of $3.2 million, up from $3.1 million the previ

A new information stealer named ExelaStealer has become the latest one to become available to the hacker audience.  There are many choices available for off-the-shelf malware designed to capture sensitive data from compromised Windows systems.  ExelaStealer is a largely open-source infostealer with paid customizations available from the threat actor creator.

Written in Python and incorporating support for JavaScript, it comes fitted with capabilities to siphon passwords, Discord tokens, credit c

Okta Security has identified adversarial activity that leveraged access to a stolen credential to access Okta's support case management system.  The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases. It should be noted that the Okta support case management system is separate from the production Okta service, which is fully operational and has not been impacted. In addition, the Auth0/CIC case management system is not impacted by this incident.