X-Industry

An overwhelming 98% of chief information security officers (CISOs) expect a surge in cyber-attacks over the next three years as organizations face an increasingly complex and artificial intelligence (AI)-driven digital threat landscape.  This is according to new research conducted among 300 CISOs, chief information officers (CIOs), and senior IT professionals by CSC, the leading provider of enterprise-class domain and domain name system (DNS) security.

The report, “CISO Outlook 2025: Navigating

In May 2025, cybersecurity researchers at Cyfirma disclosed serious zero-day vulnerabilities in Versa Concerto, a prominent SD-WAN and SASE solution used by enterprises worldwide.  Among these vulnerabilities, CVE-2025-34027 is particularly alarming due to its high severity and ease of exploitation.  The flaw arises from a path-based authentication bypass in Concerto’s orchestration platform RESTful API, enabling attackers to gain administrative privileges and execute arbitrary commands remotely

China has plans to introduce tighter regulatory controls over Artificial Intelligence (AI) Data Centers, which could have significant effects on the cryptocurrency market, sending ripples through the technology markets.  Such policies could impact the operational freedom of AI-driven companies and data processing hubs within the country.  Chinese regulators informed major tech companies, including Alibaba, Tencent Holdings, ByteDance, and Baidu, that they would tighten control over the construct

There has been a 700% increase in cyber-attacks against Israel over the past two days when comparing to the time period before 12 June, cybersecurity firm Radware said on 15 June.  The data indicate a "significant escalation in malicious network activity targeting Israeli infrastructure," the firm said.  "The 700% surge in malicious activity within just two days stems from cyber retaliation operations by Iranian state actors and pro-Iranian hacker groups, including DDoS attacks, infiltration att

Cyber-attacks on businesses continue to escalate in 2025, with global organizations experiencing an average of 1,925 incidents per week in Q1, which is a 47% increase compared to the same period last year, according to new research from Check Point.  The education sector was the hardest hit, with each institute facing an average of 4,484 weekly attacks.  Government and telecommunications followed, with the latter recording the largest year-over-year spike at 94%.  “The growing reliance on digita

One of America’s largest home and auto insurers has notified regulators and customers of a cybersecurity incident and related network outage.  Fortune 500 business Erie Insurance employs over 7000 staff and 14,000 agents, with parent company Erie Indemnity Company posting revenue of close to $4bn last year.  It currently boasts over six million active policies.  However, the firm warned customers yesterday of an “ongoing network outage” related to a confirmed “information security event” which w

As technological advances redefine the dynamics of modern warfare, Ukraine has emerged as a significant player in adopting cutting-edge robotics and autonomous systems for military purposes. In the context of ongoing conflicts and geopolitical tensions, the nation has turned to innovation not only to bolster its defensive capabilities but also to adapt to the challenges of asymmetric warfare.

Ukraine’s adoption of robotic technologies in military strategy reflects a shift towards modernizing its

Cybercriminals have been using AI-generated voice messages to impersonate high-ranking US government officials in an ongoing effort to breach the online accounts of current and former officials, the FBI has warned.   The FBI is issuing this announcement to warn and provide mitigation tips to the public about an ongoing malicious text and voice messaging campaign.  

“Since April 2025, malicious actors have impersonated senior US officials to target individuals, many of whom are current or former

A Massachusetts-based ambulance billing company has agreed to pay federal regulators a $75,000 penalty and implement a corrective action plan following a 2022 ransomware breach that affected about 70 clients and nearly 586,000 people.  The U.S. Department of Health and Human Services' Office for Civil Rights said on 30 June 2025 that it had reached the settlement with Comstar LLC following the agency's investigation into the company's hacking incident looking into potential HIPAA violations.  HH

The longer our digital lives, the more online accounts we are likely to accrue. Can you even remember all the services you’ve signed up for over the years? It could be that free trial you started and never cancelled. Or that app you used on holiday once and never returned to. Account sprawl is real. According to one estimate, the average person has 168 passwords for personal accounts.

Inactive accounts are also a security risk, both from a personal and a work perspective. They represent a potent

Recently, I have been receiving emails from stangers that appeared to be from Docusign for my signature, now I know why.  A new malware campaign using fake DocuSign verification pages to deploy the NetSupport Remote Access Trojan (RAT) has been uncovered. According to DomainTools, the campaign tricks users into infecting their own machines through a series of deceptive steps involving clipboard manipulation and disguised scripts.  At the core of the campaign is a spoofed DocuSign website that mi

The grounding of the MSC Antonia near the Eliza Shoals off Jeddah has drawn attention to the increasing risks of cyber-physical attacks in the maritime sector, particularly in the Middle East and North Africa (MENA).  Analysis by maritime intelligence firms suggest the incident may have been caused by GPS jamming that compromised the vessel's navigational systems, leading to incorrect positioning data and the subsequent grounding.

Luke Pordham, assistant vice president at Lockton MENA, highlight

Common Vulnerabilities and Exposures (CVEs) are a top cause of cloud breaches.  Organizations often fail to patch or mitigate these known vulnerabilities.  Sometimes, it is due to gaps in visibility regarding the presence of CVEs in their cloud environments.  Often, organizations struggle to keep up with the constant stream of vulnerabilities and prioritize their remediation.  Gaps in patching both offer a foothold for targeted attacks and also empower untargeted, large-scale exploitation attemp

The analysis from Fortinet below is part of an incident investigation led by their Incident Response Team.  Their researchers discovered malware that had been running on a compromised machine for several weeks.  The threat actor had executed a batch of scripts and PowerShell to run the malware in a Windows process.  Although obtaining the original malware executable was difficult, a memory dump of the running malware process and a full memory dump of the compromised machine (the “fullout” file,

Artificial intelligence researchers have warned that OpenAI’s latest ChatGPT model ignores basic instructions to turn itself off and even sabotaged a shutdown mechanism to keep itself running.  Remember HAL from the 2001 Space Odyssey movie?  HAL (Heuristically Programmed Algorithmic Computer) was an onboard spacecraft computer, who would not allow astronauts David Bowman and Frank Poole to disable its operation.  That was a very forward-learning look in 1968 that examined the future perils of a

It is hard to believe that the infamous attack on the Maersk was eight (8) years ago.  This attack was one of the most notable incidents underscoring the importance of cyber security in the maritime industry is the 2017 Maersk cyber-attack. The shipping giant fell victim to the NotPetya ransomware, which essentially stopped its global operations.  The attack resulted in an estimated financial loss of $300 million and temporarily disrupted the company's ability to process shipping logistics and c

The FBI has issued a critical alert regarding a sophisticated cyber campaign in which malicious actors are impersonating senior US officials using AI-generated voice and text messages.  According to an FBI alert, the campaign, which has been active since April 2025, primarily targets current and former federal and state government officials, as well as their contacts.

Attackers use Smishing (SMS phishing) and Vishing (voice phishing) techniques, now augmented with AI-generated content, to deceiv

Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate

Dutch intelligence agencies and Microsoft report that a novel Russian state intelligence hacking group is likely purchasing stolen credentials from criminal marketplaces to gain entry to North American and European networks.   In coordinated disclosure recently, the Dutch government and Microsoft stated this group of government-linked hackers has been active since 2024 and has "a specific interest in European Union and NATO member states."  Dutch agencies said the group, which they named "Laundr

In an era defined by accelerating cyberthreats and technological disruption, founders face a complex, evolving landscape.  Regardless of industry, this is a reality for startups, whether they’re developing a first prototype, fine-tuning a go-to-market strategy or preparing to go public.  The same advances in artificial intelligence (AI), cloud computing and automation that enhance companies’ defenses are simultaneously exploited by adversaries.  On the horizon, quantum computing promises to resh