X-Industry

As a child, reading comic books (not buying them) at our neighborhood Rexall drug store, I dreamed of becoming a comic book artist, but I lacked one important skill: the ability to draw pictures other than stick figures.  Now, 60 years later AI can fulfill my dreams of having my comic books and characters.  Available as a space through Hugging Factory, the AI Comic Factory will design comic book pages for you based on your descriptions.

Describe your scenario, choose a style, and then select a l

Advanced Persistent Threat (APT) actors have exploited known vulnerabilities in Zoho ManageEngine and Fortinet VPN products to hack an organization in the aeronautical sector, according to a joint report from the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), and the Cyber Command’s Cyber National Mission Force (CNMF).  Impacting more than 20 on-premises Zoho ManageEngine products, the first bug, tracked as CVE-2022-47966 (CVSS score of 9.8), allows remote attackers to execute

Hackers attacked the national power grid of an unspecified Asian country earlier this year using malware typically deployed by personnel connected to China’s government, researchers said last week.  Cybersecurity company Symantec declined to attribute the incident to China but pointed to a group it tracks as RedFly.  The group compromised the network for as long as six months, stealing credentials and targeting multiple computers, the researchers said.

The malware, known as ShadowPad, also has b

Recently, British authorities have arrested a man who reportedly spied for China in their government offices in London, resulting in new fears on how Beijing gathers intelligence today.  The incident follows allegations earlier this year that China flew a surveillance balloon over the United States, causing diplomatic problems.  And the USA failed to shoot down the rogue balloon until it had completely covered the country unmolested.

Here are some of the ways China has worked to spy on the weste

Google’s threat hunting unit has again intercepted an active North Korean APT actor sliding into the DMs of security researchers and using zero-days and rigged software tools to take control of their computers.  Google’s Threat Analysis Group (TAG) recently reported the government-backed hacking team’s social media accounts and warned that at least one actively exploited zero-day is being used and is currently unpatched.[1]

See:  https://redskyalliance.org/xindustry/no-good-deed-goes-unpunished

Moving goods via rail remains one of the most popular modes of transportation.  In a typical year, US freight railroads move around 1.6 billion tons across nearly 140,000 miles of track.  US citizens traveled more than 12.5 billion kilometers by rail in 2021, through the automobile remains the king in the US.  Thousands of railways, from national and regional networks to intra-city light rails, have been built to connect the country and its industries, turning rail into a critical component of t

Cybersecurity investigators are warning of a new type of phishing attacks that abuse Google Looker Studio to bypass protections.  Google Looker Studio[1] is a legitimate online tool for creating customizable reports, including charts and graphs that can be easily shared with others.  Looker Studio, formerly Google Data Studio, is an online tool for converting data into customizable informative reports and dashboards introduced by Google on 15 March 2016 as part of the enterprise Google Analytics

It was not so long ago that malware authors, much like software developers, were concerned about the size of their code, aiming to keep it as small and compact as possible.  Small binaries are less noticeable and can be slipped inside other files or shipped in benign code, attachments, and images.  Smaller executables take up less space on disk, are faster to transfer over the wire, and, if written efficiently, can execute their malicious instructions with less tax on the host CPU.  In days of s

United Airlines said last week that a software update triggered a ‘glitch’ that forced it to halt flight departures nationwide, briefly crippling the US biggest airline carrier on a busy holiday travel window.  US federal officials said United crews had been unable to contact airline dispatchers through normal means.  “A software update caused a widespread slowdown in United’s technology systems,” United said in a statement.  The airline said it was not a cybersecurity issue.[1]

The Federal Avia

North Korea has some decent cyber operations aimed against its foes but can’t seem to figure out rocket propulsion.  North Korea’s attempt to send a military spy satellite into orbit has failed for a second time.  A North Korean representative reported that the launch took place in the early hours of 24 August 2023, the first day of a week-long launch window, but failed because of a problem with the rocket's third stage carrying the satellite.  North Korea will try again in October 2023.  “The f

Protecting your online safety has never been more crucial in today’s digital age, where cybercriminals and hackers lurk around every virtual corner.  The reality of cybersecurity threats, ranging from identity theft to malicious software attacks, can leave us feeling vulnerable and exposed.  However, there is hope! In this blog post, we will explore some of the common cyber threats you may encounter and delve into the crucial role that online security consultants play in safeguarding your digita

As the use and dependence on computers and software grow, so do the threats facing businesses of being hacked or becoming a victim of ransomware, where a company is locked out of a system until they pay a ransom.  In some cases, even if a company pays the ransom, it may still experience irreparable damage to its systems, network and reputation.

According to the Federal Bureau of Investigation’s Cyber Crime Compliant Center (IC3), ransomware is one of the biggest and most frequent threats to busi

Articles on cyber warfare have consistently seen cyberattacks as a first-strike weapon for attacking countries before or at least at the onset of a moving conflict.  The speed with which these attacks occur and the difficulty in allowing for sufficient indications and warning for defenders to mitigate their intensity and volume successfully have bolstered cyberattacks as a legitimate capability for degradation, disruption, and destruction.  Cyberattacks in a moving conflict are synonymous with a

Our friends at FortiGuard Labs, recently detected a new injector written in Rust—one of the fastest-growing programming languages—to inject shellcode and introduce XWorm into a victim’s environment.  While Rust is relatively uncommon in malware development, several campaigns have adopted this language since 2019, including Buer loader, Hive, and RansomExx.  FortiGuard Labs analysis also revealed a significant increase in injector activity during May 2023, where the shellcode can be encoded with

The United States Space Force has activated its first and only unit dedicated to targeting other nations' satellites and the ground stations that support them.  The 75th Intelligence, Surveillance and Reconnaissance Squadron (ISRS) was activated on 11 August at Peterson Space Force Base in Colorado.  This unit is part of Space Delta 7, an element of the US Space Force tasked with providing intelligence on adversary space capabilities.  It will do things like analyze the capabilities of potential

DoDo ransomware was first reported last February of 2023.  It is a variant of the widely reported and observed Chaos ransomware.  Because it is a derivative, the DoDo ransomware is not considered new and recent.  However, a slightly different version of the DoDo ransomware has recently emerged, described below.[1]

Infection Vector - DoDo ransomware samples have the “Mercurial Grabber” file icon, which indicates the ransomware was likely distributed as such.  Mercurial Grabber is an open-source m

The US intelligence community is warning the domestic space industry of the growing risk of espionage and satellite attacks from China, Russia, and other adversaries.  In coordination with the FBI, the National Counterintelligence and Security Center (NCSC), and the Air Force Office of Special Investigations, the Office of the Director of National Intelligence released a warning about the growing threat of foreign intelligence entities (FIEs) as they continue to launch cyberattacks to gain acces

The US Justice Department (DOJ) on 23 August 2023 unsealed an indictment against two founders of the now-sanctioned Tornado Cash cryptocurrency mixer service, charging them with laundering more than $1 billion in criminal proceeds.  Both the individuals, Roman Storm and Roman Semenov, have been charged with conspiracy to commit money laundering, conspiracy to commit sanctions violations, and conspiracy to operate an unlicensed money-transmitting business.

Storm is said to have been arrested in t

The UK’s National Cyber Security Centre (NCSC) issued a warning this week about the growing danger of “prompt injection” attacks against applications built using AI.  While the warning is meant for cybersecurity professionals building large language models (LLMs) and other AI tools, prompt injection is worth understanding if you use any kind of AI tool, as attacks using it are likely to be a major category of security vulnerabilities going forward.

Prompt injection is a kind of attack against LL

Pick your industry and you will quickly conclude that cyber-attacks on their systems are an empirical threat to commercial and industrial operations.  Cyber risk now slices through almost every type of business activity, and the maritime industry is no exception.  According to US Coast Guard Cyber Command statistics, maritime cyber incidents increased 68% in 2021 alone.

Cyber-insecurity not only poses increased risks to maritime operations but also to general planning, which more and more has be