X-Industry

Ukraine’s parliament has approved, in its first reading, a bill to create a Cyber Forces command within the armed forces, underscoring the growing strategic importance of cyberspace in Kyiv’s defense against Russia.  The draft law, passed on October 9, 2025, with the support of 255 lawmakers, would establish a standalone military command responsible for the country’s cyberspace defense and operations.

According to the explanatory note accompanying the bill, the Cyber Forces of the Armed Forces o

This past week, Red Sky Alliance conducted a webinar detailing the US Secret Service take down of a SIM related espionage campaign during a recent United Nations session in New York City.  Well, the use of SIM farms and cards are also occurring in other parts of the World.  On 10 October 2025, in Latvia, the arrests of five cyber-criminals of Latvian nationality and the seizure of infrastructure were conducted.  The infrastructure was used to enable crimes against thousands of victims across Eur

Behind the Vault - Banks are often seen as bastions of trust, where personal financial information is locked away under layers of regulation and security.  But a new study from the University of Michigan suggests that this trust may be misplaced.  Despite being among the most tightly regulated institutions in the United States, banks may be sharing customer data far more freely than most people realize and doing so behind a maze of confusing and contradictory privacy policies.[1]

The research, t

In January 2025, FortiGuard Labs observed Winos 4.0 attacks targeting users in Taiwan.  In February, it became clear the actor had changed malware families and expanded operations.  What first appeared isolated was part of a broader campaign that shifted from China to Taiwan, then Japan, and most recently Malaysia.

This article examines the methodologies employed to identify strategic connections between their campaigns, revealing how seemingly unrelated attacks are linked through shared infrast

Alarming new data reveals a 300% spike in online searches for "pig butchering scams" over the past month, coinciding with WhatsApp's removal of more than 6.8 million accounts suspected of ties to these sophisticated global fraud rings in August.  Considered to be one of the world's most profitable criminal rackets, pig butchering operations are projected to have netted $12.4 billion this year alone, with victims worldwide losing an estimated $75 billion across the last four years.  Forex experts

Technology company Cisco is being asked to answer a series of questions about a security incident that prompted emergency directives from the federal government last month.  US Senator Bill Cassidy wrote to Cisco CEO Chuck Robbins about CVE-2025-30333 and CVE-2025-20362, vulnerabilities that caused alarm three weeks ago when federal civilian agencies were given just one day to address them.  Cassidy, who is the chairman of the Committee on Health, Education, Labor, and Pensions, noted that “at l

The United States federal government has ended its longstanding support for the Multi-State Information Sharing and Analysis Center (MS-ISAC), a trusted program for sharing cyber threat intelligence that state and local governments have relied on for years.  The US Cybersecurity and Infrastructure Security Agency (CISA) confirmed that its cooperative agreement with the Center for Internet Security (CIS) the nonprofit that runs MS-ISAC expired on 30 September 2025.  With federal funding now cut,

Norwegian officials are looking into a potential cybercrime after they noticed a massive surge in betting activity on this year's Nobel Peace Prize winner, several hours before the official announcement was made.  The convenient timing, coupled with the sheer amount of money wagered, means the Norwegian Nobel Institute is treating it as a possible case of espionage.

Before the big announcement, the Polymarket prediction platform had Venezuelan opposition leader Maria Corina Machado's odds of win

CISA is directing Federal Civilian Executive Branch (FCEB) agencies to inventory F5 BIG-IP products, evaluate if the networked management interfaces are accessible from the public internet, and apply updates from F5. 

A nation-state affiliated cyber threat actor has compromised F5’s systems and exfiltrated files, which included a portion of its BIG-IP source code and vulnerability information.  The threat actor’s access to F5’s proprietary source code could provide that threat actor with a techn

A recent Cobalt report found that 68% of security leaders are concerned about the risks of third-party software tools and components introduced across their tech stacks. Seventy-three percent reported receiving at least one notification of a software supply chain vulnerability or incident in the past year.

According to the report, 60% believe attackers are evolving too quickly to maintain a truly resilient security posture and 46% are uneasy about AI-driven features and large language models.  S

Scouting America, the organization formerly known as the Boy Scouts, is giving scouts the chance to earn two merit badges that engage new technology: one in artificial intelligence, and another in cybersecurity.

The organization, which counts about a million scouts in its ranks, offers hundreds of merit badges spanning everything from fishing to fingerprinting.  The badges have long presented scouts with the opportunity to sharpen skills and explore new subjects.[1]

Scouting America is adding th

In 2025, Chaos ransomware resurfaced with a C++ variant.  This marks the first time it was not written in .NET.  Beyond encryption and ransom demands, it adds destructive extortion tactics and clipboard hijacking for cryptocurrency theft.  This evolution underscores Chaos's shift toward more aggressive methods, amplifying both its operational impact and the financial risk it poses to victims.

This Fortinet report provides a comprehensive technical analysis of Chaos-C++, covering its execution fl

Asahi has confirmed it has been the victim of a ransomware attack, resulting in an “unauthorized transfer of data” from its servers.  The Japanese brewing company provided an update on 3 October 2025, one week after disclosing that it had been targeted by a cyberattack, which forced it to suspend some domestic operations in Japan.  The company established an Emergency Response Headquarters to investigate the incident, which discovered that the attack was related to ransomware.

“Subsequent invest

Cybersecurity researchers have shed light on a Chinese-speaking cybercrime group, codenamed UAT-8099, which has been linked to search engine optimization (SEO) fraud and the theft of high-value credentials, configuration files, and certificate data.  The attacks are designed to target Microsoft Internet Information Services (IIS) servers, with most infections reported in India, Thailand, Vietnam, Canada, and Brazil, affecting universities, tech firms, and telecom providers. The group was first d

Until recently, Tim Haugh was among America's top spymasters. The four-star general spent 33 years in Air Force Intelligence and rose to lead America's largest and most advanced intelligence agency.  Haugh was also in charge of defending America from computer threats.  In his first television interview since retirement, General Haugh is here to warn that China has hacked into US computer networks to an astonishing degree.  And he believes he knows why.  The surprise, Tim Haugh told us, is that C

Cybersecurity firm Cyfirma has recently published a detailed analysis of a new ransomware strain named Yurei, which has quickly gained attention due to its speed, stealth capabilities, and the irreversible damage it inflicts.  Discovered in September 2025, Yurei is a sophisticated Go-based cyber threat designed to intimidate and disable its targets with advanced encryption and cunning operational tactics.  Yurei’s encryption mechanism employs a combination of ChaCha20 and ECIES (Elliptic Curve I

The Clop ransomware gang has been exploiting a critical Oracle E-Business Suite (EBS) zero-day bug in data theft attacks since at least early August 2025, according to cybersecurity company CrowdStrike.  Tracked as CVE-2025-61882 and patched by Oracle on 01 October 2025, this vulnerability was discovered in the BI Publisher Integration component of Oracle EBS's Concurrent Processing component, allowing unauthenticated attackers to gain remote code execution on unpatched systems in low-complexity

A Vietnamese threat actor named BatShadow has been attributed to a new campaign that leverages social engineering tactics to deceive job seekers and digital marketing professionals to deliver a previously undocumented malware called Vampire Bot.   "The attackers pose as recruiters, distributing malicious files disguised as job descriptions and corporate documents," Aryaka Threat Research Labs researchers Aditya K Sood and Varadharajan K said in a report shared with The Hacker News. "When opened,

Jaguar Land Rover (JLR) announced on 7 October it will begin the phased restart of its manufacturing operations following a cyber-attack that completely halted global production last month.  Separately, the company said it was launching a financing scheme to provide some of its suppliers with up-front cash to help them overcome the financial difficulties caused by the shutdown.[1]  The impact to JLR’s supply chain caused what one senior British politician called “a cyber shockwave ripping throug

Red Sky Alliance monthly queries our backend databases, identifying all new data containing Motor Vessel (MV) and Motor Tanker (MT) in the subject line of malicious emails.  Malicious actors use emails with Motor Vessel (MV) or Motor Tanker (MT) in the subject line as a lure to entice users in the maritime industry to open emails containing malicious attachments.  Red Sky Alliance is providing this list of Motor Vessels in which we directly observed the vessel being impersonated, with associate