X-Industry

The “We Try Harder” Avis Car Rental https://www.avis.com  has begun notifying close to 300,000 individuals about a data breach that occurred in August 2024, resulting in the theft of sensitive personal information. The breach reportedly exposed customer names, addresses, driver license numbers, and other personal data.

Following the discovery of the breach, Avis initiated an incident response plan, including engaging cybersecurity experts to assess the scope of the attack and bolster security. T

Android phones are once again under attack from a dangerous trojan which has resurfaced to infect at least 11 million devices.  According to a blog post from the cybersecurity firm Kaspersky, the Necro trojan, which its security researchers first discovered in 2019, has returned.  The trojan is now being distributed via official apps on the Google Play Store, unofficial modded versions of popular apps and in Android game mods.   Once installed on one of the best Android phones, Necro then downlo

The Marko Polo cybercrime gang represents a growing global financial threat, steering at least 30 ongoing fraud campaigns simultaneously and wielding an arsenal of sophisticated malware that has compromised tens of thousands of devices.  Researchers reported that the group's scams are going after individuals and organizations alike by impersonating popular brands such as Zoom, Discord, and OpenSea, mainly in online gaming, virtual meeting software, and cryptocurrency platform markets.  The effor

Due to economic turbulence and a relentless surge in cyber threats, today's cybersecurity landscape requires enterprises to remain resilient by adapting to security risks.  Many organizations have chosen to adapt to these risks by embracing modern technology such as generative artificial intelligence (GenAI), which can present new risks if not implemented properly.  The speed at which companies innovate and adopt new technology is far outpacing the security measures that must be addressed first.

Cybersecurity researchers have uncovered a new set of malicious Python packages that target software developers under the guise of coding assessments.  "The new samples were tracked to GitHub projects that have been linked to previous, targeted attacks in which developers are lured using fake job interviews," ReversingLabs researcher Karlo Zanki said.  The activity has been assessed to be part of an ongoing VMConnect campaign that first came to light in August 2023.  There are indications that i

When the Heritage Foundation’s nearly 1,000-page Project 2025 report was published earlier this year, cybersecurity experts focused on its radical suggestion to drastically diminish the Cybersecurity and Infrastructure Security Agency (CISA) and other reimagining of cybersecurity policy.  But despite the buzz the report has caused in Washington cybersecurity circles, interviews with five former senior Trump administration officials demonstrate a much more moderate vision for cyber if he wins a s

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are alerting the public of false claims that the US voter registration data has been compromised in cyber-attacks.  The two agencies note that malicious actors spread disinformation to manipulate public "opinion and undermine confidence in US democratic institutions."

According to public service awareness, the actors present publicly accessible data as evidence of the hacks.  "Malicious acto

Radio Geretsried, a local station in southern Bavarian Germany, has blamed “unknown attackers from Russia” after an apparent ransomware incident left it broadcasting music from emergency backups.  The attack is the latest incident to disrupt a German organization, with the country’s Federal Office for Information Security (BSI) warning: “The extortion of companies and public institutions through ransomware is the fastest growing area of cybercrime and is now a major problem.”

According to a stat

Cybersecurity researchers have warned of ongoing phishing campaigns that abuse refresh entries in HTTP headers to deliver spoofed email login pages designed to harvest users' credentials.  Unlike other phishing webpage distribution behavior through HTML content, these attacks use the response header sent by a server, which occurs before the processing of the HTML content.  Malicious links direct the browser to automatically refresh or reload a web page immediately without requiring user interact

In the months before his attackers tracked him down, the exiled Iranian journalist had been moved in and out of safe houses by London’s Metropolitan Police, given a secret way to signal rescue units and had monitoring devices installed in his home.

British authorities had done even more to protect Iran International, the London-based satellite news channel that airs the weekly program of the journalist, Pouria Zeraati, and has built an audience of millions in Iran despite being outlawed by the I

After two years of being beaten down with memory-safety warnings, the C++ community has published a proposal to help developers write less vulnerable code.  The Safe C++ Extensions proposal addresses the vulnerable programming language's Achilles' heel, ensuring that code is free of memory safety bugs.  "This is a revolutionary proposal that adds memory safety features to the C++ programming language," said the president and executive director of the C++ Alliance last week.  "This collaboration

After the city of Columbus, Ohio, experienced a ransomware attack in July 2024 and disclosed the event, it sued a researcher who claimed the breach was more significant than the city let on.  Ohio's largest city first fell victim to an attack on 18 July 2024 and quickly informed the public, claiming that it had stopped the attack before malware had infected its systems.

In early August 2024, the Rhysida ransomware gang leaked 3.1TB of data on its Tor-based site, information it claimed to have st

A Chinese national has been accused of conducting a years-long spear-phishing campaign that aimed to steal source code from the US Army and NASA, plus other highly sensitive software used in aerospace engineering and military applications.  At least some of the spears hit their targets, and some of this restricted software made its way to China, according to a US Department of Justice (DOJ) announcement and an indictment.  The accused, Song Wu, 39, remains at large and has been charged with 14 c

Crypto took a major hit last year with losses exceeding $5.6 billion, mainly driven by investment fraud, tech support scams, and social engineering via government impersonation.  Latest findings published by the FBI’s Internet Crime Complaint Center (IC3), the product of almost 70,000 reports, marks this 45% rise as a new record high for the industry.  The US alone accounts for $4.8 billion of these reported cases, followed by the Cayman Islands, Mexico, Canada, the UK, India, and Australia.

(So

Cybercriminals have been masquerading as sellers of GlobalProtect,[1] a virtual private network (VPN) software from Palo Alto Networks, and delivering a new variant of WikiLoader malware through search engine optimization (SEO) poisoning.

See:  https://redskyalliance.org/xindustry/shifts-in-cyber-attack-tactics

WikiLoader, also known as WailingCrab, is a downloader malware first discovered in 2022 by Proofpoint.  It's sold in underground marketplaces by initial access brokers, and hackers typica

The underground market for large illicit language models is lucrative, said academic researchers who called for better safeguards against artificial intelligence misuse.  Academics at the Indiana University Bloomington[1] identified 212 malicious LLMs on underground marketplaces from April through September 2024.  The financial benefit for the threat actor behind one of them, WormGPT, is calculated at US$28,000 over two months, underscoring the allure for harmful agents to break artificial intel

After nearly three weeks of identifying unauthorized activity on its network, the Port of Seattle continues to recover from a suspected cyberattack that impacted various operations.  The travel experience at Seattle-Tacoma International Airport is now “normal,” the airport announced last week, with all flight and baggage information showing up on digital screens.  However, the airport and Port’s websites are still down.  Other services such as the airport’s lost and found and visitor pass progra

Slim CD, a company that provides software to merchants for processing electronic payments, said the credit card information of nearly 1.7 million people was exposed to an “unauthorized actor” in mid-June.  The breached data potentially included “name, address, credit card number, and card expiration date,” but there is “no evidence that any such information has been used to commit identity theft or fraud,” the Florida-based company said in a notification letter filed September 6 with regulators.

Poland’s security services reported that they had broken up an alleged cyber sabotage group linked to Russia and Belarus that had attempted to “paralyze” the country through cyberattacks.  The group, whose members were not publicly identified, extorted information from Polish local government agencies and state companies related to military and security matters, Poland’s Minister of Digital Affairs, Krzysztof Gawkowski, said during a press briefing on 10 September 2024.  He referred to the group

The US Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) are responsible for computer network operations against global targets for the purposes of espionage, sabotage, and reputational harm since at least 2020.  GRU Unit 29155 cyber actors began deploying the destructi