X-Industry

North Rhine-Westphalia Polizei reported on 06 March 2023, that they have disrupted an international cybercrime gang which has been blackmailing large companies and institutions for years, raking in millions of euros and US Dollars.  Working with law enforcement partners including Europol, the US FBI and authorities in Ukraine, police in Duesseldorf said they were able to identify 11 individuals linked to a group that has operated in various guises since at least 2010.

The gang allegedly behind t

The notorious carding marketplace BidenCash recently released information on more than 2.1 million credit and debit cards.  The criminal site uses the president’s name and photo to trade in stolen data.  Carding marketplaces, also referred to as card shops, are cybercrime websites that facilitate the trading and unauthorized use of stolen payment card details.  The site active for less than a year, BidenCash has quickly become one of the top carding marketplaces, making a name for itself by rele

Recorded Future: ChatGPT is a chatbot developed by OpenAI, an artificial intelligence (AI) laboratory based in the US, which uses the GPT-3 family of autoregressive (AR) language models. ChatGPT launched on November 30, 2022, and has been subject to widespread attention. Among the potential advantages of ChatGPT, we have also identified several potential use cases ripe for abuse. While ChatGPT has the potential to be abused by nation-state actors to enable cyberespionage, information operations

California - Silicon Valley Bank (SVB), https://svb.com, a lender that was a fixture in the venture capital space for decades, collapsed on 10 March 2023.  The California Department of Financial Protection and Innovation closed SVB and named the FDIC as the receiver.  The trouble started on 08 March 2023 after SVB suddenly announced a plan to raise billions in capital to cover big losses. It set off widespread panic among investors and the tech founders they backed.  Shares of the company fell b

Check out these top 8 cyber security tools to protect yourself from cyber threats.  Software for cyber security and privacy is essential for any company or individual.  The process of preventing cyberattacks on the network, system, or applications is known as cybersecurity.  It is used to prevent identity theft, cyberattacks, unauthorized data access, and cyber threats.[1]

Security of applications, data, networks, disaster recovery, and operations, among other things are the various cybersecurit

Many say, "Let the snake grow long, and it'll eventually bite its tail." As it turns out, US auto dealerships do not enjoy full capitalism, especially when it is not in their favor. Franchised dealer groups and associations across ten US states are preparing for a legal battle against direct client sales by many automakers.  An idea that many prospective car buyers would champion.  Why deal with a pushy salesperson, when you can pick out the model of car and options; direct from the factory.  Ac

In cybersecurity defense, the use of automatic protection tools is half the assignment.  The human element plays an increasingly important role.  Scammers like to take shortcuts and know that it is easier to trick people than it is to exploit software or hardware.  Any organization with a well-guarded security perimeter is an easy target, as long as its employees fall for phishing scams. 

The problem reached new heights during the coronavirus pandemic.  This situation for led to online panic tha

Interested in using ChatGPT?  It’s all the rage.  Information and instructions can be found here:  https://openai.com/pricing  You can establish and account and begin using the service.  The following is an easy way to learn and understand its capabilities.[1]

See:  https://redskyalliance.org/xindustry/a-chat-with-chatgpt

ChatGPT's advanced capabilities have created a huge demand, with the 'app' accumulating over 100 million users within two months of launching. One of the biggest standout featu

Red Sky Alliance would like to share a technical report through a recent joint Cybersecurity Advisory (CSA) as part of an ongoing #StopRansomware effort to publish advisories for network defenders that detail various ransomware variants and ransomware threat actors.  These #StopRansomware advisories include recently and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) to help organizations protect against ransomware. 

Visit stopransomware.gov t

he US government released its National Cyber Security Strategy on 28 February 2023, detailing mandatory regulation on critical infrastructure vendors and endorsing a more aggressive ‘hack-back’ approach to dealing with foreign adversaries and ransomware actors.  As previously reported, the White House plans to use regulation to “level the playing field” and shift liability to organizations that fail to make reasonable precautions to secure their software.  “[While] voluntary approaches to critic

GoDaddy at https://www.godaddy.com is a leading web hosting company with 21 million users worldwide and many small businesses. It has been reported that a cyber group has gained access to its servers and installed malware. Part of the stolen data included employees’ and customers’ login credentials, and the flaw allowed attackers to install malware, which would redirect customers’ websites to malicious domains. According to reports, unidentified hackers stole the company’s source code.

A GoDaddy

In early September of 2022, we reported on a security incident that occurred at LastPass in late August.  As a reminder, LastPass is a password manager, which is software intended to facilitate encrypted password storage with easy retrieval.  Other popular password managers include BitWarden, Dashlane, and 1Password.  LastPass is very possible among the more well-known password managers and has had several security incidents even before the incident we reported on in September.  Unfortunately, t

For crypto investors who have not followed the news of thefts, exchange collapses, new government regulations and are prepared to lose their entire investment, here is some advice to follow.  Hackers demand payment in crypto, participate in scams that lead to crypto theft directly, or target crypto trading companies.  As an individual with funds in crypto, you are likely to encounter attempts of fraudulent investment schemes, giveaways, phishing attacks, and more mischief.

The “hook” of most inv

Repossessing a car has always been a dangerous operation.  This is when a car owner stops paying their loan or lease and the car company comes out to take their property back.  Looking out their bedroom window at 5AM in the morning, many delinquent car owners call the police thinking someone is stealing their car.  Most reputable repossession businesses will contact the police prior to the actual repossession and thus the owner’s answer is not a positive one.  But the bottom line is that the who

The US CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks - Actions to take today to harden your local environment:

• Establish a security baseline of normal network activity; tune network and host-based appliances to detect anomalous behavior.
• Conduct regular assessments to ensure appropriate procedures are created and can be followed by security staff and end users.
• Enforce phishing-resistant MFA to the greatest extent possible.

In 2022, the US Cybersecurity and

Buying a used car has always been somewhat of a gamble.  Things are much better than in the past, but sketchy dealers are still out there and prey on unsuspecting buyers.  In the old days, rolling back the odometer was relatively easy.  Laws were then created and “some” of that fraudulent practice slowed.  Now everything is electronic and hacking the odometer is a bit trickier.  Or is it?

The on-line car buying company, CarFax, shares some pointers about this type used car sales fraud: “Many peo

Organizations are generating and storing an increasing amount of digital data. Protecting this information from unauthorized access, theft, or damage is critical.  The Chief Information Security Officer (CISO) is responsible for ensuring that an organization’s sensitive data is appropriately secured and protected from potential threats.  In the below analysis, we see the various types of data that CISOs and other business leaders need to protect while working together to do so, along with tangib

The current Ukraine crisis has revealed the willingness of state and non-state actors to involve themselves in conducting attacks of various degrees of severity and frequency.  Notably, hacktivists and cybercriminal groups have joined the conflict extending beyond the borders of the two primary combatants, with cyberattacks targeting those governments and private sector organizations perceived to be supporting the other side.  Patriotic hacktivism is not necessarily new, especially in troubled a

The economic downturn predicted for 2023 will lead to layoffs but cybersecurity workers will be least affected, says the latest (ISC)² report. Also, as soon as things get better, they will likely be the first ones to get (re)hired.  Execs have finally realized the importance of cyber security.

There have been massive layoffs by tech and other companies in the last few months.  In December 2022, (ISC)² polled 1,000 C-suite executives from Germany, Japan, Singapore, the UK and the US about whether

Back in the late 1960’s there was a film called, The Good, the Bad and the Ugly.  It was a story of three outlaw cowboys who exhibited these three moral traits.  Sentinel Labs are now sharing a story of the modern day The Good, the Bad and the Ugly.

The Good - The man behind the development and sale of the NLBrute password-hacking tool was extradited to the United States this week.  Known by his alias, dpxaker, US officials charged Russian national Dariy Pankov with computer and access device fr