X-Industry

When investigating any crime, finding the motive or the reason for an individual committing the crime, is essential to finding the suspect.  There are many reasons, or motives for criminal activity: greed, envy, need, mental illness or revenge are common motivations.  So, who killed Bob Lee in San Francisco?       

Tech entrepreneur Bob Lee left San Francisco in October amid concerns over public safety and then returned on business and found himself pleading for help in a 911 call after sustaini

It is one of China’s most popular shopping apps, selling clothing, groceries and just about everything else under the sun to more than 750 million users a month.  But according to cybersecurity researchers, it can also bypass users’ cell phone security to monitor activities on other apps, check notifications, read private messages and change settings.  And once installed, it’s tough to remove.

While many apps collect vast troves of user data, sometimes without explicit consent, experts say e-com

Besides politics, artificial intelligence is all over the news today. Generative AI chatbots like ChatGPT can summarize scientific articles for you, debug your faulty code, and write Microsoft Excel formulas at your command.  But have you considered how many jobs AI can replace?  Goldman Sachs thinks something like 300 million.

See: https://redskyalliance.org/xindustry/the-future-is-here

According to the investment bank, about 300 million jobs could be lost to AI, signaling that the technology c

Manufacturing is the most targeted sector by cyberattacks, as reported by the World Economic Forum (WEF).[1]  The heavy digitalization of the manufacturing sector is yielding increased growth, efficiency and profitability.  This boost, however, has also exposed the sector to malicious actors looking to exploit vulnerabilities through sophisticated approaches.

For the second year running, manufacturing has been the most targeted sector by cyberattacks. Throughout 2022 alone, ransomware attacks on

Multiple vulnerabilities have been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution.  Google Chrome is a web browser used to access the internet.  Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user.  Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full us

By monitoring an open-source ecosystem, the FortiGuard Labs team recently discovered over 60 zero-day attacks embedded in PyPI packages (Python Package Index) between early February and mid-March of 2023.  In this report[1], analysts cover all the packages found, grouping them into similar attacks or behaviors.

The packages in this set were found to be similar:

• py-hydraurlstudy (version 2.37)
• tptoolpywgui (version 10.56)
• libgetrandram (version 7.78)
• esqultraultrapong (version 7.37)
• esqhacke

Ports in Europe are preparing for a major regulatory change next year in how the hundreds of companies in their global supply chains address cybersecurity as ports have become a target for criminal hacker groups and state-sponsored attacks.
Cybersecurity rules approved by the European Union (EU) for pharmaceuticals, transportation, energy and other critical infrastructure companies are set to take effect in 2024 and will require hundreds of firms that operate out of Europe’s big ports to use ba

The Homeland Security Information Network (HSIN) is the Department of Homeland Security’s official system for trusted sharing of Sensitive But Unclassified (SBU) information between federal, state, local, tribal, territorial, international, and private sector partners.  HSIN users rely on the platform to access mission-critical data, send requests securely between agencies, manage operations, coordinate planned event safety and security, respond to incidents, and share the information they need

Big-data analytics firm Databricks Inc. has emerged as an unlikely player in the generative artificial intelligence space. Databricks is open-sourcing a new AI model that it claims is “as magical as ChatGPT,” despite being trained on far less data in less than three hours using a single machine.

Databricks announced in a blog post today that it’s making what it calls ‘Dolly’ available for anyone to use, for any purpose, as an open-source model, together with all its training code and instruction

Tesla has been hacked at the Pwn2Own hacking event, and the hacking group has
taken home a Tesla Model 3 and $100,000.

As electric vehicles and their significant amount of integrated software have become more common in everyday life, the security around them has become significantly more critical.  In the worst-case scenario, a hacker could not only gain access to a car but could leak user data or even take control of the vehicle.  Now, at the Pwn2Own hacking competition, a group of hackers succ

A New York man accused of running the popular cybercrime forum BreachForums was recently arrested and charged.  He is believed to be Pompompurin, an individual whose online moniker was mentioned in several high-profile hacking stories in the past years.   It is sad to know that this criminal used the name Pompompurin, which is the name of a good natured Golden Retriever dog character introduced by the Japanese company Sanrio (Hello Kitty) in 1996.  The suspect is 21-year-old Conor Brian Fitzpatr

According to various investigating agencies, thousands are believed to have lost their savings after investing in a cryptocurrency trading app called iEarn Bot   https://www.iearnbot.com.  DO NOT VISIT THIS WEBSITE; IT IS A SCAM.  Experts investigating the company say it could be one of the largest crypto scandals.  Cryptocurrency trading has become popular, with people often promising large rewards over short periods.  But law enforcement agencies warn of many scams and recommend investors cond

The malware downloader BATLOADER has been observed abusing Google ADs to deliver secondary payloads like Vidar Stealer and Ursnif.  According to cybersecurity researchers, malicious ads are used to spoof a wide range of legitimate apps and services, such as Adobe, OpenAPI's ChatGPT, Spotify, Tableau, and Zoom.  BATLOADER, as the name suggests, is a loader responsible for distributing next-stage malware such as information stealers, banking malware, Cobalt Strike, and even ransomware.

See:  https

Phishing, the theft of users' credentials or sensitive data using social engineering, has been a significant threat since the early days of the internet and continues to plague organizations, accounting for more than 30% of all known breaches. With the ongoing trend to remote working during and post pandemic, hackers have increased their efforts to steal login credentials as they take advantage of the chaos and lack of in-person user verification.

This has led to the revival of the old-school te

As part of the Enduring Security Framework (ESF), the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have released Identity and Access Management Recommended Best Practices Guide for Administrators.  These best practices provide system administrators with actionable recommendations to better secure their systems from Identity and Access Management (IAM) threats.

IAM, a framework of business processes, policies, and technologies that facilitate the

One of the US’ largest food distributors has left chefs, owners and restaurant staff across the nation scratching their heads and looking for answers after a disruption to service that began last week.  Fort Worth TX based Ben E. Keith issued a public statement last week regarding issues with their systems that left trucks unable to make deliveries to restaurants for days.[1]  The full statement reads: "Ben E. Keith recently detected unusual activity in our network.  In response, we proactively

Italian sports car maker Ferrari reported on 19 March that a threat actor had demanded a ransom related to customer contact details that may have been exposed in a ransomware attack.  “Upon receipt of the ransom demand, we immediately started an investigation in collaboration with a leading global third-party cybersecurity firm,” the iconic car maker said.  “In addition, we informed the relevant authorities and are confident they will investigate to the full extent of the law.”

The company did n

As the Captain of your ship, you are standing on the bridge and the course is being monitored on a digital display. The course shows a heading of north, yet the ship continues to turn west. On the computer screens in the dark wheelhouse, everything looks normal, but outside your window, the land is coming dangerously close! What is happening? You do not want to run aground, or worse collide with the pier or other vessels.

Down in the engine room, the engineers report back to you via radio that e

Meta’s workforce ballooned in recent years as the Facebook parent company signaled its ambitions for the metaverse. Still, recent moves suggest that it is feeling the sting of changing tech trends and rough market conditions.  The company today announced another round of layoffs, one day after saying that it was “winding down” support for NFTs (non-fungible tokens).  Co-founder and CEO Mark Zuckerberg wrote in a post on 14 March 2023 that Meta will terminate about 10,000 additional employees in

Google has launched Bard, yes Bard, the search giant’s answer to OpenAI’s ChatGPT and Microsoft’s Bing Chat.  Unlike Bing Chat, Bard does not look up search results, all the information it returns is generated by the model itself.  But it is still designed to help users brainstorm and answer queries.  Google wants Bard to become an integral part of the Google Search experience.

In a recent live demo, Google demonstrated that Bard came up with ideas for a child’s bunny-themed birthday party and g