X-Industry

The US oilfield services firm Halliburton reported on 21 August 2024 that it was hit by a cyber-attack. Halliburton said it was aware of an issue affecting certain systems at the company and was working to determine the cause and impact of the problem. A spokesperson said in an emailed statement that the company was also working with "leading external experts" to fix the issue.

The attack appeared to impact business operations at the company's north Houston campus and some global connectivity ne

Recent examination has connected a string of assaults against vital infrastructure in the US and India to the Chinese state-sponsored hacker collective Volt Typhoon.   These assaults, which took use of flaws in software created by a startup company in California, have sparked concerns about the vulnerability of vital systems including communications networks, water facilities, and the electrical grid.  The fact that US agencies are still on high alert despite denials from the Chinese government

Xeon Sender (aka XeonV5, SVG Sender) is a cloud attack tool that can be used to send Short Message Service (SMS) messages en masse to conduct spam and phishing (aka smishing) campaigns.  Attackers can use Xeon to send messages through multiple software-as-a-service (SaaS) providers using valid credentials for the service providers.  There are no weaknesses on the service provider side that are leveraged for these attacks; rather, the tool uses legitimate APIs to enable bulk SMS spam attacks.

The

Last week, AutoCanada, a major Canadian car dealership, disclosed a cyber-attack that may result in disruptions.  The incident was discovered on 11 August 2024, and it impacted some internal IT systems, the company reported.  “Immediately upon detecting the incident, AutoCanada took action to safeguard its network and data.  This included engaging with leading cybersecurity experts to assist us with containment and remediation efforts and conducting a thorough investigation to understand the sco

The staff at a poultry factory in Norfolk, UK have had their personal details stolen in a recent cyber-attack.  Banham Poultry, based in Attleborough, UK said cyber criminals had remotely accessed its system in the early hours of 18 August.  In an email sent to staff the company said information such as National Insurance numbers, copies of passports and bank details were accessed.

The company said it was providing staff with advice, credit monitoring and fraud detection following the security b

A recent Chainalysis report indicates that 2024 is set to be the highest-grossing year for ransomware payments.  2023 is the current record holder in that regard, surpassing the $1 billion dollar mark, which was an interesting development given the significant decline in ransomware payments that occurred in 2022.  In the chart we have below, we can see a clear trendline indicating an increasing trend since 2019.  In hindsight, it may be more useful to view 2022 as an anomaly.  The mid-year total

The Oregon Zoo in Portland, OR, one of the state's top tourist attractions, has announced a data breach that may have exposed the payment card information of more than 117,000 visitors.  The zoo discovered suspicious activity within its online ticketing service on 26 June 2024, as stated in a notice sent to affected individuals. An investigation subsequently determined that an unauthorized actor had been redirecting customer transactions from the third-party vendor processing online ticket purch

Cyberattacks on railway systems have increased by more than 200 percent in the last five years, with incidents increasing worldwide over the last decade.

"We've seen a 220% increase in railway-associated cyberattacks over the last five years," said Col. Cedric Leighton, CNN Military Analyst; USAF (Ret.); Chairman, Cedric Leighton Associates, LLC. "In fact, over a 10-year period, we've seen cyber incidents impacting railway systems in countries as diverse as Belgium, France, Poland, the Czech Rep

The introduction of Generative AI (GenAI) promises unprecedented innovation and efficiency across industries.  From automating routine tasks to enhancing decision-making processes, GenAI is transforming the business landscape.  However, as with many groundbreaking technologies, it introduces a new spectrum of cybersecurity risks that must be diligently managed.  Understanding and mitigating these risks is crucial for businesses seeking to harness the power of GenAI while safeguarding their asset

FortiGuard Labs recently encountered an ongoing ValleyRAT campaign specifically targeting Chinese speakers.  This malware has historically targeted e-commerce, finance, sales, and management enterprises.  ValleyRAT is a multi-stage malware that utilizes diverse techniques to monitor and control its victims and deploy arbitrary plugins to cause further damage.  Another noteworthy characteristic of this malware is its heavy usage of shellcode to execute its many components directly in memory, sign

The potential for artificial intelligence (AI) humanoid robots in factories and stores is debated among experts on the future of work and commerce.  While companies explore humanoid robots for tasks from assembly to customer service, opinions vary widely on their adoption rate and implications.  The consensus among experts leans toward gradual integration rather than rapid revolution, with key challenges in technology development, workforce adaptation, and customer acceptance still to be overcom

As the US National Elections are coming quickly, all US eyes are on Russia and Iran to watch for an increase of cyber-attacks, aimed at the election process.  Russia remains the top source of troll networks disrupted on Facebook and Instagram, with Iran close behind, according to a threat report by social media giant Meta.  The company’s latest quarterly review, released on Thursday, states it has disrupted 39 covert influence operations originating in Russia since 2017, followed by 30 from Iran

Russia's Kursk region was hit by a “massive” distributed denial-of-service (DDoS) attack on 15 August amid Ukraine’s surprise cross-border incursion, Kursk state officials said in a statement.  The unnamed hackers targeted government and business websites, as well as critical infrastructure services, making some of them temporarily unavailable, state media reported.

Data shared by Internet monitoring service NetBlocks shows “sporadic disruptions to internet connectivity in and around Kursk,” lik

AutoCanada https://www.autocan.ca  a major Canadian car dealership, this week disclosed a cyberattack that may result in some disruptions. The incident was discovered on 11 August 2024, and it impacted some internal IT systems, the company reported.

See:  https://redskyalliance.org/xindustry/north-american-auto-dealers-impacted

“Immediately upon detecting the incident, AutoCanada took action to safeguard its network and data. This included engaging with leading cybersecurity experts to assist us

Security researchers at Palo Alto Networks have spotted a threat actor extorting organizations after compromising their cloud environments using inadvertently exposed environment variables. As part of the large-scale extortion campaign, Palo Alto Networks warned that the attackers targeted 110,000 domains through exposed .env files containing sensitive information, which were stored on unsecured web applications and misconfigured servers.  These .env files allow organizations to define configura

The US Cybersecurity and Infrastructure Security Agency (CISA) has disclosed that threat actors are abusing the legacy Cisco Smart Install (SMI) feature to access sensitive data.  The agency said it has seen adversaries "acquire system configuration files by leveraging available protocols or software on devices, such as abusing the legacy Cisco Smart Install feature."  It also said it continues to observe weak passwords used on Cisco network devices, thereby exposing them to password-cracking at

Microsoft was anxious to put generative AI at the heart of its systems.  Ask a question about an upcoming meeting, and the company’s Copilot AI system can pull answers from your emails, Teams chats, and files, a potential productivity boon.  However, these exact processes can also be abused by hackers.   On 08 August 2024, at the Black Hat security conference in Las Vegas, researcher Michael Bargury demonstrated five proof-of-concept ways that Copilot, which runs on its Microsoft 365 apps, such

Cyber-spies suspected of connections with China have infected "dozens" of computers belonging to Russian government agencies and IT providers with backdoors and trojans since late July, according to Kaspersky.  The Russia-based security biz claimed the malware used in the ongoing, targeted attacks, called EastWind, has links to two China-nexus groups tracked as APT27 and APT31. 

After gaining initial access to their victims' devices via phishing emails, the attackers used various cloud services

The phrase “practice makes perfect” is usually reserved for humans, but it is also a great maxim for robots newly deployed in unfamiliar environments.  Think of a robot arriving in a warehouse. It comes packaged with the skills it was trained in, like placing an object, and now it needs to pick items from a shelf it is not familiar. At first, the machine struggles with this, since it needs to get acquainted with its new surroundings. To improve, the robot will need to understand which skills wit

The US Cybersecurity and Infrastructure Security Agency (CISA) has taken a pioneering step in the realm of artificial intelligence and cybersecurity by appointing its first Chief Artificial Intelligence Officer, and it is not a computer, Lisa Einstein.  This position, announced on 01 August 2024, underscores the growing importance of AI in national security and sets a precedent that other organizations may soon follow.

Einstein has served as CISA's Senior Advisor for AI since 2023 and as the Exe