X-Industry

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People’s Republic of China (PRC) state-sponsored cyber actors are seeking to pre-position themselves on IT networks for disruptive or destructive cyberattacks against US critical infrastructure in the event of a significant crisis or conflict with the United States.[1]

CISA, NSA, FBI and the following partners are releasing this advisory to warn criti

Valentine's Day is a time when many people feel particularly vulnerable, but others also feel generous and giving. This makes it the perfect time for cybercriminals and fraudsters to operate. 

The Cyber Helpline https://www.lighthousevictimcare.org/organisation/the-cyber-helpline/, a UK charity led by volunteers and staff from the cybersecurity industry, has expanded to the USA to support those experiencing cybercrime and online harm. The charity expects a considerable increase in online relatio

Fortinet has disclosed a new critical security flaw in FortiOS SSL VPN that it said is likely being exploited in the wild.  The vulnerability, CVE-2024-21762 (CVSS score: 9.6), allows for the execution of arbitrary code and commands.  "An out-of-bounds write vulnerability [CWE-787] in FortiOS may allow a remote unauthenticated attacker to execute arbitrary code or command via specially crafted HTTP requests," the company said in a bulletin released last week.

It further acknowledged that the iss

The Colonial Pipeline ransomware infection has become a cautionary story about how ‘borking’ critical infrastructure can cause real-world pain, with fuel shortages leading to long lines and fistfights breaking out at gas stations.  Or as Jen Easterly, boss of the US Cybersecurity and Infrastructure Security Agency, warned Congress recently, "Societal panic and chaos."

The CISA Director and other security and law enforcement chiefs stressed the reality in which nation-states operating against Ame

Swedish astronaut Marcus Wandt took control of a series of robots in Germany while on board the International Space Station, zipping around the Earth at 28,000 kilometers per hour (17,500 mph.) Researchers want to understand how time delays can affect the remote control of robots from an orbiting platform. Future astronauts could control rovers on the moon or Mars from a spacecraft in orbit. Until now, only wheeled rovers have been part of the tests, but now they have added a dog-like robot call

It has been reported that three million electric toothbrushes have been hacked and abused for a highly disruptive distributed denial-of-service (DDoS) attack, but cybersecurity experts have rushed to question the claims. The Swiss German-language daily newspaper Aargauer Zeitung published an article describing the alleged attack on 30 January 2024.  According to a machine translation of the article, cybercriminals installed malware on three million electric toothbrushes and used the compromised

The expression “drop a dime” usually refers to informing the police or other investigators about someone’s illegal activity. Still, it is sometimes used for more general and less severe circumstances whenever someone informs on another person’s infractions.  The young readers may not know how a dime was used in the previous century, before the advent of cell phones.  On almost every corner in the US, there was a coin-operated telephone, and anyone with 10 cents or a dime (no pennies) could make

Is nothing sacred?  Criminal hackers have reached a new low.  The Municipality of Korneuburg in Austria said it was hit by a ransomware attack, leading to funerals reportedly being canceled and the town hall informing residents its staff can only be reached via telephone.  The small town on the banks of the Danube a few kilometers north of Vienna has a population of under 13,000 people.  In a statement on the municipality’s website, the town hall said its technical department was “working hard t

As more than 65,000 football fans descend on Allegiant Stadium in Las Vegas, Nevada, for Super Bowl LVIII, attractive targets for cybercriminals and hackers.  The major sporting events like the Super Bowl face elevated cyber risks due to the proliferation of connected networks and devices used by venues, teams, vendors, media, and attendees.  This year, the US Department of Homeland Security (DHS) is working closely with partners to assess and strengthen cyber protections.  "There are no known,

Hackers from the People's Republic of China spent up to five years in US networks as part of a cyber operation that targeted US critical infrastructure, law enforcement and international agencies said earlier this week.  "The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI) assess that People's Republic of China (PRC) state sponsored cyber actors are seeking to preposition themselves on IT networks for disruptive o

Author Mercy Kuo often engages subject-matter experts, policy practitioners, and strategic thinkers across the globe for their diverse insights into US Asia policy.   This article highlights a conversation with Christopher R. O’Dea, adjunct fellow at Hudson Institute and author of the forthcoming book “Ships of State: China’s New Maritime Empire,” is the 400th in “The Trans-Pacific View Insight Series.”

How are China’s shipping companies serving the Chinese state?  Beijing’s state-owned shipping

A Houston woman is going to prison for her role in an elaborate scheme that included hundreds of thousands of fake paper license plates.  Leidy Hernandez Lopez, 43, pleaded guilty to buying and selling fraudulent Texas-issued temporary buyer tags for cars in and outside of Texas.[1]

Earlier this week, a US District Judge ordered Lopez to serve 30 months in federal prison followed by three years of supervised release.  The court also ordered Hernandez Lopez to pay restitution to the Texas Departm

Attackers are abusing Microsoft Teams to send phishing messages, according to researchers at AT&T Cybersecurity.  “While most end users are well-acquainted with the dangers of traditional phishing attacks, such as those delivered via email or other media, a large proportion are likely unaware that Microsoft Teams chats could be a phishing vector,” the researchers write.  “Most Teams activity is intra-organizational, but Microsoft enables External Access by default, which allows members of one or

• December 2022: Rifle fire damages two electrical substations in Moore County, North Carolina, cutting power to more than 40,000 customers. Neither the attackers or their motives have been identified.
• February 2023: A man and a woman, one an avowed neo-Nazi, are charged with conspiracy to take down Baltimore’s power grid through attacks on electrical substations, to cause chaos in that Maryland city.
• April 2023: Scandinavian authorities warn that Russia is using “ghost ships” disguised as fishi

Following fears that Ford’s electric vehicle supply chain may represent a national security issue, concerned legislators are doubling down by outlining the path battery components are required to take vehicles to get here.  Last week, US Rep. Mike Gallagher (R-WI) and Cathy McMorris Rodgers (R-WA) accused Ford of having plans that required contracting technology and software firms with close ties to both the Chinese and North Korean governments.  Rep. Gallagher heads up the House Select Committe

Russian citizens could not access the majority of websites on the country’s .ru domain for several hours on 30 January, including the Yandex search engine, the VKontakte social media platform, the major state-owned bank Sberbank and various news outlets.

The outage was reportedly caused by a technical problem with the .ru domain’s global Domain Name System Security Extensions, or DNSSEC.  It appeared to be unintentional, unlike other recent blackouts of Russian internet services, which observers

The Digital Container Shipping Association (DCSA) is reporting that as container shipping is undergoing its digital trade transition, digital identity is a pivotal element.  A digital identity functions as an online representation for individuals, organizations or devices, uniquely identifying and authenticating them in the digital realm.

The verification of digital identity, as this crucial online representation, is a vital business process. Its significance extends beyond mitigating risks such

The US FBI and US Department of Justice (DOJ) have used a court order to address vulnerabilities in thousands of internet-connected devices that are at the center of a Chinese hacking campaign.  The campaign is targeting sensitive US critical infrastructure, two US officials and a third source familiar with the matter reported to media.

The move is part of a broader, government-wide effort to blunt the impact of a persistent Chinese hacking effort that US officials fear could hinder any US milit

French multinational Schneider Electric is reporting that its Sustainability Business division suffered from a ransomware attack earlier this month.  The company confirmed the incident in a statement this week that the attack affected its Resource Advisory product, a data visualization tool for sustainability information, as well as other “division specific systems.”

Schneider Electric said that data was accessed by the hackers.[1]  Bleeping Computer, which first reported the incident, said the

In the realm of cyber security, the objective is to shield systems, networks, and software applications from digital assaults. These digital threats typically have the intentions of either evaluating, altering, or compromising confidential data, extracting money from users, or disrupting regular business operations. The task of establishing robust cyber security defenses presents a formidable challenge in the contemporary landscape, chiefly due to the proliferation of devices surpassing the huma