Welcome to this week’s Black Arrow Cyber Threat Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities and cyber related news from the last week.

Top Cyber Stories of the Last Week

Cyber Crime Could Cost The World $10.5 Trillion Annually By 2025

In a world that is becoming increasingly reliant on technology, cyber security is an extremely important priority for entrepreneurs and small and medium-sized businesses. And it's become even more essential in the wake of the pandemic. In June 2020, a report revealed that small and medium-sized businesses were at an especially high risk of data breaches and cyber attacks during the pandemic.

https://www.entrepreneur.com/article/364015

119,000 Threats Per Minute Detected In 2020

The number of cyber-threats identified and blocked by Trend Micro rose by 20% in 2020 to more than 62.6 billion. Averaging out at 119,000 cyber-threats per minute, the huge figure was included in the company's annual roundup, Email-borne threats such as phishing attacks accounted for 91% of the 62.6 billion threats blocked by Trend Micro last year. Nearly 14 million unique phishing URLs were detected by the company in 2020, with home networks a primary target.

https://www.infosecurity-magazine.com/news/119k-threats-per-minute-detected/

78% Of Top Security Leaders Say Their Organisations Are Unprepared For A Cyber Attack

Seventy-eight percent of senior IT and security leaders believe their organizations lack sufficient protection against cyber attacks. The high level of concern expressed by these leaders resulted in 91% of organizations increasing their cyber security budgets in 2021 — a figure that nearly matches the 96% that boosted IT security spending in 2020.

https://www.scmagazine.com/home/security-news/network-security/78-percent-of-top-security-leaders-say-their-organizations-are-unprepared-for-a-cyberattack/

UK Faced Millions Of Cyber Attacks Last Year

The UK faced millions of Covid-19-related cyber security threats last year, but generally managed to mitigate attacks effectively. A total of 16.4 million Covid-19-related threats were recorded last year, with four percent (563,571) identified in the UK. The US suffered the highest volume of attacks by a significant margin: more than 6.5 million. Germany was second with 2.3 million, and France rounded out the top three with just over one million attacks.

https://www.itproportal.com/news/uk-faced-millions-of-cyberattacks-last-year/

New Malformed URL Phishing Technique Can Make Attacks Harder To Spot

Warning of a new form of phishing attack that makes malicious messages more likely to get through filters and harder for the average person to detect by sight. By hiding phishing information in the prefixes of URLs, attackers can send what looks like a link to a legitimate website, free of misspellings and all, with a malicious address hidden in the prefix of the link.

https://www.techrepublic.com/article/new-malformed-url-phishing-technique-can-make-attacks-harder-to-spot/

Hackers Share Details Of Canadian Military Spy Plane On Dark Web

Hackers have shared details of a Canadian military spy plane after its manufacturers seemingly refused to pay a cyber ransom. Aerospace firm Bombardier, whose Global 6000 plane is used for Saab’s GlobalEye spy system, says it was the victim of a “limited cyber security breach.” That saw detailed plans of the airborne early warning system developed by the Swedish defence company Saab being dumped on the dark web site CLOP^_-LEAKS.

https://www.independent.co.uk/news/world/americas/hackers-spy-plane-bombardier-saab-b1807037.html

Cisco Points To New Tier Of APT Actors That Behave More Like Cyber Criminals

Cisco Talos suggests that maybe it is time to start thinking of hacker groups as more than either advanced persistent threat or criminal attackers. It is already well established that some APTs operate as criminals. Several international governments, including the United States, have identified North Korean state-sponsored hackers as stealing on behalf of the government, and other groups have been identified by vendors as state-sponsored groups with actors who occasionally freelance as criminals.

https://www.scmagazine.com/home/security-news/apts-cyberespionage/cisco-points-to-new-tier-of-apt-actors-that-behave-more-like-cybercriminals/

These Hackers Sell Network Logins To The Highest Bidder. And Ransomware Gangs Are Buying

A growing class of cyber criminals are playing an important role on underground marketplaces by breaching corporate networks and selling access to the highest bidder to exploit however they please. The buying and selling of stolen login credentials and other forms of remote access to networks has long been a part of the dark web ecosystem, but according to analysis by cyber security researchers, there has been a notable increase in listings by 'Initial Access Brokers' over the course of the past year.

https://www.zdnet.com/article/these-hackers-sell-network-logins-to-the-highest-bidder-and-ransomware-gangs-are-buying/

U.S. Calls North Korean Hackers ‘World’s Leading Bank Robbers’

North Korea was accused of being behind the 2014 hack of an internal computer network of Sony Pictures Entertainment Inc., an audacious attack that exposed Hollywood secrets and destroyed company data.

https://www.bloomberg.com/news/articles/2021-02-17/u-s-charges-3-north-koreans-linked-to-sony-hack-in-new-scheme

Sequoia Capital, One Of Silicon Valley's Most Notable VC Firms, Told Investors It Was Hacked

One of Silicon Valley's oldest and most venerable VC firms was hacked. Sequoia Capital told its investors on Friday that some personal and financial information may have been accessed by a third party after one of its employees fell victim to a successful. Phishing attack, according to a report in Axios Friday. Sequoia told investors that it has not yet seen any indication that compromised information is being traded or otherwise exploited on the dark web, Axios reported.

https://www.businessinsider.com/vc-firm-sequoia-capital-told-investors-it-was-hacked-2021-2?utmSource=twitter&utmContent=referral&utmTerm=topbar&referrer=twitter

Poor Hardware Disposal Practices Posing A Risk To Data Security

Many business leaders are not paying much attention to the way they dispose of old and obsolete hardware, opening their organizations up to possible data breaches. Of the 1,029 people polled for the report, a fifth said their employer disposed of various IT hardware over the last 12 months. However, less than half (40 percent) thought this hardware did not contain confidential data when it was disposed of.

https://www.itproportal.com/news/poor-hardware-disposal-pratice-posing-a-risk-to-data-security/

Threats

Ransomware

• Babuk- Latest new Ransomware

• Underwriters Laboratories (UL) certification giant hit by ransomware

• Ransomware Gang Says It's Selling Data from Cyber attack That California DMV Warned About

Phishing

• 10K Microsoft Email Users Hit in FedEx Phishing Attack

• Malformed URL Prefix Phishing Attacks Spike 6,000%

• NIST hints at upgrades to its system for scoring a phish’s deceptiveness

Malware

• Hackers are using Google Alerts to help spread malware

• New macOS malware discovered, but threat remains unknown

• Masslogger malware employs 'fileless' attack to steal Discord and other passwords

Mobile

• Apple's iOS 14.5 adds new security against nasty hackers

Vulnerabilities

• Critical RCE Flaws Affect VMware ESXi and vSphere Client — Patch Now

• Code-execution flaw in VMware has a severity rating of 9.8 out of 10

• Shadow Attacks Let Attackers Replace Content in Digitally Signed PDFs

• Recently fixed Windows zero-day actively exploited since mid-2020

• Cisco Warns of Critical Auth-Bypass Security Flaw

• Exploitation of Accellion File Transfer Appliance

• Clubhouse Chats Are Breached, Raising Concerns Over Security

Organised Crime

• This chart shows the connections between cyber crime groups

• The bitcoin blockchain is helping keep a botnet from being taken down

• New Hack Lets Attackers Bypass Mastercard Pin by Using Them As Visa Card

Dark Web

• Brave browser’s Tor mode exposed users’ dark web activity

OT, ICS, IIoT and SCADA

• 84% of CNI Orgs Experienced Cyber-Attacks in the Last Year

• Hackers Tied to Russia's GRU Targeted the US Grid for Years, Researchers Warn

• The U.S. Has Released the Most Comprehensive Catalog of North Korean Cyber Crimes Ever Made Public

Nation-State Actors

• Chinese Hackers Reportedly Wielded a Stolen NSA Cyber Weapon for Years

• US considers sanctions against Russia over SolarWinds hack

Denial of Service

• TDoS Attacks Take Aim at Emergency First-Responder Services

Privacy

• TikTok Agrees to Pay $92 Million to Settle Class-Action Lawsuit Alleging Privacy Violations

• ‘Millions of people’s data is at risk’ — Amazon insiders sound alarm over security

• Privacy Bug in Brave Browser Exposes Dark-Web Browsing History of Its Users

Reports Published in the Last Week

• 2021 Crowdstrike Global Threat Report

Other News

• Oxford lab studying the coronavirus was victim of a cyberattack

• Top 10 web hacking techniques of 2020

• SonicWall Was Hacked. Was It Also Extorted?

• The Internet Is Splintering

• The Anatomy of the SolarWinds Attack Chain

• Why non-human workers can increase security issues in your business

As usual, contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.

Look out for our weekly ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.

You can also follow us on Facebook, Twitter and LinkedIn.

Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.