Welcome to this week’s Black Arrow Cyber Threat Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.

Top Cyber Stories of the Last Week

500 Million Attempted Ransomware Attacks (So Far) in 2021, With No Sign Of Slowing

So far, 2021 is stacking up to be the most costly and dangerous year on record for the volume of ransomware attacks, SonicWall said in a new report.

The security provider has logged nearly 500 million attempted ransomware attacks through September, 2021, with 1,748 attempts per customer in that nine-month period. The overall total of 495 million to date amounts to a 148 percent surge as compared to the same period last year. SonicWall expects to record 714 million attempted ransomware attacks by the close of 2021, a 134 percent skyrocket over last year’s totals. https://www.msspalert.com/cybersecurity-research/500-million-attempted-ransomware-attacks-so-far-in-2021/

Top 10 Ways Attackers Are Increasing Pressure On Their Ransomware Victims To Pay

Sophos researchers have detailed how ransomware attackers are implementing a wide range of ruthless pressure tactics to persuade victims to pay the ransom.

Their research is based on evidence and insight from a team of 24/7 incident responders who help organisations under active cyberattack. It highlights the shift in ransomware pressure techniques from solely encrypting data to including other pain points, such as harassing employees.

Since organisations have become better at backing up their data and restoring encrypted files from backups, attackers are supplementing their ransom demands with additional extortion measures that increase the pressure to pay.

For example, the Sophos Rapid Response team has seen cases where attackers email or phone a victim’s employees, calling them by their name and sharing personal details they’ve stolen – such as any disciplinary actions or passport information – with the aim of scaring them into demanding their employer pays the ransom. This kind of behavior shows how ransomware has shifted from a purely technical attack targeting systems and data into one that also targets people. https://www.helpnetsecurity.com/2021/11/04/attackers-pressure-ransomware-victims/

40% Of Organisations Suffered A Cloud-Based Data Breach In The Past 12 Months

Despite increasing cyber attacks targeting data in the cloud, 83% of businesses are still failing to encrypt half of the sensitive data they store in the cloud, raising even greater concerns as to the impact cyber criminals can have. 40% of organisations have experienced a cloud-based data breach in the past 12 months, according to a study conducted by 451 Research.

Cloud adoption is on the rise and businesses are continuing to diversify the way they use cloud solutions. Globally, 57% of respondents reported they make use of two or more cloud infrastructure providers, whilst 24% of organisations flagged that the majority of their workloads and data now reside in the cloud. https://www.helpnetsecurity.com/2021/11/02/experienced-cloud-based-data-breach/

Midsize Business Cyber Attacks: A Security Reality Check

Ransomware bombshells hit large enterprises. Carpet-bomb cyberattacks target MSP software supply chains and their small business customers. But what’s the state of cybersecurity among midsize businesses?

Actually, that landscape also faces its share of digital bombshells. Indeed, nearly two in three midsize organisations have suffered a ransomware attack in the past 18 months and 20 percent of them spent at least $250,000 to recover from it, according to research by UncommonX, an MSSP that leans heavily on its own SaaS-based solutions..

The Chicago-based MSSP’s newly released State of Cybersecurity for Midsize Organisations found that smaller companies are often not properly prepared to fend off a cyber attack nor do they engage in adequate network monitoring. In short, cybersecurity is often not enough of a priority within midsize companies. https://www.msspalert.com/cybersecurity-news/midsize-business-cyberattacks-a-security-reality-check/

70% Of Dev Teams Admit To Skipping Security Steps

According to a new study by Invicti Security, 70% of development teams always or frequently skip security steps due to time pressures when completing projects. This explains why, in the average organisation, 33% of security issues in remediation at any given time come from production code.

Security and development teams spend every day inside a catch-22: relentless demand for continued digital innovation amid increasing security threats to a sprawling attack surface. While there are some bright spots emerging on the road to secure innovation, these professionals are stressed — and too often make bad choices. https://venturebeat.com/2021/10/27/report-70-of-dev-teams-admit-to-skipping-security-steps/

79% Of IT Teams Have Seen Increase In Endpoint Security Breaches

According to a new report by HP Wolf Security, 79% of IT teams have seen an increase in rebuild rates, indicating that hackers are becoming more successful at breaching the endpoint and compromising organisations’ devices and data.

This sudden increase in rebuild rates is particularly affecting enterprises with 1,000 employees or more — organisations of this kind have the highest average number of rebuilds per month at 67.3. The study also highlights that employees are clicking on more malicious emails. Whether this is because people are less vigilant working from home or because they find it harder to determine what is safe to open, the rising number of rebuilds suggests that hackers have become more successful at breaching the endpoint through malicious links. https://venturebeat.com/2021/10/28/report-79-of-it-teams-have-seen-increase-in-endpoint-security-breaches/

Enterprises With Subsidiaries More Prone To Cyber Attacks, Study Says

Global enterprises with multiple subsidiaries are more exposed to cybersecurity threats and have more difficulty managing risk than companies with no, or fewer, subsidiaries, according to an Osterman Research report commissioned by CyCognito.

The study surveyed 201 organisations with at least 10 subsidiaries and at least 3,000 employees or $1 billion in annual revenue.

Despite being extremely confident about running effective subsidiary risk management, about 67% of respondents said their organisations had either experienced a cyberattack where the attack chain included a subsidiary, or that they lacked the ability or information to rule out the possibility.

About half of the respondents acknowledged that they wouldn't be surprised if a cyberbreach were to occur "tomorrow." https://www.csoonline.com/article/3639014/enterprises-with-subsidiaries-more-prone-to-cyberattacks-study-says.html

Cisco Talos Reports New Variant Of Babuk Ransomware Targeting Exchange Servers

Cisco Talos has a warning out for companies about a new variant of the Babuk ransomware. The security researchers discovered the campaign in mid-October and think that the variant has been active since July 2021. The new element in this attack is an unusual infection chain technique.

The researchers think that the initial infection vector is an exploitation of ProxyShell vulnerabilities in Microsoft Exchange Server through the deployment of China Chopper web shell.

Babuk can affect several hardware and software platforms but this version is targeting Windows. The ransomware encrypts the target's machine, interrupts the system backup process and deletes the volume shadow copies. https://www.techrepublic.com/article/cisco-talos-reports-new-variant-of-babuk-ransomware-targeting-exchange-servers/

Ransomware Gangs Target Corporate Financial Activities

The FBI is warning about a fresh extortion tactic: threatening to tank share prices for publicly held companies.

Ransomware gangs are zeroing in on publicly held companies with the threat of financial exposure in an effort to encourage ransom payments, the FBI is warning.

In an alert issued this week the Bureau said that activity over the course of the past year shows a trend toward targeting companies when they’re coming up to “significant, time-sensitive financial events,” such as quarterly earnings reports and mandated SEC filings, initial public offerings, M&A activity, and so on. The idea is to ratchet up the extortion thumb-screws by threatening to leak stolen information relevant to these events if the target doesn’t pay up.

Impending events that could affect a victim’s stock value, such as announcements [or] mergers and acquisitions, encourage ransomware actors to target a network or adjust their timeline for extortion. https://threatpost.com/ransomware-corporate-financial/175940/

Web Of Deceit: The Rising Threat Of Ransomware

With payouts of almost £260m last year alone, it has become the biggest – and easiest – money-earner available to hackers.

Heists at famous jewellers usually involve masked men, guns, shouting and terrified staff and customers. That was indeed the scene in August 2009 at the London branch of Graff, the famous diamond merchants, when a gang stole around £40million worth of jewels. They were caught not long after.

But the latest heist on Graff, revealed recently, was quieter. No guns, no masks, no shouting. Instead the company – which supplies a dizzying parade of top-name stars such as the Beckhams, Tom Hanks and Tamara Ecclestone – faced a demand, displayed on a computer screen, for millions of pounds, payable to a group of Russian hackers.

Graff, like hundreds of companies around the world, had been hit by “ransomware”: an attachment to an email delivered a malicious program which let in hackers, who scrambled all the files on its computer systems using an uncrackable computer code, for which they had the digital “key”.

They’d hand it over in exchange for a payment worth millions of pounds in untraceable cryptocurrency such as bitcoin, where transactions are made between digital “wallets” that do not pass through any bank and are not tied to any identity.

Without the key, the systems are useless. The option is to restore the system from backups – but frequently the hackers will have targeted those too. https://www.telegraph.co.uk/news/2021/11/06/web-deceit-rising-threat-ransomware/

While Businesses Are Ramping Up Their Risk Mitigation Efforts, They Could Be Doing More

Zurich North America and Advisen have released a survey of corporate risk managers and insurance buyers revealing current views about information security and cyber risk management.

The survey results indicate that risk professionals are increasingly aware of their intensifying cyber risks and the need to manage them using risk mitigation and risk transfer. However, a deeper dive into the numbers found that there is much room for improvement in building cyber resilience.

Sixty-five percent of respondents have invested in cyber security solutions to mitigate risk, which means that 35 percent of respondents still have not. https://www.helpnetsecurity.com/2021/11/03/gaps-risk-mitigation-efforts/

Threats

Ransomware

• Ransomware Attacks Increased 148% In Q3 2021, Showing No Sign Of Slowing - Help Net Security

• Conti Group Leak Celebs’ Data After Ransom Attack on Jeweller - Infosecurity Magazine (infosecurity-magazine.com)

• Babuk Ransomware Seen Exploiting ProxyShell Vulnerabilities | SecurityWeek.Com

• Toronto Subways Hit By Ransomware As US Lawmakers Slam 'Burdensome' Cyber Security rules | ZDNet

• FBI Says Ransomware Gangs Are Using Future Merger And Acquisition Info To Pressure Victims - The Record By Recorded Future

• BlackMatter Ransomware Moves Victims To LockBit After Shutdown (Bleepingcomputer.Com)

Phishing

• Phishing Attack Blends Spoofed Amazon Order and Fraudulent Customer Service Agents (darkreading.com)

Other Social Engineering

• Consumers Warned About Rise in Call Center Threats - Infosecurity Magazine (infosecurity-magazine.com)

• “Customer Complaint” Email Scam Preys On Your Fear Of Getting Into Trouble At Work – Naked Security (Sophos.Com)

• Voice Phishing Attack Spoofs Amazon To Steal Credit Card Information - Techrepublic

Malware

• Stealthier Version Of Mekotio Banking Trojan Spotted In The Wild (Bleepingcomputer.Com)

• 77% Of Rootkits Are Used For Espionage Purposes - Help Net Security

Mobile

• Why You Should Delete Google Chrome On Your Phone (forbes.com)

• Phishing Attacks Are Harder To Spot On Your Smartphone. That's Why Hackers Are Using Them More | ZDNet

• Android Patches Actively Exploited Zero-Day Kernel Bug | Threatpost

• Stealthy Trojan That Roots Android Devices Makes Its Way On App Stores | CSO Online

• Android Hit By AbstractEmu Malware • The Register

Vulnerabilities

• Apple macOS Flaw Allows Kernel-Level Compromise | Threatpost

• BrakTooth Bluetooth Bugs Bite: Exploit Code, PoC Released | Threatpost

• Get Patching: Cisco Warns Of These Critical Product Vulnerabilities | ZDNet

• 50% Of Internet-Facing Gitlab Installations Are Still Affected By A RCE Flaw - Security Affairs

• Critical RCE Vulnerability Reported in Linux Kernel's TIPC Module (thehackernews.com)

Data Breaches/Leaks

• UK Labour Party Blames Breach Of Members’ Data On Third-Party Cyber Attack | Techcrunch

• Medical School Exposes Personal Data Of Thousands Of Students | ZDNet

Cryptocurrency/Cryptojacking

• Squid Game Crypto Scammers Rip Off Investors for Millions | Threatpost

• Threat Actors Stole $55m Worth Of Cryptocurrency From bZx DeFi Platform - Security Affairs

OT, ICS, IIoT and SCADA

• Keeping An Eye On Critical Infrastructure And Industrial Sys • The Register

Privacy

• Facebook Kills Its Facial Recognition System, Citing 'Societal Concerns,' Uncertain Rules From Regulators - CyberScoop

Parental Controls

• 44% of Parents Struggle to Follow Tech Rules They Set for Their Kids (darkreading.com)

• Annual Cost of Child Identity Fraud Almost $1Bn - Infosecurity Magazine (infosecurity-magazine.com)

Reports Published in the Last Week

• Report: More Than Half Of Organisations Do Not Effectively Defend Against Cyberattacks - TechRepublic

• Cyber Security Threat Landscape Growing In Sophistication, Complexity And Impact - Help Net Security

Other News

• Hackers Are Stealing Data Today So Quantum Computers Can Crack It In A Decade | MIT Technology Review

• Another Cyber Security Awareness Month Has Passed and Little Has Changed | SecurityWeek.Com

• Magecart Credit Card Skimmer Avoids VMs to Fly Under the Radar | Threatpost

• Organisations Seldom Prioritize Cyber Security Over Business Outcomes - Help Net Security

• Are Your Passwords On The Dark Web? How To Check What Leaked After A Data Breach - CNET

As usual, contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.

Look out for our weekly ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.

You can also follow us on Facebook, Twitter and LinkedIn.

Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.

Welcome to this week’s Black Arrow Cyber Threat Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.

Top Cyber Stories of the Last Week

Protect Your Passwords, Warns Spy Chief, As Ransomware Cyber Attacks Double

Ransomware cyber attacks doubled in the past year, the chief of GCHQ has revealed - as he warned Britain must “pay attention” to attacks from China.

Sir Jeremy Fleming, director of the cyber spy agency, called for more action to "sort out" ransomware attacks across the UK, adding it was not "rocket science".

He said such attacks have doubled in the last year, with hackers using software to lock files on computers and stop victims from accessing their own data.

This essentially holds them hostage until the hackers receive payment and then give a decryption key to the victim, so they can regain access.

‘Criminals are making very good money from it’

Sir Jeremy said ransomware "just pays" and added that "criminals are making very good money from it and are often feeling that that's largely uncontested".

While cautious of “keeping up” with security challenges alongside European partners, he said the immediate priority was tackling “links between criminal and state actors” to defeat ransomware, which he said “is no mean feat in itself”. https://www.telegraph.co.uk/news/2021/10/25/ransomware-cyber-attacks-double-year-reveals-spy-chief/

Graff Multinational Jeweller Hit by Conti Gang. Data of its Rich Clients Are At Risk, Including Trump and Beckham, as the Gang Threaten to Release Private Details of World Leaders, Actors and Tycoons

The latest attack of the Conti ransomware gang makes the headlines, the threat actors hit high society jeweller Graff and asked the payment of a multi-million ransom to avoid leaking details of world leaders, actors and tycoons.

The customers of the company are the richest people on the globe, including Donald Trump, David Beckham, Tom Hanks, Samuel L Jackson, Alec Baldwin, and Sir Philip Green.

As proof of the hack, the group already published on its leak site files related to purchases made by David Beckham, Oprah, and Donald Trump.

The Conti gang has already leaked 69,000 confidential documents, leaked files include customer lists, invoices, receipts, and credit notes. https://securityaffairs.co/wordpress/123980/cyber-crime/conti-ransomware-graff-jeweller.html

Business Email Compromise (BEC) Costs UK Firms £140M Over Past Year

Reported business email compromise (BEC) incidents have hit 4600 cases over the past 12 months, costing individuals and businesses £138m in losses, according to new figures from the UK’s National Economic Crime Centre (NECC).

The government body is working with the National Crime Agency (NCA), City of London Police, banking group UK Finance and fraud prevention non-profit Cifas on a new campaign to raise awareness of the crime, also dubbed “mandate fraud” or “payment diversion fraud.”

It claimed that the average amount lost over those 4600 cases was £30,000, with criminals typically impersonating others and creating or amending invoices to trick victims into diverting money to accounts under their control. https://www.infosecurity-magazine.com/news/bec-costs-uk-firms-140m-past-year/

Ransomware: It's A 'Golden Era' For Cyber Criminals - And It Could Get Worse Before It Gets Better

Ransomware is the most significant cybersecurity threat facing organisations today as increasingly professional and sophisticated cyber criminals follow the money in order to maximise the profit from illicit campaigns.

ENISNA, the European Union Agency for Cybersecurity, has released the latest edition of the ENISA Threat Landscape (ETL) report, which analyses cyber-criminal activity between April 2020 and July 2021. It warns of a surge in cyber criminality, much of it driven by the monetisation of ransomware attacks.

Although the paper warns that many different cybersecurity threats are on the rise, ransomware represents the 'prime threat' faced by organisations today, with a 150% rise in ransomware attacks during the reporting period. And there are fears that despite the problem of ransomware attracting the attention of world leaders, the problem will get worse before it gets better. https://www.zdnet.com/article/ransomware-its-a-golden-era-for-cyber-criminals-and-it-could-get-worse-before-it-gets-better/

Despite Increased Cyber Threats, Many Organisations Have No Defence Plans In Place

98% of US executives report that their organisations experienced at least one cyber event in the past year, compared to a slightly lower rate of 84% in non-US executives, according to a Deloitte survey.

Further, COVID-19 pandemic disruption led to increased cyber threats to US executives’ organisations (86%) at a considerably higher rate than non-US executives experienced (63%). Yet, 14% of US executives say their organisations have no cyber threat defence plans, a rate more than double that of non-US executives (6%).

The biggest fallout US execs report from cyber incidents or breaches at their organisations during the past year include operational disruption (28%), share price drop (24%), leadership change (23%), intellectual property theft (22%) and loss of customer trust (22%).

Increases in data management, perimeter and complexities (38%), inability to match rapid technology changes (35%) and a need for better prioritization of cyber risk across the enterprise (31%) all pose obstacles to US executives’ organisation-wide cybersecurity management programs.

“No CISO or CSO ever wants to tell organisational stakeholders that efforts to manage cyber risk aren’t keeping-up with the speed of digital transformations made, or bad actors’ improving tactics”. https://www.helpnetsecurity.com/2021/10/28/threat-defence-plans/

Serious Warning Issued For Millions Of Apple iPhone Users

While iPhone 13 sales continue to soar, iPhones owners have faced growing security threats, multiple App Store scams, potential privacy violations and zero day hacks. Now a shocking account of extreme iPhone hacking has been revealed.

In a remarkable report, New York Times senior reporter Ben Hubbard has revealed how his iPhone was hacked multiple times over a period of several years, and without any human interaction or knowledge the attacks were taking place. And the experience results in a stark warning: “the spyware used against me makes us all vulnerable”.

“It’s like being robbed by a ghost,” explains Hubbard, recounting the experience. “I didn’t even have to click on a link for my phone to be infected.” https://www.forbes.com/sites/gordonkelly/2021/10/27/apple-iphone-warning-pegasus-hack-upgrade-ios-15-security/

Ransomware Attacks Are Evolving. Your Security Strategy Should, Too

Ransomware is an intensifying problem for all organisations, and it’s only going to get worse. What started as a floppy disk-based attack with a $189 ransom demands has grown from a minor inconvenience for organisations into a multi-billion dollar cyber crime industry.

The organisational threat of these types of attacks goes well beyond encryption of sensitive or mission-critical data – for many companies, the thought of a breach and data becoming publicly available on the internet makes a high ransom seem worth it. No wonder ransomware is on the rise: Organisations pay an average of $220,298 and suffer 23 days of downtime following an attack. https://threatpost.com/ransomware-attacks-evolving-security-strategy/175835/

Solarwinds Hackers Are Targeting The Global IT Supply Chain, Microsoft Says

The Russian-linked hacking group that’s been blamed for an attack on the US government and a significant number of private US companies last year is targeting key players in the global technology supply chain, according to cybersecurity experts at Microsoft.

Nobelium, as the hacking group is known, is infamous for the SolarWinds hack.

On Monday, Tom Burt, Microsoft corporate vice president of customer security and trust, said Nobelium has “been attempting to replicate the approach it has used in past attacks by targeting organisations integral to the global IT supply chain.”

“This time, it is attacking a different part of the supply chain: resellers and other technology service providers that customize, deploy and manage cloud services and other technologies on behalf of their customers” https://www.cnbc.com/2021/10/25/solarwinds-hackers-targeting-global-it-supply-chain-microsoft-says.html

Defenders Worry Orgs Are More Vulnerable Than Last Year

Enterprise security defenders find themselves in a rough spot: The number of threats against their organisations is growing and that they're vulnerable to attacks. Data from Dark Reading's 2021 Strategic Security Survey suggest that even though most IT and security leaders are confident about the security defences they have implemented, they also believe their organisations are more vulnerable to attacks compared with a year ago.

The reasons for this pessimism vary. For 67% of respondents, the biggest concern lies in the fact that there are more attacks this year than there were last year. However, 56% say the increased sophistication of the threats they are facing is why their organisations are more vulnerable to compromise. Other reasons include the surge in ransomware attacks and shortage of skilled security professionals to detect and respond to threats. https://www.darkreading.com/edge-threat-monitor/defenders-worry-orgs-are-more-vulnerable-than-last-year

Threats

Ransomware

• These Companies Are Most at Risk for Ransomware Attacks | PCMag

• Ransomware: How Bad Is It Going To Get? - Help Net Security

• As Fewer Victims Pay Ransoms, Conti Gang Looks To Sell Victim Data | Sc Media (Scmagazine.Com)

• Europol Announces “Targeting” Of 12 Suspects In Ransomware Attacks – Naked Security (Sophos.Com)

• Police Arrest Suspected Ransomware Hackers Behind 1,800 Attacks Worldwide (thehackernews.com)

• SEO Poisoning Used to Distribute Ransomware (darkreading.com)

• FBI Warns Of Ranzy Locker Ransomware Threat, As Over 30 Companies Hit (Tripwire.Com)

• Ransomware Has Disrupted Almost 1,000 Schools in the US This Year (vice.com)

• Chaos Ransomware Targets Gamers Via Fake Minecraft Alt Lists (Bleepingcomputer.Com)

Phishing

• These Phishing Emails Use QR Codes To Bypass Defences And Steal Microsoft 365 Usernames And Passwords | ZDNet

• Phishing as a Ransomware Precursor - MSP Insights - MSSP Alert

• Teen Rakes in $2.74M Worth of Bitcoin in Phishing Scam | Threatpost

Other Social Engineering

• How Deepfakes Enhance Social Engineering And Authentication Threats, And What To Do About It | CSO Online

Malware

• Squid Game Malware Might Be The Scariest Thing You See This Halloween | Techradar

• TA575 Criminal Group Using 'Squid Game' Lures For Dridex Malware | ZDNet

• Snake Malware Biting Hard On 50 Apps For Only $25 (Bleepingcomputer.Com)

• New WSlink Malware Loader Runs as a Server and Executes Modules in Memory (thehackernews.com)

Mobile

• 6 Ways Your Cell Phone Can Be Hacked—Are You Safe? (makeuseof.com)

• Millions Of Android Users Targeted In Subscription Fraud Campaign (Bleepingcomputer.Com)

• New AbstractEmu Malware Roots Android Devices, Evades Detection (Bleepingcomputer.Com)

IOT

• Cyber Criminals Take Aim at Connected Car Infrastructure (darkreading.com)

Vulnerabilities

• All Windows Versions Impacted By New LPE Zero-Day Vulnerability (Bleepingcomputer.Com)

• Google Releases Urgent Chrome Update to Patch 2 Actively Exploited 0-Day Bugs (thehackernews.com)

• Adobe's Surprise Security Bulletin Dominated by Critical Patches | Threatpost

• WordPress Plugin Bug Lets Subscribers Wipe Sites | Threatpost

• Over 1 Million WordPress Sites Affected by OptinMonster Plugin Flaws - Security Affairs

• Cisco SD-WAN Flaw Could Lead To Arbitrary Code Execution, Patch It Now! Security Affairs

Data Breaches/Leaks

• Millions Of Healthcare Records Reportedly Exposed In Mega Data Breach | Techradar

• Location Data Collection Firm Admits Privacy Breach - BBC News

• HIV Scotland Reveals Patient-Advocates' Names In Email Fail • The Register

Organised Crime & Criminal Actors

• Suspected Trickbot Malware Developer Faces 60 Years in Jail - Infosecurity Magazine (infosecurity-magazine.com)

• Reading INTERPOL the African Cyberthreat Assessment Report 2021 - Security Affairs

Dark Web

• Police Arrest 150 Dark Web Vendors Of Illegal Drugs And Guns (Bleepingcomputer.Com)

Supply Chain

• The SolarWinds Hackers Are Looking for Their Next Big Score | WIRED

• North Korean Lazarus Attackers Turn to the IT Supply Chain | Threatpost

• 6 Eye-Opening Statistics About Software Supply Chain Security (darkreading.com)

Nation State Actors

• North Korea-linked Lazarus APT targets the IT supply chainSecurity Affairs

• Microsoft Says Russia Hacked At Least 14 IT Service Providers This Year - The Record By Recorded Future

Other News

• All Sectors Are Now Prey as Cyber Threats Expand Targeting | Threatpost

• Attack The Block – How A Security Researcher Cracked 70% Of Urban WiFi Networks In One Hit | The Daily Swig (Portswigger.Net)

• Microsoft Warns Over Uptick In Password Spraying Attacks | ZDNet

• Increased Risk Tolerances Are Making Digital Transformation Programs Vulnerable - Help Net Security

• MITRE and CISA Publish The 2021 List of Most Common Hardware Weaknesses - Security Affairs

• Enterprises Allocating More IT Dollars on Cybersecurity (darkreading.com)

• Cyber-Attack Hits UK Internet Phone Providers - BBC News

• Despite Spending Millions On Bot Mitigation, 64% Of Organisations Lost Revenue Due To Bot Attacks - Help Net Security

• Threat Actor Leaks Mercedes-Benz Platform’s Source Code | CyberNews

As usual, contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.

Look out for our weekly ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.

You can also follow us on Facebook, Twitter and LinkedIn.

Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.