Threat Intelligence Blog
Contact us to discuss any insights from our Blog, and how we can support you in a tailored threat intelligence report.
Black Arrow Cyber Threat Briefing 05 January 2024
Black Arrow Cyber Threat Intelligence Briefing 05 January 2024:
-A “Ridiculously Weak“ Password Causes Disaster for Spain’s Number 2 Mobile Carrier
-Russia Kyivstar Hack Should Alarm West, Ukraine Security Chief Warns
-23andMe Tells Victim It’s Their Fault Their Data Was Breached
-Financial Sector Faces More Cyber Attacks Than Other Sectors
-An Innocent-Looking Instagram Trend Could Be a Gift to Hackers
-Cyber Criminals Shared Millions of Stolen Records During Holiday Break
-Law Firm that Handles Data Breaches was Itself Hit by Data Breach
-Nigerian Hacker Arrested for Stealing Millions from Charities
-Cyber Criminals Implemented Artificial Intelligence for Invoice Fraud
-Shadow IT Threatens Corporate Cyber Security, Study Reveals
-Escalating Cyber Threats: Bots, Fraud Farms, and Cryptojacking Surge
-Putin has Declared a Cyber War on Britain
Welcome to this week’s Black Arrow Cyber Threat Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Top Cyber Stories of the Last Week
A “Ridiculously Weak“ Password Causes Disaster for Spain’s Number 2 Mobile Carrier
Spain’s second largest mobile operator, Orange España, suffered a major outage after an unknown party obtained a “ridiculously weak” password and used it to access an account for managing the network that delivers the company’s internet traffic. The attacker had posted the account they had compromised, and researchers found that the associated system had been infected with a Raccoon type infostealer back in September of 2023. The compromised account was Orange’s RIPE administrator account, with the password “ripeadmin”. The incident led to a 50% drop in connections for a 4 hour period, and underscores the critical importance of robust cyber security measures, including strong passwords, and serves as a stark reminder that even seemingly minor oversights can lead to significant disruptions.
Source: [Ars Technica]
Russia Kyivstar Hack Should Alarm the West, Ukraine Security Chief Warns
If Ukraine's core telephone network can be taken out, organisations in the West could easily be next, Ukraine's SBU chief says. December's cyber attack on Ukrainian telecommunications operator Kyivstar by Russian-backed threat actor ‘Sandworm’ dealt a catastrophic blow to the telecoms provider, according to Illia Vitiuk, head of the Security Service of Ukraine's (SBU) cyber security department. It is believed that although the attack took place in December 2023, the threat actors likely had access to Kyivstar systems since May 2023.
Source: [Dark Reading]
23andMe Tells Victims It’s Their Fault Their Data Was Breached
A cyber incident at DNA data firm 23andMe started with credential stuffing 14,000 user accounts. Credential stuffing is the process by which a malicious actor uses previously harvested usernames and passwords from earlier unrelated breaches to break into other sites and services. Many of the 14,000 accounts had opted-in for a feature whereby information is shared with relatives, which meant that once compromised, attackers had access to 6.9 million users: nearly half of the user base.
Facing over 30 lawsuits from victims, 23andMe is now blaming victims, according to letters seen by victims. 23andMe stated “users negligently recycled and failed to update their passwords following these past security incidents, which are unrelated to 23andMe”. This has caused divide in the cyber world; on one side, recycling and failing to update passwords is poor cyber hygiene and on the other hand, there are technical controls that could have better prevented this type of well known and common attack.
Source: [TechCrunch] [The Register]
Financial Sector Faces More Cyber Attacks Than Other Sectors
A recent study found that more than three-quarters (77%) of financial organisations detected an attack on their infrastructures in 2023, compared with around two-thirds (68%) of other sectors. In particular, the study found that financial workers were at a higher than average risk of phishing compared to other workers. Despite their target attractiveness, only three-quarters (73%) of the financial sector respondents said that they have a cyber security policy in place or will do so within the next year. A separate report from Kaspersky stated that the financial sector is poised to experience an influx of artificial intelligence based attacks 2024, adding to the fire.
Sources: [SC Media] [TechRadar ]
An Innocent-Looking Instagram Trend Could Be a Gift to Hackers
A recent trend that has picked up traction at the end of December on social media apps such as Instagram and TikTok, encourages their followers to “get to know them better”. This trend gets people to answer a popular template, freely giving away personal information such as their height, date of birth, and various details that they feel strongly about including favourite food and phobias. While these questions may seem harmless, these sorts of personal details are used by companies for security questions, for example when a person wants to reset their password. Hackers can use this information to easily social engineer victims or impersonate them to get access to their accounts.
Source: [Business Insider]
Cyber Criminals Shared Millions of Stolen Records During Holiday Break
While many people unwind and enjoy their time off during the festive season, cyber criminals remain active. In fact, they leaked approximately 50 million records containing sensitive personal information during this period. These data breaches were not limited to the West; they had a global impact, affecting individuals in various countries such as Peru, Australia, South Africa, and more. It is important to note that not all the data leaks were recent; some appeared to be remnants of older incidents. For instance, some of the leaked data belonged to customers of the credit company Klarna, which was rumoured to have experienced a breach back in 2022, although it was never publicly confirmed. This ‘Free Leaksmas’ event, as it’s been dubbed, underscores the extensive global reach and serious consequences of these cyber criminal activities.
Sources: [Security Affairs] [Dark Reading]
Law Firm that Handles Data Breaches was Itself Hit by Data Breach
Orrick, Herrington & Sutcliffe, a law firm specialising in managing security incidents for other companies, has disclosed more details of the cyber attack it itself experienced in March 2023. The breach compromised the sensitive health and personal information of over 637,000 individuals. The stolen data was linked to client organisations and included the names of individuals alongside their social security numbers, medical details, and financial information. Despite the firm's expertise in cyber security, the attack highlights the pervasive risk of data breaches, even among those who advise on such matters. Orrick's delayed response and subsequent legal settlements underscore the importance of proactive security measures and swift action in the wake of a breach. This incident serves as a stark reminder to all organisations of the need for robust cyber defences and transparent communication strategies in today's digital landscape. The law firm has recently settled in principle to resolve four class action lawsuits that accused Orrick of failing to inform victims of the breach until months after the incident.
Source: [TechCrunch]
Nigerian Hacker Arrested for Stealing Millions from Charities
A Nigerian national, Olusegun Samson Adejorin, has been arrested for charges relating to business email compromise attacks that caused a charitable organisation in the US to lose more than $7.5 million. Adejorin had purchased a credential harvesting tool to steal login credentials, which were used to send emails to the charity’s financial service provider. The emails requested and authorised a transfer of $7.5 million, which the investment services provider believed it was paying to the charity whereas it was paying into a bank account controlled by the attacker.
Source: [Bleeping Computer]
Cyber Criminals Implemented Artificial Intelligence for Invoice Fraud
A cyber criminal gang known as GXC Team has been seen selling an artificial intelligence tool for creating fraudulent invoices. The tool, known as Business Invoice Swapper, scrutinises compromised emails that are fed to it, looking for emails which mention invoices or include invoice attachments. It then alters the details of the intended recipient to details specified by the perpetrator. This altered invoice then either replaces the compromised one, or is sent to a predetermined set of contacts.
Source: [Security Affairs]
Shadow IT Threatens Corporate Cyber Security, Study Reveals
With remote working becoming more and more prevalent, organisations are finding themselves at risk of cyber threats due to what is known as shadow IT; this is any software, hardware or IT resource used without the IT department’s approval, knowledge or oversight. A study by Kaspersky found of the 77% of companies that had suffered from cyber incidents over the past two years, 11% of these were directly caused by the unauthorised use of shadow IT.
Source: [Security Brief]
Escalating Cyber Threats: Bots, Fraud Farms, and Cryptojacking Surge
In the constantly evolving cyber threat landscape, 2023 has witnessed a notable surge in the use of bots, fraud farms, and cryptojacking. A new report found that 73% of web and app traffic this year has been attributed to malicious bots and fraud farms, indicating a significant shift towards automated cyber attacks. This trend poses a heightened risk to the ecommerce sector, where cyber criminals exploit API connections and third-party dependencies.
Furthermore, the surge in cryptojacking, marked by a 399% increase, reveals a diversifying strategy among cyber criminals, targeting critical infrastructure with sophisticated methods. These developments serve as a crucial reminder for organisations to bolster their cyber defences and adopt a proactive stance against these emerging and increasingly automated threats.
Source: [Help Net Security]
Putin has Declared a Cyber War on Britain
This year over 2 billion people will vote for new governments across the world, and it is crucial to be aware of upcoming threats to these elections from foreign powers. In particular, Russia is notorious for deploying bots, trolls, and deepfakes, which are techniques used to manipulate information and influence public opinion. These malicious actors are adept at spreading misinformation and disinformation, often with the goal of interfering in elections. With the upcoming UK General Election in 2024 and the US Presidential Election also falling this year, it is imperative to exercise caution and discernment when consuming online content. Not everything we see can be taken at face value.
Source: [Telegraph]
Governance, Risk and Compliance
Thoughts for Boards: Key Issues in Corporate Governance for 2024 (harvard.edu)
Legal, compliance and privacy leaders anxious about rapid GenAI adoption - Help Net Security
Navigating the New Age of Cyber Security Enforcement (darkreading.com)
Facts and misconceptions about cyber security budgets - Help Net Security
Budget cuts take a toll on IT decision makers' mental health - Help Net Security
Consumers prepared to ditch brands after cyber security issues - Help Net Security
Threats
Ransomware, Extortion and Destructive Attacks
Firms urged to stop ransomware payments as attacks become “astronomical” (emergingrisks.co.uk)
How ransomware could cripple countries, not just companies (economist.com)
New Black Basta decryptor exploits ransomware flaw to recover files (bleepingcomputer.com)
Sophos reports spike in ransomware groups using remote encryption (securitybrief.co.nz)
Cactus RANSOMWARE gang hit the Swedish retail and grocery provider Coop (securityaffairs.com)
Police locate missing Chinese student who was victim of ‘cyber kidnapping’ (msn.com)
Kai Zhuang: Cyber kidnapping in US illustrates growing crime trend - BBC News
Ban on ransomware payments? The alternative isn't working • The Register
December ransomware attacks disrupt healthcare organisations | TechTarget
Study: Ransomware Is Actually Killing One American Per Month (tech.co)
Zeppelin ransomware source code sold for $500 on hacking forum (bleepingcomputer.com)
Ransomware Victims
Hospitals ask courts to force cloud storage firm to return stolen data (bleepingcomputer.com)
Software Used by Hundreds of Museums Taken Down by Ransomware Attack (pcmag.com)
CTS cyber attack: Disruption to home sales now over - BBC News
Xerox says subsidiary XBS US breached after ransomware gang leaks data (bleepingcomputer.com)
Cyber attackers breach trove of Victoria court recordings • The Register
Estes refuses to pay off ransomware crew, says data stolen • The Register
Phishing & Email Based Attacks
Numerous backdoors deployed in new Kimsuky spear-phishing attacks | SC Media (scmagazine.com)
Russia's APT28 used new malware in a recent phishing campaign (securityaffairs.com)
SMTP Smuggling: New Flaw Lets Attackers Bypass Security and Spoof Emails (thehackernews.com)
CERT-UA Uncovers New Malware Wave Distributing OCEANMAP, MASEPIE, STEELHOOK (thehackernews.com)
UAC-0050 Group Using New Phishing Tactics to Distribute Remcos RAT (thehackernews.com)
Crypto phishing scams took almost $300M from 324K victims in 2023: Report (cointelegraph.com)
Artificial Intelligence
Cyber Criminals Implemented Artificial Intelligence (AI) for Invoice Fraud (securityaffairs.com)
The Imperative of Cyber Security in the Era of AI (thefastmode.com)
Finance orgs to face increasingly prevalent AI cyber attacks | SC Media (scmagazine.com)
Enterprise cyber security in 2024: The AI play comes to the fore - Verdict
NIST Identifies Types of Cyber Attacks That Manipulate Behaviour of AI Systems | NIST
Use of generative AI in the legal profession accelerating despite accuracy concerns | ITPro
A New Kind of AI Copy Can Fully Replicate Famous People. The Law Is Powerless. - POLITICO
CISO Planning for 2024 May Struggle When It Comes to AI (darkreading.com)
Legal, compliance and privacy leaders anxious about rapid GenAI adoption - Help Net Security
AI Is Driving a Silent Cyber Security Arms Race (govtech.com)
Malware
Google accounts may be vulnerable to new hack, changing password won’t help | Cybernews
Malware abuses Google OAuth endpoint to ‘revive’ cookies, hijack accounts (bleepingcomputer.com)
Microsoft patches critical vulnerability used to install malware on Windows PCs - MSPoweruser
Microsoft disables Windows app installation, again • The Register
New Version of Meduza Stealer Released in Dark Web (securityaffairs.com)
Weak password and infostealer blamed for Orange Spain outage • The Register
Russia's APT28 used new malware in a recent phishing campaign (securityaffairs.com)
Russian Military Intelligence Blamed for Blitzkrieg Hacks (inforisktoday.com)
CERT-UA Uncovers New Malware Wave Distributing OCEANMAP, MASEPIE, STEELHOOK (thehackernews.com)
Kimsuky Hackers Deploying AppleSeed, Meterpreter, and TinyNuke in Latest Attacks (thehackernews.com)
Activity of Rugmi malware loader spikes | SC Media (scmagazine.com)
Kronos Malware Reemerges with Increased Functionality (securityintelligence.com)
Malware attacks exploiting app installation protocol prompt deactivation | SC Media (scmagazine.com)
New Variant of DLL Search Order Hijacking Bypasses Windows 10 and 11 Protections (thehackernews.com)
29 malware families target 1,800 banking apps worldwide - Help Net Security
Google password resets not enough to stop this malware • The Register
UAC-0050 Group Using New Phishing Tactics to Distribute Remcos RAT (thehackernews.com)
New Bandook RAT Variant Resurfaces, Targeting Windows Machines (thehackernews.com)
Mobile
Europe's Largest Parking App Provider Informs Customers of Data Breach - Security Week
How to prevent hackers from breaking into your Android, stealing bank info (nypost.com)
QR code hacking: How to protect yourself from rogue QR codes (androidpolice.com)
29 malware families target 1,800 banking apps worldwide - Help Net Security
Denial of Service/DoS/DDOS
Internet of Things – IoT
Study Finds IoT Cyber Security Risk Increased 400 Percent Last Year - RFID JOURNAL
4 essential smart home cameras tips to protect your sensitive data
Ukraine says Russia hacked web cameras to spy on targets in Kyiv (therecord.media)
Data Breaches/Leaks
23andMe tells victims it’s their fault that their data was breached | TechCrunch
Law firm that handles data breaches was hit by data breach | TechCrunch
Europe's Largest Parking App Provider Informs Customers of Data Breach - Security Week
Here we go again: 2023’s badly handled data breaches | TechCrunch
Over 900k Impacted by Data Breach at Defunct Boston Ambulance Service - Security Week
Data breach at healthcare tech firm impacts 4.5 million patients (bleepingcomputer.com)
'Cyber Toufan' Hacktivists Leaked 100-Plus Israeli Orgs in One Month (darkreading.com)
Cyber Attacks Are Back in Hollywood. Did Sony Hack Teach Us Nothing? (variety.com)
Accounting Firm Battling Cyber Security Lawsuit Seeks Dismissal (bloomberglaw.com)
Organised Crime & Criminal Actors
Nigerian hacker arrested for stealing $7.5M from charities (bleepingcomputer.com)
Hackers employ nuanced tactics to evade detection - Help Net Security
The law enforcement operations targeting cyber crime in 2023 (bleepingcomputer.com)
What’s It Like to Be the Victim of Cyber Crimes? (govtech.com)
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Crypto phishing scams took almost $300M from 324K victims in 2023: Report (cointelegraph.com)
Cryptocurrency wallet CEO loses $125,000 in wallet-draining scam | Tripwire
Cyber criminals set their sights on crypto markets - Help Net Security
Orbit Chain loses $86 million in the last fintech hack of 2023 (bleepingcomputer.com)
Crypto-crook Sam Bankman-Fried spared a second trial • The Register
Bitconned review — Netflix documentary about a fortune built on brazen lies
Hackers hijack govt and business accounts on X for crypto scams (bleepingcomputer.com)
Insurance
Supply Chain and Third Parties
Online museum collections down after cyber attack on service provider (bleepingcomputer.com)
A new framework for third-party risk in the European Union | ITPro
Cloud/SaaS
Identity and Access Management
The password identity crisis: Evolving authentication methods in 2024 and beyond | VentureBeat
Active Directory Infiltration Methods Employed by Cyber Criminals (gbhackers.com)
Encryption
Quantum Risks and Rewards: Forward-Defending Cyber Security (govinfosecurity.com)
Saving Schrödinger’s Cat: Getting serious about post-quantum encryption in 2024 - Breaking Defence
Nearly 11 million SSH servers vulnerable to new Terrapin attacks (bleepingcomputer.com)
Linux and Open Source
Passwords, Credential Stuffing & Brute Force Attacks
A “ridiculously weak“ password causes disaster for Spain’s No. 2 mobile carrier | Ars Technica
23andMe tells victims it’s their fault that their data was breached | TechCrunch
The password identity crisis: Evolving authentication methods in 2024 and beyond | VentureBeat
Social Media
Instagram Trend Could Be a Gift to Hackers (businessinsider.com)
Cyber Attackers Target Nuclear Waste Company via LinkedIn (darkreading.com)
Cyber Criminals Flood Dark Web with X (Twitter) Gold Accounts (darkreading.com)
Hackers hijack govt and business accounts on X for crypto scams (bleepingcomputer.com)
Mandiant's Twitter Account Restored After Six-Hour Crypto Scam Hack (thehackernews.com)
Malvertising
Regulations, Fines and Legislation
New risk management framework helps with SEC mandate compliance | CSO Online
A new framework for third-party risk in the European Union | ITPro
Navigating the New Age of Cyber Security Enforcement (darkreading.com)
Models, Frameworks and Standards
Careers, Working in Cyber and Information Security
Cyber security skills gap poses threat to business protection measures (securitybrief.co.nz)
Many cyber security workers feel burnt out and worry about understaffing | TechRadar
Law Enforcement Action and Take Downs
Police investigate virtual sex assault on girl's avatar - BBC News
The law enforcement operations targeting cyber crime in 2023 (bleepingcomputer.com)
Additional cyber agents to be deployed by FBI | SC Media (scmagazine.com)
Misinformation, Disinformation and Propaganda
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Nation State Actors
China
BT Miss Deadline to Remove All Huawei Kit from UK Core Network UPDATE - ISPreview UK
Three Chinese balloons float near Taiwanese airbase • The Register
Russia
Russia Kyivstar Hack Should Alarm West, Ukraine Security Chief Warns (darkreading.com)
Russian hackers were inside Ukraine telecoms giant for months – cyber spy chief – Euractiv
Ukraine says Russia hacked web cameras to spy on targets in Kyiv (therecord.media)
UK exposes Russia for attempted political interference (ukdefencejournal.org.uk)
Vladimir Putin has declared a cyber war on Britain (telegraph.co.uk)
Russia's APT28 used new malware in a recent phishing campaign (securityaffairs.com)
Russian Military Intelligence Blamed for Blitzkrieg Hacks (inforisktoday.com)
CERT-UA Uncovers New Malware Wave Distributing OCEANMAP, MASEPIE, STEELHOOK (thehackernews.com)
Massive missile strike disrupts Kyiv's internet and power supply (therecord.media)
The "Tallinn Mechanism" is Designed to Enhance Civilian Cyber Assistance to Ukraine
UAC-0050 Group Using New Phishing Tactics to Distribute Remcos RAT (thehackernews.com)
Iran
Multiple organisations in Iran breached by a mysterious hacker (securityaffairs.com)
Israel Battles Spike in Wartime Hacktivist, OT Cyber Attacks (darkreading.com)
Pilfered Data From Iranian Insurance and Food Delivery Firms Leaked Online (darkreading.com)
North Korea
Kimsuky Hackers Deploying AppleSeed, Meterpreter, and TinyNuke in Latest Attacks (thehackernews.com)
Numerous backdoors deployed in new Kimsuky spear-phishing attacks | SC Media (scmagazine.com)
Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence
Vulnerability Management
Apache ERP Zero-Day Underscores Dangers of Incomplete Patches (darkreading.com)
Vulnerability management remains a moving target | SC Media (scmagazine.com)
Vulnerabilities
Microsoft patches critical vulnerability used to install malware on Windows PCs - MSPoweruser
Google Patches Six Vulnerabilities With First Chrome Update of 2024 - Security Week
Apache ERP Zero-Day Underscores Dangers of Incomplete Patches (darkreading.com)
Ivanti warns critical EPM bug lets hackers hijack enrolled devices (bleepingcomputer.com)
Vulnerabilities in Google Kubernetes Engine Could Allow Cluster Takeover - Security Week
Malware attacks exploiting app installation protocol prompt deactivation | SC Media (scmagazine.com)
Qualcomm chip vulnerability enables remote attack by voice call | SC Media (scmagazine.com)
Nearly 11 million SSH servers vulnerable to new Terrapin attacks (bleepingcomputer.com)
WordPress Google Fonts Plugin Vulnerability Affects Up To +300,000 Sites (searchenginejournal.com)
January Android Security Bulletin Arrives, So Does Pixel Update (droid-life.com)
Tools and Controls
Why training LLMs with endpoint data will strengthen cyber security | VentureBeat
Cyber security challenges emerge in the wake of API expansion - Help Net Security
Are Security Appliances fit for Purpose in a Decentralized Workplace? - Security Week
Guarding against DDoS attacks during high-traffic periods | CSO Online
8 Hybrid Cloud Security Challenges and How to Manage Them (techtarget.com)
Active Directory Infiltration Methods Employed by Cyber Criminals (gbhackers.com)
Other News
IT and OT cyber security: A holistic approach (securityintelligence.com)
The FBI is adding more cyber focused agents to US embassies | CyberScoop
Hackers hit Australian state's court recording database | Reuters
Cyber Attacks Are Back in Hollywood. Did Sony Hack Teach Us Nothing? (variety.com)
Healthcare breach costs soar requiring new thinking for safeguarding data (securityintelligence.com)
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
As usual, contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.
Black Arrow Cyber Threat Briefing 12 May 2023
Black Arrow Cyber Threat Briefing 12 May 2023:
-79% of Cyber Pros Make Decisions Without Threat Intelligence
-61% of Business Leadership Overlook the Role of Cyber Security as a Business Enabler and as being Key to Business Success
-Risk Managers Warn Cyber Insurance Could Become ‘Unviable Product’
-Small and Medium-Sized Businesses: Don’t Give up on Cyber Security
-AI Has Been Dubbed a 'Nuclear' Threat to Cyber Security, but It Can Also Be Used for Defence
-Paying Cyber Hijackers’ Ransoms Doubles Cost of Recovery, Sophos Study Shows
-Majority of US, UK CISOs Unable to Protect Company 'Secrets'
-Company Executives Can’t Afford to Ignore Cyber Security Anymore
-BEC Campaign via Israel Spotted Targeting Multinational Companies
-CISOs Worried About Personal Liability for Breaches
-UK, US and International Allies Uncover Russian Snake Malware Network in 50+ Countries
-Plug-and-Play Microsoft 365 Phishing Tool 'Democratizes' Attack Campaigns
Welcome to this week’s Black Arrow Cyber Threat Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Top Cyber Stories of the Last Week
79% of Cyber Pros Make Decisions Without Threat Intelligence
In a recent report, 79% of security pros say they make decisions without adversary insights “at least the majority of the time.” Why aren’t companies effectively leveraging threat intelligence? And does the C-Suite know this is going on?
Threat intelligence helps organisations stay informed about the latest cyber threats and vulnerabilities. By gathering and analysing information about potential attacks, threat intelligence can provide organisations with valuable insights into the tactics, techniques and procedures (TTPs) used by cyber criminals.
Given the deep value provided by threat intelligence, why aren’t more cyber pros taking advantage of it?
61% of Business Leadership Overlook the Role of Cyber Security as a Business Enabler and as being Key to Business Success
A recent report found only 39% of respondents think their company's leadership has a sound understanding of cyber security's role as a business enabler. Cyber security can be a huge business enabler; executive leaders need to think of cyber security in terms of the value it can deliver at a more strategic level.
Risk Managers Warn Cyber Insurance Could Become ‘Unviable Product’
The Federation of European Risk Management Associations (FERMA), an umbrella body representing 22 trade associations, said the cyber insurance market is “evolving in isolation from the industries it serves”.
It highlighted a move by Lloyd’s of London, the specialist insurance market and hub for cyber insurance, demanding that standard cyber policies have an exemption for big state-backed attacks.
“Without a more collaborative approach to cyber balancing the risk appetite of the insurance market with the coverage requirements of the corporate buyers, there is a risk that cyber insurance becomes an unviable product for many organisations,” FERMA said in a statement shared with the Financial Times.
The intervention is the strongest yet by the business lobby over the controversial exemption and wider concerns about cyber insurance.
https://www.ft.com/content/401629cc-e68a-41a4-8d50-e7c0d3e27835
Small and Medium-Sized Businesses: Don’t Give up on Cyber Security
In today’s increasingly hostile environment, every enterprise, big or small, should be concerned about cyber security and have access to protection from hackers, scammers, phishers, and all the rest of the host of bad actors who seem to be sprouting up around the world.
Yet time and again, small and medium-sized businesses (SMBs) are left out in the cold, an unaddressed market segment that finds real protection either too expensive or far too complex to adopt. Thus, cyber security becomes an “afterthought” or “add when we can” kind of service that leaves SMBs far more vulnerable than the corporate giants — just reading the news every day shows even they aren’t immune to ransomware, intrusions, and data theft. If you haven’t already, start thinking about security now.
AI Has Been Dubbed a 'Nuclear' Threat to Cyber Security, but It Can Also Be Used for Defence
Hackers using ChatGPT are faster and more sophisticated than before, and cyber security analysts who don’t have access to similar tools can very quickly find themselves outgunned and outsmarted by these AI-assisted attackers. However, corporations are stumbling to figure out governance around AI, and while they do so, their employees are clearly defying rules and possibly jeopardising company operations. According to a study of 1.6 million workers, 3.1% input confidential company information into ChatGPT. Although the number seems small, 11% of users' questions include private information. This is a fatal flaw for corporate use considering how hackers can manipulate the system into giving them previously hidden information. In another study, it was found that 80% of security professionals used AI, with 46% of these giving specialised capabilities as a reason.
Paying Cyber Hijackers’ Ransoms Doubles Cost of Recovery, Sophos Study Shows
In three out of four cyber attacks, the hijackers succeeded in encrypting victims’ data, cyber security provider Sophos said in its newly released State of Ransomware 2023 report.
The rate of data encryption amounted to the highest from ransomware since Sophos first issued the report in 2020. Overall, roughly two-thirds of the 3,000 cyber security/IT leaders’ organisations were infected by a ransomware attack in the first quarter of 2023, or the same percentage as last year.
Much advice has been doled out by cyber security providers and law enforcement urging organisations to not pay a ransom. According to Sophos’ survey, the data shows that when organisations paid a ransom to decrypt their data, they ended up doubling their recovery costs. On average, those organisations paying ransoms for decryption forked out $750,000 in recovery costs versus $375,000 for organisations that used backups to recover their data.
Moreover, paying the ransom usually meant longer recovery times, with 45% of those organisations that used backups recovering within a week, compared to 39% of those that paid the ransom.
Majority of US, UK CISOs Unable to Protect Company 'Secrets'
A recent study found 75% of organisations have experienced a data leak involving company secrets, including API keys, usernames, passwords, and encryption keys, in the past. It was found that about 52% of chief information and security officers (CISOs) in the US and UK organisations are unable to fully secure their company secrets. The study showed that a huge chunk of the IT sector realises the danger of exposed secrets. Seventy-five percent said that a secret leak has happened in their organisation in the past, with 60% acknowledging it caused serious issues for the company, employees, or both. The report has pointed out that even though secrets management practice across the US and the UK has seen some maturity, it still needs to go a long way.
Company Executives Can’t Afford to Ignore Cyber Security Anymore
In a recent survey, when asked about the Board and C-Suite‘s understanding of cyber security across the organisation, only 36% of respondents believe that it is considered important only in terms of compliance and regulatory demands, while 17% said it is not seen as a business priority. The disconnect between business and security goals appears to have caused at least one negative consequence to 89% of respondents’ organisations, with 26% also reporting it resulted in an increased number of successful cyber attacks at their company. On the misalignment of cyber security goals, respondents believed it contributed to delays in investments (35%), delays in strategic decision making (34%), and unnecessary increases in spending (27%).
https://www.helpnetsecurity.com/2023/05/10/cybersecurity-business-goals-alignment/
BEC Campaign via Israel Spotted Targeting Multinational Companies
An Israel-based threat group was discovered carrying out a business email compromise (BEC) campaign primarily targeting large and multinational enterprises. The group has conducted 350 BEC campaigns since February 2021, with email attacks targeting employees from 61 countries across six continents. The group operate through two personas — a CEO and an external attorney and spoofed email addresses using real domains.
CISOs Worried About Personal Liability for Breaches
Over three-fifths (62%) of global CISOs are concerned about being held personally liable for successful cyber attacks that occur on their watch, and a similar share would not join an organisation that fails to offer insurance to protect them, according to Proofpoint annual ‘Voice of the CISO’ survey for 2023. The security vendor polled 1600 CISOs from organisations of 200 employees or more across different industries in 16 countries to compile the report.
It revealed that CISOs in sectors with high volumes of sensitive data and/or heavy regulation such as retail (69%), financial services (65%) and manufacturing (65%) are most likely to demand insurance coverage.
Such concerns only add to the mental load on corporate IT security bosses. A combination of high-stress working environments, shrinking budgets and personal liability could be harming CISOs’ quality of life. Some 60% told Proofpoint they’ve experienced burnout in the past 12 months.
CISOs are most likely to experience burnout in the retail (72%) and IT, technology and telecoms (66%) industries.
https://www.infosecurity-magazine.com/news/cisos-worried-personal-liability/
UK, US and International Allies Uncover Russian Snake Malware Network in 50+ Countries
The UK NCSC along with the US National Security Agency (NSA) and various international partner agencies have discovered infrastructure connected with the sophisticated Russian cyber-espionage tool Snake in over 50 countries worldwide. Snake operations have been attributed to a specific unit within Russia’s Federal Security Service (FSB), Center 16.
Cyber criminals reportedly used Snake to retrieve and remove confidential documents related to international relations and diplomatic communications.
According to an advisory published by the agencies on Tuesday, the FSB targeted various industries, including education, small businesses, media, local government, finance, manufacturing and telecommunications. The Snake malware is installed on external infrastructure nodes for further exploitation.
According to the NSA Russian government actors have used this tool for years for intelligence collection and it is hoped that the technical details shared in the advisory will help many organisations find and shut down the malware globally.
https://www.infosecurity-magazine.com/news/nsa-uncovers-russian-snake-malware/
Plug-and-Play Microsoft 365 Phishing Tool 'Democratizes' Attack Campaigns
A new phishing-as-a-service tool called "Greatness" is being used in attacks targeting manufacturing, healthcare, technology, and other sectors.
Researchers at Cisco Talos detailed their findings on "Greatness," a one-stop-shop for all of a cyber criminal's phishing needs. With Greatness, anyone with even rudimentary technical chops can craft compelling Microsoft 365-based phishing lures, then carry out man-in-the-middle attacks that steal authentication credentials — even in the face of multifactor authentication (MFA) — and much more.
The tool has been in circulation since at least mid-2022 and has been used in attacks against enterprises in manufacturing, healthcare, and technology, among other sectors. Half of the targets thus far have been concentrated in the US, with further attacks occurring around Western Europe, Australia, Brazil, Canada, and South Africa.
https://www.darkreading.com/cloud/plug-and-play-microsoft-365-phishing-tool-democratizes-attacks
Threats
Ransomware, Extortion and Destructive Attacks
Make them pay: Hackers devise new tactics to ensure ransomware payment | CSO Online
Ransomware gangs display ruthless extortion tactics in April | TechTarget
Our appetite for data increases the risk of being held to ransom (thetimes.co.uk)
Paying Cyber Hijackers’ Ransoms Doubles Cost of Recovery, Sophos Study Shows - MSSP Alert
Refined methodologies of ransomware attacks - Help Net Security
Ranking ransomware: The gangs, the malware and the ever-present risks | CyberScoop
Ransomware Encryption Rates Reach New Heights - Infosecurity Magazine (infosecurity-magazine.com)
UK ‘increasingly concerned’ ransomware victims are keeping incidents secret (therecord.media)
Royal ransomware gang quickly expands reign | SC Media (scmagazine.com)
Legitimate Software Abuse: A Disturbing Trend in Ransomware Attacks (darkreading.com)
Ransomware attack confirmed at Rochester Public Schools, FBI alerted - Bring Me The News
Constellation Struck By Ransomware Attack, ALPHV Lays Claim (informationsecuritybuzz.com)
New Ransomware Strain 'CACTUS' Exploits VPN Flaws to Infiltrate Networks (thehackernews.com)
New Akira Ransomware Operation Hits Corporate Networks | Black Hat Ethical Hacking
Babuk code used by 9 ransomware gangs to encrypt VMWare ESXi servers (bleepingcomputer.com)
$1.1M Paid to Resolve Ransomware Attack on California County - SecurityWeek
Western Digital store offline due to March breach - Help Net Security
Western Digital Confirms Ransomware Group Stole Customer Information - SecurityWeek
Former Conti members are behind latest Royal ransomware hacking spree, report finds (axios.com)
Hackers Contacted Dragos CEO’s Son, Wife in Extortion Attempt - Bloomberg
Multiple Ransomware Groups Adapt Babuk Code to Target ESXi VMs (darkreading.com)
Australian software giant won’t say if customers affected by hack | TechCrunch
Multinational tech firm ABB hit by Black Basta ransomware attack (bleepingcomputer.com)
Phishing & Email Based Attacks
Gmail gets blue verification checks to protect against spoofing and phishing | ZDNET
Phishing Ring Bust, Spanish Police Have Arrested 40 People (informationsecuritybuzz.com)
BEC – Business Email Compromise
2FA/MFA
Malware
Chrome users, stay alert: Malware may be just one click away - gHacks Tech News
Microsoft issues optional fix for Secure Boot zero-day used by malware (bleepingcomputer.com)
56,000+ cloud-based apps at risk of malware exfiltration - Help Net Security
Millions of mobile phones come pre-infected with malware • The Register
Severe Ruckus RCE Flaws Utilized By Fresh DDoS Botnet Malware (informationsecuritybuzz.com)
Fake system update drops Aurora stealer via Invalid Printer loader (malwarebytes.com)
Stealthier version of Linux BPFDoor malware spotted in the wild (bleepingcomputer.com)
Mobile
Millions of mobile phones come pre-infected with malware • The Register
Mobile hacking and spyware – understanding the risks - TechHQ
Google Announces New Privacy, Safety, and Security Features Across Its Services (thehackernews.com)
Google Improves Android Security With New APIs - SecurityWeek
New Android FluHorse malware steals your passwords, 2FA codes (bleepingcomputer.com)
New Android updates fix kernel bug exploited in spyware attacks (bleepingcomputer.com)
Botnets
Fortinet warns of a spike of the activity linked to AndoryuBot botnet- Security Affairs
RapperBot DDoS malware adds cryptojacking as new revenue stream (bleepingcomputer.com)
Denial of Service/DoS/DDOS
FBI seizes 13 more domains linked to DDoS-for-hire services (bleepingcomputer.com)
Severe Ruckus RCE Flaws Utilized By Fresh DDoS Botnet Malware (informationsecuritybuzz.com)
Fortinet warns of a spike of the activity linked to AndoryuBot botnet- Security Affairs
RapperBot DDoS malware adds cryptojacking as new revenue stream (bleepingcomputer.com)
Internet of Things – IoT
Data Breaches/Leaks
Security researcher finds trove of Capita data exposed online | TechCrunch
In a new hacking crime wave, more personal data is being held hostage (cnbc.com)
Western Digital says hackers stole customer data in March cyber attack (bleepingcomputer.com)
Leak of MSI UEFI signing keys stokes fears of “doomsday” supply chain attack | Ars Technica
Boot Guard Keys From MSI Hack Posted, Many PCs Vulnerable | Tom's Hardware(tomshardware.com)
1 Million Impacted by Data Breach at NextGen Healthcare - SecurityWeek
Twitter admits 'security incident' broke Circle privacy • The Register
Food distribution giant Sysco warns of data breach after cyber attack (bleepingcomputer.com)
North Korean Hackers Stole 830K Data From Seoul's Top Hospital (informationsecuritybuzz.com)
Brightly warns of SchoolDude data breach exposing credentials (bleepingcomputer.com)
Simplify data hack cost the firm almost £7m - Property Industry Eye
Organised Crime & Criminal Actors
In a new hacking crime wave, more personal data is being held hostage (cnbc.com)
The Team of Sleuths Quietly Hunting Cyber attack-for-Hire Services | WIRED
Phishing Ring Bust, Spanish Police Have Arrested 40 People (informationsecuritybuzz.com)
Former Ubiquiti Employee Who Posed as Hacker Sentenced to Prison - SecurityWeek
UK cops score another legal win in EncroChat spying case • The Register
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Insider Risk and Insider Threats
Human Error Drives Most Cyber Incidents. Could AI Help? (hbr.org)
Overlooking These 4 Critical Measures Expose Your Company to Cyber Attacks | Entrepreneur
Fraud, Scams & Financial Crime
UK’s new fraud strategy too weak to tackle soaring crime, say experts | Financial Times (ft.com)
Your voice could be your biggest vulnerability - Help Net Security
QR codes used in fake parking tickets, surveys to steal your money (bleepingcomputer.com)
Deepfakes
Insurance
Dark Web
Supply Chain and Third Parties
Security researcher finds trove of Capita data exposed online | TechCrunch
Cyber hack to cost UK outsourcer Capita up to $25 mln | Reuters
Leak of MSI UEFI signing keys stokes fears of “doomsday” supply chain attack | Ars Technica
Software Supply Chain
Cloud/SaaS
56,000+ cloud-based apps at risk of malware exfiltration - Help Net Security
How to reduce risk with cloud attack surface management | TechTarget
ENISA leans into EU clouds with draft cyber security label • The Register
Hybrid/Remote Working
Attack Surface Management
Identity and Access Management
Top 3 trends shaping the future of cyber security and IAM - Help Net Security
Review your on-prem ADCS infrastructure before attackers do it for you | CSO Online
Why the FTX Collapse Was an Identity Problem (darkreading.com)
Asset Management
CISOs confront mounting obstacles in tracking cyber assets - Help Net Security
How Attack Surface Management Supports Continuous Threat Exposure Management (thehackernews.com)
Encryption
API
Open Source
India bans open source messaging apps on security grounds • The Register
Stealthier version of Linux BPFDoor malware spotted in the wild (bleepingcomputer.com)
Passwords, Credential Stuffing & Brute Force Attacks
83% of Americans’ Passwords Can Be Hacked in Less Than a Second, Study Shows (thedailybeast.com)
Top 5 Password Cracking Techniques Used by Hackers (bleepingcomputer.com)
Social Media
Twitter admits 'security incident' broke Circle privacy • The Register
TikTok tracked UK journalist via her cat's account - BBC News
Parental Controls and Child Safety
Regulations, Fines and Legislation
UK’s new fraud strategy too weak to tackle soaring crime, say experts | Financial Times (ft.com)
EU parliament report calls for tighter regulation of spyware | Surveillance | The Guardian
India bans open source messaging apps on security grounds • The Register
PEGA committee calls for EU level regulation of spyware • The Register
ENISA leans into EU clouds with draft cyber security label • The Register
Europe’s Moral Crusader Lays Down the Law on Encryption | WIRED
Scanning Plans On Europe's CSAM May Violate International Law (informationsecuritybuzz.com)
Governance, Risk and Compliance
Risk managers warn cyber insurance could become ‘unviable product’ | Financial Times (ft.com)
79% of Cyber Pros Make Decisions Without Threat Intelligence (securityintelligence.com)
Company executives can't afford to ignore cyber security anymore - Help Net Security
Majority of US, UK CISOs unable to protect company 'secrets': Report | CSO Online
Small- and medium-sized businesses: don’t give up on cyber security | CSO Online
(ISC)² Calls for Global Cyber security Standards, Collaboration, Frameworks - MSSP Alert
Organisations Reliant on Social Media For Threat Intelligence - TechRound
Recognizing Cyberthreat Trends For Effective Defence (forbes.com)
Digital trust can make or break an organisation - Help Net Security
Why more transparency around cyber attacks is good for everyone - NCSC
CISOs face mounting pressures, expectations post-pandemic | TechTarget
CISOs' confidence in post-pandemic security landscape fades - Help Net Security
Overlooking These 4 Critical Measures Expose Your Company to Cyber Attacks | Entrepreneur
NCSC and ICO Dispel Incident Reporting Myths - Infosecurity Magazine (infosecurity-magazine.com)
Models, Frameworks and Standards
(ISC)² Calls for Global Cyber security Standards, Collaboration, Frameworks - MSSP Alert
ENISA leans into EU clouds with draft cyber security label • The Register
Data Protection
Careers, Working in Cyber and Information Security
Law Enforcement Action and Take Downs
FBI seizes 13 more domains linked to DDoS-for-hire services (bleepingcomputer.com)
Phishing Ring Bust, Spanish Police Have Arrested 40 People (informationsecuritybuzz.com)
UK cops score another legal win in EncroChat spying case • The Register
Privacy, Surveillance and Mass Monitoring
The (Security) Cost of Too Much Data Privacy (darkreading.com)
Twitter admits 'security incident' broke Circle privacy • The Register
TikTok tracked UK journalist via her cat's account - BBC News
Artificial Intelligence
Top US cyber official warns AI may be the 'most powerful weapon of our time' | CyberScoop
Amazon Is Being Flooded With Books Entirely Written by AI (futurism.com)
Your voice could be your biggest vulnerability - Help Net Security
The security and privacy risks of large language models - Help Net Security
Spyware, Cyber Espionage & Cyber Warfare, including Russian Invasion of Ukraine
EU parliament report calls for tighter regulation of spyware | Surveillance | The Guardian
China targets foreign consulting companies in anti-spying raids | China | The Guardian
Mobile hacking and spyware – understanding the risks - TechHQ
New Android updates fix kernel bug exploited in spyware attacks (bleepingcomputer.com)
CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine (thehackernews.com)
PEGA committee calls for EU level regulation of spyware • The Register
FBI-led Operation Medusa kills Russian FSB malware network • The Register
How one of Vladimir Putin’s most prized hacking units got pwned by the FBI | Ars Technica
Nation State Actors
Microsoft warns Iran increasing its cyber-enabled influence operations | SC Media (scmagazine.com)
China labels USA ‘Empire of hacking’ citing old WikiLeaks • The Register
CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine (thehackernews.com)
LinkedIn shuts service in China, lays off employees | Fortune
Microsoft: Iranian hacking groups join Papercut attack spree (bleepingcomputer.com)
FBI-led Operation Medusa kills Russian FSB malware network • The Register
China targets foreign consulting companies in anti-spying raids | China | The Guardian
Beijing raids consultancy firm Capvision, promises more • The Register
SideWinder Strikes Victims in Pakistan, Turkey in Multiphase Polymorphic Attack (darkreading.com)
North Korean Hackers Stole 830K Data From Seoul's Top Hospital (informationsecuritybuzz.com)
People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices | CISA
Vulnerability Management
Vulnerabilities
Microsoft's May Patch Tuesday Fixes 38 Flaws, Including Active Zero-Day Bug (thehackernews.com)
Microsoft warns of two bugs under active exploit • The Register
Light May Patch Tuesday will weigh heavily on Windows admins | TechTarget
Fortinet fixed two severe issues in FortiADC and FortiOS-Security Affairs
New PaperCut RCE exploit created that bypasses existing detections (bleepingcomputer.com)
Microsoft issues optional fix for Secure Boot zero-day used by malware (bleepingcomputer.com)
Adobe Patches 14 Vulnerabilities in Substance 3D Painter - SecurityWeek
Severe Ruckus RCE Flaws Utilized By Fresh DDoS Botnet Malware (informationsecuritybuzz.com)
CyberGhost VPN patches command injection vulnerability | SC Media (scmagazine.com)
A Linux NetFilter kernel flaw allows escalating privileges to 'root'-Security Affairs
SAP Patches Critical Vulnerabilities With May 2023 Security Updates - SecurityWeek
Fortinet warns of a spike of the activity linked to AndoryuBot botnet-Security Affairs
Tools and Controls
Risk managers warn cyber insurance could become ‘unviable product’ | Financial Times (ft.com)
79% of Cyber Pros Make Decisions Without Threat Intelligence (securityintelligence.com)
Human Error Drives Most Cyber Incidents. Could AI Help? (hbr.org)
Identifying Compromised Data Can Be a Logistical Nightmare (darkreading.com)
Organisations Reliant on Social Media For Threat Intelligence - TechRound
Recognizing Cyberthreat Trends For Effective Defence (forbes.com)
Digital trust can make or break an organisation - Help Net Security
Prevent attackers from using legitimate tools against you - Help Net Security
How to implement principle of least privilege in Azure AD | TechTarget
What is Digital Forensics? Tools, Types, Phases & History (cybersecuritynews.com)
Microsoft enforces number matching to fight MFA fatigue attacks (bleepingcomputer.com)
AI Will Take Many Cyber security Jobs, But It's Not a Complete Disaster | PCMag
Google Broadens Dark Web Monitoring To Track All Gmail Users (informationsecuritybuzz.com)
5 SBOM tools to start securing the software supply chain | TechTarget
The Industrywide Consequences of Making Security Products Inaccessible (darkreading.com)
Top 3 trends shaping the future of cyber security and IAM - Help Net Security
Other News
The Team of Sleuths Quietly Hunting Cyber attack-for-Hire Services | WIRED
Why Should You Take IT Security Seriously? - IT Security Guru
To enable ethical hackers, a law reform is needed - Help Net Security
How datacentre operators can fend off cyber attacks | Computer Weekly
'Windows for Gamers' Rolls Dice With Your Security (vice.com)
Risk of cyber attack is main Eurovision worry, says BBC executive | Eurovision 2023 | The Guardian
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
As usual, contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.