Threat Intelligence Blog
Contact us to discuss any insights from our Blog, and how we can support you in a tailored threat intelligence report.
Black Arrow Cyber Threat Briefing 25 August 2023
Black Arrow Cyber Threat Intelligence Briefing 25 August 2023:
-Cloud Hosting Firm Loses All Customer Data After Ransomware Attack
-Would You Infect Others to Rid Yourself of Ransomware?
-Artificial Intelligence and USBs Drive 8% Rise in Cyber Attacks
-Ransomware Attacks Broke Records in July, Mainly Driven By One Group
-Cyber Risk in The Boardroom
-Malware-Infected Advertising Grows Ever More Sophisticated, And More Damaging
-Cyber Security is Everyone’s Responsibility
-QR Code Hacks Are Another Thing to Worry About Now
-Security Basics Aren’t So Basic Anymore
-Apple MacOS Security Myths
-Security Leaders Report Misalignment of Investments and Risk Reduction
-Many CISOs Tout SaaS (Cloud) Cyber Security Confidence, but 79% Admit to SaaS Incidents, New Report Finds
-If You Ever Used Duolingo, Watch Out for Phishing Email
-91% of Security and IT Professionals Agree Cyber Criminals are Already Using AI in Email Attacks
Welcome to this week’s Black Arrow Cyber Threat Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Top Cyber Stories of the Last Week
Cloud Hosting Firm Loses All Customer Data After Ransomware Attack
CloudNordic, a Danish cloud hosting provider, has told customers to consider all of their data as having been lost following a ransomware infection that encrypted the large Danish cloud provider. The threat actors had destroyed the organisation’s backups, which prevented the firm from recovering effectively. The attack also impacted AzeroCloud, which is owned by the same company.
Worryingly, many organisations believe that having backups and using the cloud is enough for them to be able to recover from any cyber incident; unfortunately, as shown in the CloudNordic and AzeroCloud attacks, it is not enough. Organisations need to have a recovery plan in place which is tested and improved, to best strengthen themselves in the event of a cyber incident.
Sources: [The Register] [Bleeping Computer] [Help Net Security]
Would You Infect Others to Rid Yourself of Ransomware?
Hackers continually develop ransomware with new and creative attack methods that keep internet security professionals on their toes and pose challenges for people trying to detect threats. Victims of ransomware usually see messages asking them to pay for file access restoration; however, the Popcorn Time ransomware group takes a different approach to getting victims involved.
The Popcorn Time ransomware approach works via the referral method. The ransomware group is willing to give victims access to their files if they send the referral link to two other people, extending the attacker’s reach. Most people would hesitate to distribute a ransomware link through email, WhatsApp, or another method that is easy for victims to identify them as the perpetrators. Law enforcement bodies categorise ransomware attacks as crimes that come with hefty fines and prison time. Even those choosing to send the links to people they know face disastrous consequences beyond law enforcement, including the loss of jobs and relationships.
Source: [CyberNews]
Artificial Intelligence and USBs Drive 8% Rise in Cyber Attacks
Checkpoint’s 2023 Mid-Year Security Report shows an 8% surge in global weekly cyber attacks during Q2, marking the most significant increase in two years. The report highlights the fusion of advanced artificial intelligence (AI) technology with traditional tools like USB devices used for disruptive cyber attacks.
Other significant findings include the evolution of ransomware tactics. The report found that ransomware groups are exploiting vulnerabilities in common corporate software and shifting focus from encrypting data to stealing it. USB devices have resurfaced as threats, employed by both state-affiliated groups and cyber-criminals to distribute malware globally. The misuse of AI has escalated, as attackers use generative AI tools for phishing emails, keystroke monitoring malware and basic ransomware code.
Source: [InfoSecurity Magazine]
Ransomware Attacks Broke Records in July, Mainly Driven By One Group
A number of ransomware actors are utilising the threat of releasing sensitive data to get organisations to pay ransoms; in some cases this is combined with encryption to give the actor two avenues of payment. A report has found there were over 500 attacks last month, an increase of 153% compared to one year ago, and a 16% increase compared to June. Within Europe, there was a 59% increase in ransomware attacks from June to July.
Part of the significant rise is due to the ransomware group called Cl0p, whose attack on the MOVEit software has accounted for hundreds of victims this year. The Cl0p ransomware group has kept its promise to publish files on the clearweb of all its victims if contact was not made. The clearweb is simply what we know as the internet; anyone can access it. As such, there will be many organisations who are now having their sensitive data published and readily viewable for anyone who has access to the internet.
Sources: [Gov Info Seccurity] [Security Week] [ZDNET] [Cyber News]
Cyber Risk in The Boardroom
The relationship between the CISO and the wider boardroom has become increasingly cooperative, with 77% of CEO’s seeing cyber as a strategic function and a potential source of competitive advantage. While it is ultimately up to the board to take steps to keep cybersecurity high on the agenda, the CISO also has a responsibility to press the message and bridge any gaps.
CISOs must deliver concerns, strategies and recommendations in a business-first manner, while avoiding jargon and overly technical language. Attracting and retaining good quality senior security professionals is very challenging in the current market and Black Arrow offer a fractional CISO service, giving access to a whole team of specialists with wider expertise, experience and backgrounds, for less than the cost of hiring one individual.
Sources: [Security Week] [TechRadar]
Malware-Infected Advertising Grows Ever More Sophisticated, And More Damaging
The malware exploits known as malware-infected ads, or malvertising, have been around for decades, but new reports point to a steady rise in efficacy. With malvertising, the infected ads are typically placed on legitimate ad networks, which makes them more difficult to spot and remove. The technique continues to use more and more sophisticated mechanisms for getting their infections spread throughout the web and keeping them running for a long time. The exploits can operate in one of several ways, including intercepting a user’s clickstream on random hyperlinks and substituting them with redirects to advertising websites.
Adblockers either on endpoints or at the network level can also help to prevent malvertising from causing harm.
Source: [SiliconAngle]
Cyber Security is Everyone’s Responsibility
A recent survey found that 41% of respondents said that poor quality training, or a lack of training altogether, and insider threats were impacting their organisation’s security. Cyber security involves everyone as any employee can be an entry point for a cyber incident, but they also have the power to prevent one. It is important to make sure all employees are provided adequate training. Not every role requires the same training however, so it is important for organisations to identify and provide training that is appropriate to employees. Black Arrow provide live in person and online instructor lead cyber security training, both through Cyber Risk and Governance Workshops for Senior Leadership and Awareness, Behaviour and Culture Training for employees and contractors.
Source: [IT Pro Today]
QR Code Hacks Are Another Thing to Worry About Now
One of the upcoming technologies thrust upon us is QR codes. At this point, you can find them at most restaurants and parking sites. You simply scan the code and you are taken to the relevant site, for example, the menu for the restaurant. Attackers have cottoned on to this and started to use QR codes in phishing attacks; the idea being that the victim will scan the code without scrutinising it and be taken to a malicious website instead.
Source: [Bloomberg]
Security Basics Aren’t So Basic Anymore
The basics of cyber security, it turns out, aren’t so basic anymore. What was considered basic has moved way beyond just having firewalls and antivirus, and the most basic controls nowadays include more advanced controls such as robust identity and access management, multi-factor authentication (MFA) and patching and vulnerability management. Many of these now basic controls are lacking or non-existent across the economy according to cyber security experts. A report found that only 28% of Microsoft users had MFA enabled as 2022 closed.
You can’t solve all the problems at once. However, progress on these fronts also relies heavily on the need for a cultural shift. Organisations need to get to the point where they view cyber security in the same light as locks on doors and seatbelts in cars.
Source: [CioDive]
Apple MacOS Security Myths
Apple has maintained a reputation as being more secure than other manufacturers, and whilst Apple has put many different security mechanisms into its operating system, no technology is bulletproof. Assuming an Apple device is invulnerable can lead users to believe that their Mac will not get viruses or be subject to a plethora of other cyber threats. As a result, this can lead to poor cyber hygiene from the individual, as they assume they are safe regardless of what they do. Apple users need to remain every bit as aware of risks, social engineering, keeping devices up to date, and having appropriate security controls.
Source: [Huntress]
Security Leaders Report Misalignment of Investments and Risk Reduction
The cyber risk landscape was analysed in a recent report that examined the amount of risk that organisations are willing to accept, their resource constraints and key priorities for approaching cyber risk in the future. The report found 66% of respondents indicating that they have limited visibility and insight into their cyber risk profiles, hindering their ability to prioritise investments and allocate resources effectively. 67% of organisations experienced a breach requiring attention within the last two years despite having traditional threat-based security measures in place. Further, 61% of security executives expressed concerns over the current misalignment between cyber security investments and their organisation's risk reduction priorities.
Source: [InfoSecurity Magazine]
Many CISOs Tout SaaS (Cloud) Cyber Security Confidence, but 79% Admit to Incidents
Cyber security, IT, and business leaders alike recognise SaaS (cloud) cyber security as an increasingly important part of the cyber threat landscape. And at first glance, respondents appear generally optimistic about their SaaS cyber security as 85% answered that they are confident or very confident in their company's or customer's data security in sanctioned SaaS apps.
Despite the confidence, 79% of respondents confirmed that their organisation had identified SaaS cyber security incidents over the past 12 months. Many of those incidents occurred in environments with cyber security policies in place and enforced, as 66% of respondents claimed in their responses.
Source: [The Hacker News]
If You Ever Used Duolingo, Watch Out for Phishing Email
Users of Duolingo, past and present, should be wary of phishing emails as data on about 2.6 million accounts were scraped through an exposed application programming interface (API), and then offered on a hacking forum back in January. Login and real names, email addresses, phone numbers, and courses studied were part of the collection, which went for $1,500. Now that data has resurfaced on a different forum, and at a substantially lower cost of just a few dollars, users of the service can expect this data to be used in fresh phishing campaigns.
Source: [PCWorld]
91% of Security and IT Professionals: Criminals are Already Using AI in Email Attacks
Recent research found that 91% of security and IT professionals are noticing cyber criminals already using AI as part of email attack campaigns, with 74% indicating they have experienced an increase in the use of AI by cyber criminals in the past six months. This is worrying as 52% reported that email security is among one of their top three concerns.
Organisations need to make sure that their technologies, procedures and policies are updated to factor in AI-enabled email attacks to help reduce the risk they pose to the organisation. Such improvements should also include employees.
Source: [PR Newswire]
Governance, Risk and Compliance
Cyber security 'number one on the agenda in boardrooms,' Cramer says (cnbc.com)
Firms have mere hours to deflect cyber attacks, warns cyber security CEO (cointelegraph.com)
The End of “Groundhog Day” for the Security in the Boardroom Discussion? - SecurityWeek
How Cyber Security Leaders Can Help Lower Expenses While Reducing Risk (informationweek.com)
Cyber crime: A Multi-Billion-Dollar Industry (thecyberwire.com)
How the downmarket impacted enterprise cyber security budgets - Help Net Security
The Changing Landscape of Cyber Security Education (inforisktoday.com)
Protect Your Cyber Security Budget and Your Organisation | Dell USA
Rapid cyber attacks demand modernised security, says Palo Alto CEO (crypto.news)
Threats
Ransomware, Extortion and Destructive Attacks
Cl0p dumps all MOVEit victim data on clearnet, threat insiders talk ransom strategy | Cybernews
Cuba ransomware gang looking for unpatched Veeam installations: Report | IT Business
Ransomware attacks broke records in July, mainly driven by this one group | ZDNET
Hosting firm says it lost all customer data after ransomware attack (bleepingcomputer.com)
Would You Infect Others to Rid Yourself of Ransomware? (makeuseof.com)
How Application Allowlisting Combats Ransomware Attacks (securityintelligence.com)
Akira ransomware gang spotted targeting Cisco VPN products to hack organisations-Security Affairs
Why Ransomware Gangs Opt for Encryption-Less Attacks (govinfosecurity.com)
MOVEit Health Data Breach Tally Keeps Growing (inforisktoday.com)
British intelligence is tipping off ransomware targets to disrupt attacks (therecord.media)
What the Hive Ransomware Case Says About RaaS and Cryptocurrency (darkreading.com)
Three trends to watch in the growing threat landscape (betanews.com)
Ransomware Victims
Cl0p dumps all MOVEit victim data on clearnet, threat insiders talk ransom strategy | Cybernews
Hosting firm says it lost all customer data after ransomware attack (bleepingcomputer.com)
BlackCat ransomware group claims the hack of Seiko network -Security Affairs
Mysterious Cyber Attack Shuts Down Yet More Telescopes For Weeks | IFLScience
St Helens Council hit by suspected Ransomware cyber attack | St Helens Star
Phishing & Email Based Attacks
91% of security pros say cyber criminals are using AI in email attacks | Security Magazine
Cyber criminals turn to AI to bypass modern email security measures - Help Net Security
New Generation of Phishing Hides Behind Trusted Services (securityintelligence.com)
New phishing campaign recognised in Europe and South America | Security Magazine
If you ever used Duolingo, watch out for phishing emails | PCWorld
Open redirect flaws increasingly exploited by phishers - Help Net Security
How to spot phishing on a hacked WordPress website | Kaspersky official blog
New Telegram Bot "Telekopye" Powering Large-scale Phishing Scams from Russia (thehackernews.com)
eBay Users Beware Russian 'Telekopye' Telegram Phishing Bot (darkreading.com)
Phish in a Barrel: Real-World Cyber Attack Examples (govinfosecurity.com)
Email Security: Top 5 Threats and How to Protect Your Business - ReadWrite
BEC – Business Email Compromise
Other Social Engineering; Smishing, Vishing, etc
Blockchain Capital’s Bart Stephens Lost $6.3 Million In SIM-Swap Hack (forbes.com)
What Is Virtual Kidnapping and How Can You Fight It? (makeuseof.com)
Artificial Intelligence
Cyber criminals turn to AI to bypass modern email security measures - Help Net Security
Tricks for making AI chatbots break rules are freely available online | New Scientist
What Is Virtual Kidnapping and How Can You Fight It? (makeuseof.com)
Generative AI Is Scraping Your Data. So, Now What? (darkreading.com)
Fake versions of Google Bard are spreading malware | TechRadar
AI and the evolution of surveillance systems - Help Net Security
Thinking of Deploying Generative AI? You May Already Have (govinfosecurity.com)
Three trends to watch in the growing threat landscape (betanews.com)
Careful -- Hackers are targeting Google Bard ads for malware | Digital Trends
Malware
Serious WinRAR Flaw Can Be Exploited to Launch Malware (pcmag.com)
Hackers use VPN provider's code certificate to sign malware (bleepingcomputer.com)
HiatusRAT Malware Resurfaces: Taiwan Firms and US Military Under Attack (thehackernews.com) Ask the Mac Guy: macOS Security Myths (huntress.com)
New Variant of XLoader macOS Malware Disguised as 'OfficeNote' Productivity App (thehackernews.com)
Researchers Uncover New Lazarus Group Malware Details | Decipher (duo.com)
Mobile
Denial of Service/DoS/DDOS
Internet of Things – IoT
TP-Link smart bulbs can let hackers steal your WiFi password (bleepingcomputer.com)
When Your Home Security System Turns the Camera on You | The Epoch Times
Anticipating the next wave of IoT cyber security challenges - Help Net Security
The Physical Impact of Cyber Attacks on Cities (darkreading.com)
Smart Cities: Utopian Dream, Security Nightmare, or Political Gimmick? - SecurityWeek
Data Breaches/Leaks
Tesla Data Breach Investigation Reveals Inside Job (darkreading.com)
Leak of 75k staff records was insiders' fault, Tesla claims • The Register
Guernsey CCTV investigation widened after more footage leaked | Bailiwick Express Jersey
Scraped data of 2.6 million Duolingo users released on hacking forum (bleepingcomputer.com)
Thousands of Charity Donors Have Details Leaked Onto Dark Web | The Epoch Times
How a Christie’s website revealed where people kept their art | The Seattle Times
Defence contractor Belcan leaks admin password with a list of flaws-Security Affairs
What lessons must be learned from the Electoral Register cyber attack? | theHRD (thehrdirector.com)
5 Early Warning Indicators That Are Key to Protecting National Secrets (darkreading.com)
University of Minnesota Confirms Data Breach, Says Ransomware Not Involved - SecurityWeek
Organised Crime & Criminal Actors
Check Point reveals 8% spike in global cyber attacks by mid-2023 (securitybrief.co.nz)
UK Court Convicts Lapsus$ Hacker for Breaching ISP BT and EE UPDATE - ISPreview UK
Cyber crime: A Multi-Billion-Dollar Industry (thecyberwire.com)
Hacking group KittenSec claims to 'pwn anything we see' to expose corruption | CyberScoop
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Blockchain Capital’s Bart Stephens Lost $6.3 Million In SIM-Swap Hack (forbes.com)
What the Hive Ransomware Case Says About RaaS and Cryptocurrency (darkreading.com)
Insider Risk and Insider Threats
Leak of 75k staff records was insiders' fault, Tesla claims • The Register
Three trends to watch in the growing threat landscape (betanews.com)
Phish in a Barrel: Real-World Cyber Attack Examples (govinfosecurity.com)
Fraud, Scams & Financial Crime
Interpol arrest 14 who allegedly scammed $40m from victims • The Register
Germany Hunts for Cyber Criminals Amid Billion-Euro Scams - Bloomberg
Sneaky Amazon Google ad leads to Microsoft support scam (bleepingcomputer.com)
Blockchain Capital’s Bart Stephens Lost $6.3 Million In SIM-Swap Hack (forbes.com)
Surge in identity crime victims reporting suicidal thoughts - Help Net Security
Impersonation Attacks
Deepfakes
Insurance
Cyber security insurance is missing the risk - Help Net Security
Cyber Security Insurance Market Size & Share Analysis - (globenewswire.com)
Dark Web
Supply Chain and Third Parties
Cloud/SaaS
Cloud hosting firms hit by devastating ransomware attack - Help Net Security
Warning: Attackers Abusing Legitimate Internet Services (inforisktoday.com)
Maintaining consistent security in diverse cloud infrastructures - Help Net Security
How API authentication vulnerabilities are at the center of cloud security concerns | CSO Online
Lack of visibility into cloud access policies leaves enterprises flying blind - Help Net Security
Cloud services are creating more cyber-risks for telcos - Mobile Europe
Identity and Access Management
Ongoing Duo outage causes Azure Auth authentication errors (bleepingcomputer.com)
Cisco's Duo Security suffers major authentication outage • The Register
Encryption
API
Understanding how attackers exploit APIs is more important than ever - Help Net Security
How API authentication vulnerabilities are at the centre of cloud security concerns | CSO Online
Biometrics
ICO publishes guidance on use of biometric data in the UK - Tech Monitor
Is Facial Recognition Technology Becoming a Privacy Risk? (makeuseof.com)
Facial Recognition Technology (FRT) Statistics for 2023 (techreport.com)
Social Media
Malvertising
Sneaky Amazon Google ad leads to Microsoft support scam (bleepingcomputer.com)
Malware-infected advertising grows ever more sophisticated, and lethal - SiliconANGLE
Careful -- Hackers are targeting Google Bard ads for malware | Digital Trends
Training, Education and Awareness
2023 Cyber Security Awareness Month Appeal: Make Online Security Easier (govtech.com)
The Changing Landscape of Cyber Security Education (inforisktoday.com)
Parental Controls and Child Safety
Cyber Bullying, Cyber Stalking and Sextortion
Regulations, Fines and Legislation
Apple security updates could be banned by British government (9to5mac.com)
How EU lawmakers can make mandatory vulnerability disclosure responsible - Help Net Security
Morgan Stanley Fined for UK Energy Trading WhatsApp Breach (yahoo.com)
Controversial Cyber crime Law Passes in Jordan (darkreading.com)
Experian Pays $650,000 to Settle Spam Claims - Infosecurity Magazine (infosecurity-magazine.com)
Strengthening Cyber Security In Finance: A Look At EU DORA Regulations (forbes.com)
Backup and Recovery
Data Protection
ICO publishes guidance on use of biometric data in the UK - Tech Monitor
Experian Pays $650,000 to Settle Spam Claims - Infosecurity Magazine (infosecurity-magazine.com)
Careers, Working in Cyber and Information Security
Unrealistic expectations exacerbate the cyber security talent shortage - Help Net Security
It's Time to Approach The Cyber Security Skills Gap Differently - IT Security Guru
How To Become Chief Information Security Officer - The Economic Times (indiatimes.com)
4 ways simulation training alleviates team burnout - Help Net Security
Tens of thousands of students receive free training to build cyber skills - The Business Magazine
5 Ways SMBs Can Bridge the Cyber Security Skills Gap | Mimecast
The Importance of Accessible and Inclusive Cyber Security (securityintelligence.com)
Law Enforcement Action and Take Downs
Interpol arrest 14 who allegedly scammed $40m from victims • The Register
UK Court Convicts Lapsus$ Hacker for Breaching ISP BT and EE UPDATE - ISPreview UK
Germany Hunts for Cyber Criminals Amid Billion-Euro Scams - Bloomberg
Privacy, Surveillance and Mass Monitoring
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare and Cyber Espionage
Russia
Incident response lessons learned from the Russian attack on Viasat | CSO Online
Ukrainian hackers claim to leak emails of Russian parliament deputy chief (therecord.media)
New Telegram Bot "Telekopye" Powering Large-scale Phishing Scams from Russia (thehackernews.com)
China
Mounting Cyber Espionage and Hacking Threat from China - Modern Diplomacy
HiatusRAT Malware Resurfaces: Taiwan Firms and US Military Under Attack (thehackernews.com)
New Supply Chain Attack Hit Close to 100 Victims—and Clues Point to China | WIRED
Exposed: the Chinese spy using LinkedIn to hunt UK secrets (thetimes.co.uk)
FBI: Suspected Chinese actors continue Barracuda ESG attacks | TechTarget
Microsoft says Chinese hacking crew is targeting Taiwan | CyberScoop
US space companies face foreign spy threat, intelligence agencies say (usatoday.com)
North Korea
N. Korean Kimsuky APT targets S. Korea-US military exercises-Security Affairs
Researchers Uncover New Lazarus Group Malware Details | Decipher (duo.com)
Misc/Other/Unknown
Vulnerability Management
NCSC issues warning on cyber vulnerabilities (ukdefencejournal.org.uk)
How EU lawmakers can make mandatory vulnerability disclosure responsible - Help Net Security
Vulnerabilities
Juniper Networks fixes flaws leading to RCE in firewalls and switches - Help Net Security
Serious WinRAR Flaw Can Be Exploited to Launch Malware (pcmag.com)
Ivanti issues fix for third zero-day flaw exploited in the wild | TechTarget
Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability - SecurityWeek
FBI: Patches for Recent Barracuda ESG Zero-Day Ineffective - SecurityWeek
Critical Adobe ColdFusion Flaw Added to CISA's Exploited Vulnerability Catalog (thehackernews.com)
3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability - SecurityWeek
Western Digital patches potentially dangerous security flaw, so update now | TechRadar
Tools and Controls
How Cyber Security Leaders Can Help Lower Expenses While Reducing Risk (informationweek.com)
Security leaders report misalignment of investments and risk reduction | Security Magazine
Cyber security insurance is missing the risk - Help Net Security
Bolstering Cyber Security: Why Browser Security Is Crucial (inforisktoday.com)
How Application Allowlisting Combats Ransomware Attacks (securityintelligence.com)
The Vanishing Data Loss Prevention (DLP) Category - IT Security Guru
Unveiling the Hidden Risks of Routing Protocols (darkreading.com)
Hackers use VPN provider's code certificate to sign malware (bleepingcomputer.com)
Network detection and response in the modern era - Help Net Security
What’s Beyond SASE? The Next Steps (informationsecuritybuzz.com)
Prevention First: Don’t Neglect Endpoint Security | CSO Online
More Than Half of Browser Extensions Pose Security Risks (darkreading.com)
Protect Your Cyber Security Budget and Your Organisation | Dell USA
How the downmarket impacted enterprise cyber security budgets - Help Net Security
SEC Cyber Security Rules: Considerations for Incident Response Planning
Maintaining consistent security in diverse cloud infrastructures - Help Net Security
How API authentication vulnerabilities are at the centre of cloud security concerns | CSO Online
The Needs of a Modernized SOC for Hybrid Cloud (securityintelligence.com)
2023 Cyber Security Awareness Month Appeal: Make Online Security Easier (govtech.com)
The MOVEit hack and what it taught us about application security (bleepingcomputer.com)
The Changing Landscape of Cyber Security Education (inforisktoday.com)
Akamai Survey Finds Third-Party Defences Help Reduce Risk from Online Threats (prnewswire.com)
5 Best Practices for Implementing Risk-First Cyber Security (darkreading.com)
What's Going on With LastPass, and is it Safe to Use? (securityintelligence.com)
Malicious web application transactions skyrocket 500% (securitybrief.co.nz)
Other News
Our health care system may soon receive a much-needed cyber security boost | Ars Technica
Swan Retail cyber attack: 300 retailers crippled by breach (techmonitor.ai)
Cyber Attack on Energy One affects corporate systems in Australia and the UK | CSO Online
Vendors criticize Microsoft for repeated security failings | TechTarget
Microsoft's become a cyber security titan. That could be a problem - Tech Monitor
Global Naval Communication Market Research Report (globenewswire.com)
IT's rising role in physical security technology - Help Net Security
Hackers knocked out San Francisco's main real estate database | Fortune
Microsoft's 6 Biggest Hacks: Is Better Security Needed? (makeuseof.com)
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
As usual, contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.
Black Arrow Cyber Threat Briefing 12 May 2023
Black Arrow Cyber Threat Briefing 12 May 2023:
-79% of Cyber Pros Make Decisions Without Threat Intelligence
-61% of Business Leadership Overlook the Role of Cyber Security as a Business Enabler and as being Key to Business Success
-Risk Managers Warn Cyber Insurance Could Become ‘Unviable Product’
-Small and Medium-Sized Businesses: Don’t Give up on Cyber Security
-AI Has Been Dubbed a 'Nuclear' Threat to Cyber Security, but It Can Also Be Used for Defence
-Paying Cyber Hijackers’ Ransoms Doubles Cost of Recovery, Sophos Study Shows
-Majority of US, UK CISOs Unable to Protect Company 'Secrets'
-Company Executives Can’t Afford to Ignore Cyber Security Anymore
-BEC Campaign via Israel Spotted Targeting Multinational Companies
-CISOs Worried About Personal Liability for Breaches
-UK, US and International Allies Uncover Russian Snake Malware Network in 50+ Countries
-Plug-and-Play Microsoft 365 Phishing Tool 'Democratizes' Attack Campaigns
Welcome to this week’s Black Arrow Cyber Threat Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Top Cyber Stories of the Last Week
79% of Cyber Pros Make Decisions Without Threat Intelligence
In a recent report, 79% of security pros say they make decisions without adversary insights “at least the majority of the time.” Why aren’t companies effectively leveraging threat intelligence? And does the C-Suite know this is going on?
Threat intelligence helps organisations stay informed about the latest cyber threats and vulnerabilities. By gathering and analysing information about potential attacks, threat intelligence can provide organisations with valuable insights into the tactics, techniques and procedures (TTPs) used by cyber criminals.
Given the deep value provided by threat intelligence, why aren’t more cyber pros taking advantage of it?
61% of Business Leadership Overlook the Role of Cyber Security as a Business Enabler and as being Key to Business Success
A recent report found only 39% of respondents think their company's leadership has a sound understanding of cyber security's role as a business enabler. Cyber security can be a huge business enabler; executive leaders need to think of cyber security in terms of the value it can deliver at a more strategic level.
Risk Managers Warn Cyber Insurance Could Become ‘Unviable Product’
The Federation of European Risk Management Associations (FERMA), an umbrella body representing 22 trade associations, said the cyber insurance market is “evolving in isolation from the industries it serves”.
It highlighted a move by Lloyd’s of London, the specialist insurance market and hub for cyber insurance, demanding that standard cyber policies have an exemption for big state-backed attacks.
“Without a more collaborative approach to cyber balancing the risk appetite of the insurance market with the coverage requirements of the corporate buyers, there is a risk that cyber insurance becomes an unviable product for many organisations,” FERMA said in a statement shared with the Financial Times.
The intervention is the strongest yet by the business lobby over the controversial exemption and wider concerns about cyber insurance.
https://www.ft.com/content/401629cc-e68a-41a4-8d50-e7c0d3e27835
Small and Medium-Sized Businesses: Don’t Give up on Cyber Security
In today’s increasingly hostile environment, every enterprise, big or small, should be concerned about cyber security and have access to protection from hackers, scammers, phishers, and all the rest of the host of bad actors who seem to be sprouting up around the world.
Yet time and again, small and medium-sized businesses (SMBs) are left out in the cold, an unaddressed market segment that finds real protection either too expensive or far too complex to adopt. Thus, cyber security becomes an “afterthought” or “add when we can” kind of service that leaves SMBs far more vulnerable than the corporate giants — just reading the news every day shows even they aren’t immune to ransomware, intrusions, and data theft. If you haven’t already, start thinking about security now.
AI Has Been Dubbed a 'Nuclear' Threat to Cyber Security, but It Can Also Be Used for Defence
Hackers using ChatGPT are faster and more sophisticated than before, and cyber security analysts who don’t have access to similar tools can very quickly find themselves outgunned and outsmarted by these AI-assisted attackers. However, corporations are stumbling to figure out governance around AI, and while they do so, their employees are clearly defying rules and possibly jeopardising company operations. According to a study of 1.6 million workers, 3.1% input confidential company information into ChatGPT. Although the number seems small, 11% of users' questions include private information. This is a fatal flaw for corporate use considering how hackers can manipulate the system into giving them previously hidden information. In another study, it was found that 80% of security professionals used AI, with 46% of these giving specialised capabilities as a reason.
Paying Cyber Hijackers’ Ransoms Doubles Cost of Recovery, Sophos Study Shows
In three out of four cyber attacks, the hijackers succeeded in encrypting victims’ data, cyber security provider Sophos said in its newly released State of Ransomware 2023 report.
The rate of data encryption amounted to the highest from ransomware since Sophos first issued the report in 2020. Overall, roughly two-thirds of the 3,000 cyber security/IT leaders’ organisations were infected by a ransomware attack in the first quarter of 2023, or the same percentage as last year.
Much advice has been doled out by cyber security providers and law enforcement urging organisations to not pay a ransom. According to Sophos’ survey, the data shows that when organisations paid a ransom to decrypt their data, they ended up doubling their recovery costs. On average, those organisations paying ransoms for decryption forked out $750,000 in recovery costs versus $375,000 for organisations that used backups to recover their data.
Moreover, paying the ransom usually meant longer recovery times, with 45% of those organisations that used backups recovering within a week, compared to 39% of those that paid the ransom.
Majority of US, UK CISOs Unable to Protect Company 'Secrets'
A recent study found 75% of organisations have experienced a data leak involving company secrets, including API keys, usernames, passwords, and encryption keys, in the past. It was found that about 52% of chief information and security officers (CISOs) in the US and UK organisations are unable to fully secure their company secrets. The study showed that a huge chunk of the IT sector realises the danger of exposed secrets. Seventy-five percent said that a secret leak has happened in their organisation in the past, with 60% acknowledging it caused serious issues for the company, employees, or both. The report has pointed out that even though secrets management practice across the US and the UK has seen some maturity, it still needs to go a long way.
Company Executives Can’t Afford to Ignore Cyber Security Anymore
In a recent survey, when asked about the Board and C-Suite‘s understanding of cyber security across the organisation, only 36% of respondents believe that it is considered important only in terms of compliance and regulatory demands, while 17% said it is not seen as a business priority. The disconnect between business and security goals appears to have caused at least one negative consequence to 89% of respondents’ organisations, with 26% also reporting it resulted in an increased number of successful cyber attacks at their company. On the misalignment of cyber security goals, respondents believed it contributed to delays in investments (35%), delays in strategic decision making (34%), and unnecessary increases in spending (27%).
https://www.helpnetsecurity.com/2023/05/10/cybersecurity-business-goals-alignment/
BEC Campaign via Israel Spotted Targeting Multinational Companies
An Israel-based threat group was discovered carrying out a business email compromise (BEC) campaign primarily targeting large and multinational enterprises. The group has conducted 350 BEC campaigns since February 2021, with email attacks targeting employees from 61 countries across six continents. The group operate through two personas — a CEO and an external attorney and spoofed email addresses using real domains.
CISOs Worried About Personal Liability for Breaches
Over three-fifths (62%) of global CISOs are concerned about being held personally liable for successful cyber attacks that occur on their watch, and a similar share would not join an organisation that fails to offer insurance to protect them, according to Proofpoint annual ‘Voice of the CISO’ survey for 2023. The security vendor polled 1600 CISOs from organisations of 200 employees or more across different industries in 16 countries to compile the report.
It revealed that CISOs in sectors with high volumes of sensitive data and/or heavy regulation such as retail (69%), financial services (65%) and manufacturing (65%) are most likely to demand insurance coverage.
Such concerns only add to the mental load on corporate IT security bosses. A combination of high-stress working environments, shrinking budgets and personal liability could be harming CISOs’ quality of life. Some 60% told Proofpoint they’ve experienced burnout in the past 12 months.
CISOs are most likely to experience burnout in the retail (72%) and IT, technology and telecoms (66%) industries.
https://www.infosecurity-magazine.com/news/cisos-worried-personal-liability/
UK, US and International Allies Uncover Russian Snake Malware Network in 50+ Countries
The UK NCSC along with the US National Security Agency (NSA) and various international partner agencies have discovered infrastructure connected with the sophisticated Russian cyber-espionage tool Snake in over 50 countries worldwide. Snake operations have been attributed to a specific unit within Russia’s Federal Security Service (FSB), Center 16.
Cyber criminals reportedly used Snake to retrieve and remove confidential documents related to international relations and diplomatic communications.
According to an advisory published by the agencies on Tuesday, the FSB targeted various industries, including education, small businesses, media, local government, finance, manufacturing and telecommunications. The Snake malware is installed on external infrastructure nodes for further exploitation.
According to the NSA Russian government actors have used this tool for years for intelligence collection and it is hoped that the technical details shared in the advisory will help many organisations find and shut down the malware globally.
https://www.infosecurity-magazine.com/news/nsa-uncovers-russian-snake-malware/
Plug-and-Play Microsoft 365 Phishing Tool 'Democratizes' Attack Campaigns
A new phishing-as-a-service tool called "Greatness" is being used in attacks targeting manufacturing, healthcare, technology, and other sectors.
Researchers at Cisco Talos detailed their findings on "Greatness," a one-stop-shop for all of a cyber criminal's phishing needs. With Greatness, anyone with even rudimentary technical chops can craft compelling Microsoft 365-based phishing lures, then carry out man-in-the-middle attacks that steal authentication credentials — even in the face of multifactor authentication (MFA) — and much more.
The tool has been in circulation since at least mid-2022 and has been used in attacks against enterprises in manufacturing, healthcare, and technology, among other sectors. Half of the targets thus far have been concentrated in the US, with further attacks occurring around Western Europe, Australia, Brazil, Canada, and South Africa.
https://www.darkreading.com/cloud/plug-and-play-microsoft-365-phishing-tool-democratizes-attacks
Threats
Ransomware, Extortion and Destructive Attacks
Make them pay: Hackers devise new tactics to ensure ransomware payment | CSO Online
Ransomware gangs display ruthless extortion tactics in April | TechTarget
Our appetite for data increases the risk of being held to ransom (thetimes.co.uk)
Paying Cyber Hijackers’ Ransoms Doubles Cost of Recovery, Sophos Study Shows - MSSP Alert
Refined methodologies of ransomware attacks - Help Net Security
Ranking ransomware: The gangs, the malware and the ever-present risks | CyberScoop
Ransomware Encryption Rates Reach New Heights - Infosecurity Magazine (infosecurity-magazine.com)
UK ‘increasingly concerned’ ransomware victims are keeping incidents secret (therecord.media)
Royal ransomware gang quickly expands reign | SC Media (scmagazine.com)
Legitimate Software Abuse: A Disturbing Trend in Ransomware Attacks (darkreading.com)
Ransomware attack confirmed at Rochester Public Schools, FBI alerted - Bring Me The News
Constellation Struck By Ransomware Attack, ALPHV Lays Claim (informationsecuritybuzz.com)
New Ransomware Strain 'CACTUS' Exploits VPN Flaws to Infiltrate Networks (thehackernews.com)
New Akira Ransomware Operation Hits Corporate Networks | Black Hat Ethical Hacking
Babuk code used by 9 ransomware gangs to encrypt VMWare ESXi servers (bleepingcomputer.com)
$1.1M Paid to Resolve Ransomware Attack on California County - SecurityWeek
Western Digital store offline due to March breach - Help Net Security
Western Digital Confirms Ransomware Group Stole Customer Information - SecurityWeek
Former Conti members are behind latest Royal ransomware hacking spree, report finds (axios.com)
Hackers Contacted Dragos CEO’s Son, Wife in Extortion Attempt - Bloomberg
Multiple Ransomware Groups Adapt Babuk Code to Target ESXi VMs (darkreading.com)
Australian software giant won’t say if customers affected by hack | TechCrunch
Multinational tech firm ABB hit by Black Basta ransomware attack (bleepingcomputer.com)
Phishing & Email Based Attacks
Gmail gets blue verification checks to protect against spoofing and phishing | ZDNET
Phishing Ring Bust, Spanish Police Have Arrested 40 People (informationsecuritybuzz.com)
BEC – Business Email Compromise
2FA/MFA
Malware
Chrome users, stay alert: Malware may be just one click away - gHacks Tech News
Microsoft issues optional fix for Secure Boot zero-day used by malware (bleepingcomputer.com)
56,000+ cloud-based apps at risk of malware exfiltration - Help Net Security
Millions of mobile phones come pre-infected with malware • The Register
Severe Ruckus RCE Flaws Utilized By Fresh DDoS Botnet Malware (informationsecuritybuzz.com)
Fake system update drops Aurora stealer via Invalid Printer loader (malwarebytes.com)
Stealthier version of Linux BPFDoor malware spotted in the wild (bleepingcomputer.com)
Mobile
Millions of mobile phones come pre-infected with malware • The Register
Mobile hacking and spyware – understanding the risks - TechHQ
Google Announces New Privacy, Safety, and Security Features Across Its Services (thehackernews.com)
Google Improves Android Security With New APIs - SecurityWeek
New Android FluHorse malware steals your passwords, 2FA codes (bleepingcomputer.com)
New Android updates fix kernel bug exploited in spyware attacks (bleepingcomputer.com)
Botnets
Fortinet warns of a spike of the activity linked to AndoryuBot botnet- Security Affairs
RapperBot DDoS malware adds cryptojacking as new revenue stream (bleepingcomputer.com)
Denial of Service/DoS/DDOS
FBI seizes 13 more domains linked to DDoS-for-hire services (bleepingcomputer.com)
Severe Ruckus RCE Flaws Utilized By Fresh DDoS Botnet Malware (informationsecuritybuzz.com)
Fortinet warns of a spike of the activity linked to AndoryuBot botnet- Security Affairs
RapperBot DDoS malware adds cryptojacking as new revenue stream (bleepingcomputer.com)
Internet of Things – IoT
Data Breaches/Leaks
Security researcher finds trove of Capita data exposed online | TechCrunch
In a new hacking crime wave, more personal data is being held hostage (cnbc.com)
Western Digital says hackers stole customer data in March cyber attack (bleepingcomputer.com)
Leak of MSI UEFI signing keys stokes fears of “doomsday” supply chain attack | Ars Technica
Boot Guard Keys From MSI Hack Posted, Many PCs Vulnerable | Tom's Hardware(tomshardware.com)
1 Million Impacted by Data Breach at NextGen Healthcare - SecurityWeek
Twitter admits 'security incident' broke Circle privacy • The Register
Food distribution giant Sysco warns of data breach after cyber attack (bleepingcomputer.com)
North Korean Hackers Stole 830K Data From Seoul's Top Hospital (informationsecuritybuzz.com)
Brightly warns of SchoolDude data breach exposing credentials (bleepingcomputer.com)
Simplify data hack cost the firm almost £7m - Property Industry Eye
Organised Crime & Criminal Actors
In a new hacking crime wave, more personal data is being held hostage (cnbc.com)
The Team of Sleuths Quietly Hunting Cyber attack-for-Hire Services | WIRED
Phishing Ring Bust, Spanish Police Have Arrested 40 People (informationsecuritybuzz.com)
Former Ubiquiti Employee Who Posed as Hacker Sentenced to Prison - SecurityWeek
UK cops score another legal win in EncroChat spying case • The Register
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Insider Risk and Insider Threats
Human Error Drives Most Cyber Incidents. Could AI Help? (hbr.org)
Overlooking These 4 Critical Measures Expose Your Company to Cyber Attacks | Entrepreneur
Fraud, Scams & Financial Crime
UK’s new fraud strategy too weak to tackle soaring crime, say experts | Financial Times (ft.com)
Your voice could be your biggest vulnerability - Help Net Security
QR codes used in fake parking tickets, surveys to steal your money (bleepingcomputer.com)
Deepfakes
Insurance
Dark Web
Supply Chain and Third Parties
Security researcher finds trove of Capita data exposed online | TechCrunch
Cyber hack to cost UK outsourcer Capita up to $25 mln | Reuters
Leak of MSI UEFI signing keys stokes fears of “doomsday” supply chain attack | Ars Technica
Software Supply Chain
Cloud/SaaS
56,000+ cloud-based apps at risk of malware exfiltration - Help Net Security
How to reduce risk with cloud attack surface management | TechTarget
ENISA leans into EU clouds with draft cyber security label • The Register
Hybrid/Remote Working
Attack Surface Management
Identity and Access Management
Top 3 trends shaping the future of cyber security and IAM - Help Net Security
Review your on-prem ADCS infrastructure before attackers do it for you | CSO Online
Why the FTX Collapse Was an Identity Problem (darkreading.com)
Asset Management
CISOs confront mounting obstacles in tracking cyber assets - Help Net Security
How Attack Surface Management Supports Continuous Threat Exposure Management (thehackernews.com)
Encryption
API
Open Source
India bans open source messaging apps on security grounds • The Register
Stealthier version of Linux BPFDoor malware spotted in the wild (bleepingcomputer.com)
Passwords, Credential Stuffing & Brute Force Attacks
83% of Americans’ Passwords Can Be Hacked in Less Than a Second, Study Shows (thedailybeast.com)
Top 5 Password Cracking Techniques Used by Hackers (bleepingcomputer.com)
Social Media
Twitter admits 'security incident' broke Circle privacy • The Register
TikTok tracked UK journalist via her cat's account - BBC News
Parental Controls and Child Safety
Regulations, Fines and Legislation
UK’s new fraud strategy too weak to tackle soaring crime, say experts | Financial Times (ft.com)
EU parliament report calls for tighter regulation of spyware | Surveillance | The Guardian
India bans open source messaging apps on security grounds • The Register
PEGA committee calls for EU level regulation of spyware • The Register
ENISA leans into EU clouds with draft cyber security label • The Register
Europe’s Moral Crusader Lays Down the Law on Encryption | WIRED
Scanning Plans On Europe's CSAM May Violate International Law (informationsecuritybuzz.com)
Governance, Risk and Compliance
Risk managers warn cyber insurance could become ‘unviable product’ | Financial Times (ft.com)
79% of Cyber Pros Make Decisions Without Threat Intelligence (securityintelligence.com)
Company executives can't afford to ignore cyber security anymore - Help Net Security
Majority of US, UK CISOs unable to protect company 'secrets': Report | CSO Online
Small- and medium-sized businesses: don’t give up on cyber security | CSO Online
(ISC)² Calls for Global Cyber security Standards, Collaboration, Frameworks - MSSP Alert
Organisations Reliant on Social Media For Threat Intelligence - TechRound
Recognizing Cyberthreat Trends For Effective Defence (forbes.com)
Digital trust can make or break an organisation - Help Net Security
Why more transparency around cyber attacks is good for everyone - NCSC
CISOs face mounting pressures, expectations post-pandemic | TechTarget
CISOs' confidence in post-pandemic security landscape fades - Help Net Security
Overlooking These 4 Critical Measures Expose Your Company to Cyber Attacks | Entrepreneur
NCSC and ICO Dispel Incident Reporting Myths - Infosecurity Magazine (infosecurity-magazine.com)
Models, Frameworks and Standards
(ISC)² Calls for Global Cyber security Standards, Collaboration, Frameworks - MSSP Alert
ENISA leans into EU clouds with draft cyber security label • The Register
Data Protection
Careers, Working in Cyber and Information Security
Law Enforcement Action and Take Downs
FBI seizes 13 more domains linked to DDoS-for-hire services (bleepingcomputer.com)
Phishing Ring Bust, Spanish Police Have Arrested 40 People (informationsecuritybuzz.com)
UK cops score another legal win in EncroChat spying case • The Register
Privacy, Surveillance and Mass Monitoring
The (Security) Cost of Too Much Data Privacy (darkreading.com)
Twitter admits 'security incident' broke Circle privacy • The Register
TikTok tracked UK journalist via her cat's account - BBC News
Artificial Intelligence
Top US cyber official warns AI may be the 'most powerful weapon of our time' | CyberScoop
Amazon Is Being Flooded With Books Entirely Written by AI (futurism.com)
Your voice could be your biggest vulnerability - Help Net Security
The security and privacy risks of large language models - Help Net Security
Spyware, Cyber Espionage & Cyber Warfare, including Russian Invasion of Ukraine
EU parliament report calls for tighter regulation of spyware | Surveillance | The Guardian
China targets foreign consulting companies in anti-spying raids | China | The Guardian
Mobile hacking and spyware – understanding the risks - TechHQ
New Android updates fix kernel bug exploited in spyware attacks (bleepingcomputer.com)
CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine (thehackernews.com)
PEGA committee calls for EU level regulation of spyware • The Register
FBI-led Operation Medusa kills Russian FSB malware network • The Register
How one of Vladimir Putin’s most prized hacking units got pwned by the FBI | Ars Technica
Nation State Actors
Microsoft warns Iran increasing its cyber-enabled influence operations | SC Media (scmagazine.com)
China labels USA ‘Empire of hacking’ citing old WikiLeaks • The Register
CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine (thehackernews.com)
LinkedIn shuts service in China, lays off employees | Fortune
Microsoft: Iranian hacking groups join Papercut attack spree (bleepingcomputer.com)
FBI-led Operation Medusa kills Russian FSB malware network • The Register
China targets foreign consulting companies in anti-spying raids | China | The Guardian
Beijing raids consultancy firm Capvision, promises more • The Register
SideWinder Strikes Victims in Pakistan, Turkey in Multiphase Polymorphic Attack (darkreading.com)
North Korean Hackers Stole 830K Data From Seoul's Top Hospital (informationsecuritybuzz.com)
People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices | CISA
Vulnerability Management
Vulnerabilities
Microsoft's May Patch Tuesday Fixes 38 Flaws, Including Active Zero-Day Bug (thehackernews.com)
Microsoft warns of two bugs under active exploit • The Register
Light May Patch Tuesday will weigh heavily on Windows admins | TechTarget
Fortinet fixed two severe issues in FortiADC and FortiOS-Security Affairs
New PaperCut RCE exploit created that bypasses existing detections (bleepingcomputer.com)
Microsoft issues optional fix for Secure Boot zero-day used by malware (bleepingcomputer.com)
Adobe Patches 14 Vulnerabilities in Substance 3D Painter - SecurityWeek
Severe Ruckus RCE Flaws Utilized By Fresh DDoS Botnet Malware (informationsecuritybuzz.com)
CyberGhost VPN patches command injection vulnerability | SC Media (scmagazine.com)
A Linux NetFilter kernel flaw allows escalating privileges to 'root'-Security Affairs
SAP Patches Critical Vulnerabilities With May 2023 Security Updates - SecurityWeek
Fortinet warns of a spike of the activity linked to AndoryuBot botnet-Security Affairs
Tools and Controls
Risk managers warn cyber insurance could become ‘unviable product’ | Financial Times (ft.com)
79% of Cyber Pros Make Decisions Without Threat Intelligence (securityintelligence.com)
Human Error Drives Most Cyber Incidents. Could AI Help? (hbr.org)
Identifying Compromised Data Can Be a Logistical Nightmare (darkreading.com)
Organisations Reliant on Social Media For Threat Intelligence - TechRound
Recognizing Cyberthreat Trends For Effective Defence (forbes.com)
Digital trust can make or break an organisation - Help Net Security
Prevent attackers from using legitimate tools against you - Help Net Security
How to implement principle of least privilege in Azure AD | TechTarget
What is Digital Forensics? Tools, Types, Phases & History (cybersecuritynews.com)
Microsoft enforces number matching to fight MFA fatigue attacks (bleepingcomputer.com)
AI Will Take Many Cyber security Jobs, But It's Not a Complete Disaster | PCMag
Google Broadens Dark Web Monitoring To Track All Gmail Users (informationsecuritybuzz.com)
5 SBOM tools to start securing the software supply chain | TechTarget
The Industrywide Consequences of Making Security Products Inaccessible (darkreading.com)
Top 3 trends shaping the future of cyber security and IAM - Help Net Security
Other News
The Team of Sleuths Quietly Hunting Cyber attack-for-Hire Services | WIRED
Why Should You Take IT Security Seriously? - IT Security Guru
To enable ethical hackers, a law reform is needed - Help Net Security
How datacentre operators can fend off cyber attacks | Computer Weekly
'Windows for Gamers' Rolls Dice With Your Security (vice.com)
Risk of cyber attack is main Eurovision worry, says BBC executive | Eurovision 2023 | The Guardian
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
As usual, contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.