Threat Intelligence Blog

Contact us to discuss any insights from our Blog, and how we can support you in a tailored threat intelligence report.

Black Arrow Admin Black Arrow Admin

Black Arrow Cyber Threat Briefing 05 May 2022

Black Arrow Cyber Threat Briefing 05 May 2022

-Cyber Scams Cost Victims $6.9b-Plus Worldwide in 2021

-Bad Actors Are Maximizing Remote Everything

-New Hacker Group Pursuing Corporate Employees Focused on Mergers and Acquisitions

-FBI: Business Email Compromise: The $43 Billion Scam

-Disgruntled Employees Cashing in On Confidential Information Over Dark Web

-Google Sees More APTs Using Ukraine War-Related Themes

-Cryptocurrency Regulators Are Scrambling to Catch Up with Hackers Who Are Swiping Billions

-Tackling the Threats Posed by Shadow IT

-Hackers Used the Log4j Flaw to Gain Access Before Moving Across a Company's Network, Say Security Researchers

-This Sneaky Hacking Group Hid Inside Networks For 18 Months Without Being Detected

Welcome to this week’s Black Arrow Cyber Threat Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.

Top Cyber Stories of the Last Week

  • Cyber Scams Cost Victims $6.9b-Plus Worldwide in 2021

Cyber-scams cost victims around the globe at least $6.9 billion last year, according to the FBI's latest Internet Crime Report.

Since 2017, the bureau's Internet Crime Complaint Center (IC3) received an average of 552,000 complaints per year. This includes reports of extortion, identity theft, phishing, fraud, and a slew of other nefarious schemes that cost victims no less than $18.7 billion in losses over the five-year period.

Unsurprisingly, the volume of these crimes — and related costs — have grown every year; 2021 set records for the total number of complaints (847,376) as well as losses exceeding $6.9 billion, a jump from the $4.2 billion reported a year earlier.

As with earlier years, phishing attacks were by far the most commonly reported crimes, with 323,972 last year. A subset of this category, business email compromise (BEC), is proving very lucrative and cost victims almost $2.4 billion from 19,954 victims, according to the Feds.

BEC involves a cyber criminal compromising a legitimate email account, and then tricking a business or individual into transferring funds, sending employees' personal data, or unlocking cryptocurrency wallets. The fraudster then steals the cash, drains the crypto wallet and/or sells employees' identities and credentials on the dark web.

https://www.theregister.com/2022/05/05/fbi_cyber_scams/

  • Bad Actors Are Maximising Remote Everything

The rise of remote work and learning opened new opportunities for many people – as we’ve seen by the number of people who have moved to new places or adapted to “workcations.” Cyber criminals are taking advantage of the same opportunities – just in a different way. Evaluating the prevalence of malware variants by region reveals a sustained interest by cyber adversaries in maximising the remote work and learning attack vector.

As hybrid work and learning become embedded paradigms in our culture, there are fewer layers of protection between malware and would-be victims. And bad actors are gaining access to more tools to help them pull off their nefarious deeds – like exploit kits. At the same time, the attack surface has rapidly expanded and continues to do so.

That means enterprises must take a work-from-anywhere approach to their security. They need to deploy solutions capable of following, enabling and protecting users no matter where they are located. They need security on the endpoint (EDR) combined with zero trust network access (ZTNA) approaches.

https://threatpost.com/bad-actors-remote-everything/179458/

  • This Sneaky Hacking Group Hid Inside Networks For 18 Months Without Being Detected

A previously undisclosed cyber-espionage group is using clever techniques to breach corporate networks and steal information related to mergers, acquisitions and other large financial transactions – and they've been able to remain undetected by victims for periods of more than 18 months.

Detailed by cyber security researchers at Mandiant, who've named it UNC3524, the hacking operation has been active since at least December 2019 and uses a range of advanced methods to infiltrate and maintain persistence on compromised networks that set it apart from most other hacking groups. These methods include the ability to immediately re-infect environments after access is removed. It's currently unknown how initial access is achieved. 

One of the reasons UNC3524 is so successful at maintaining persistence on networks for such a long time is because it installs backdoors on applications and services that don't support security tools, such as anti-virus or endpoint protection.

https://www.zdnet.com/article/this-sneaky-hacking-group-hid-inside-networks-for-18-months-without-being-detected/

  • FBI: Business Email Compromise: The $43 Billion Scam

According to the FBI, business email compromise (BEC) and email account compromise (EAC) losses have surpassed $43 billion globally. BEC/EAC is a sophisticated scam that targets both businesses and individuals who perform legitimate transfer-of-funds requests.

The BEC/EAC scam continues to grow and evolve, targeting small local businesses to larger corporations, and personal transactions. Between July 2019 and December 2021, there was a 65% increase in identified global exposed losses, meaning the dollar loss that includes both actual and attempted loss in United States dollars.

The following information was derived from filings with financial institutions between June 2016 and December 2021:

  • Domestic and international incidents: 241,206

  • Domestic and international exposed dollar loss: $43,312,749,946

The following BEC/EAC statistics were reported in victim complaints to the IC3 between October 2013 and December 2021:

  • Total US victims: 116,401

  • Total US exposed dollar loss: $14,762,978,290

  • Total non-US victims: 5,260

  • Total non-US exposed dollar loss: $1,277,131,099

https://informationsecuritybuzz.com/expert-comments/fbi-business-email-compromise-the-43-billion-scam/

  • Disgruntled Employees Cashing in On Confidential Information Over Dark Web

Disgruntled employees are making hundreds of thousands of dollars by leaking confidential information over a new platform on the so-called dark web, cyber researchers have said.

Hidden in a part of the internet that is only accessible using special software, the Industrial Spy platform promises huge payouts to staff willing to hand over "dirty secrets" to competitors, according to experts at intelligence business Cyberint.

Industrial Spy currently has data on twelve companies from a range of industries available to people who sign up, Cyberint said.

The platform recently managed to sell two tranches of company data for $400,000 (£318,236) and $750,000 each.

An individual has advertised the platform to potential purchasers of the data on the dark web.

The post said: "With our information you could refuse partnership with an unscrupulous partner, reveal dirty secrets of your competitors and earn millions of dollars using insider information."

Cyber criminals have long approached employees individually and offered a bribe to release sensitive information such as internal data and passwords to access computer systems.

But this new platform allows employees to act on their own initiative to steal data and sell it online.

https://www.telegraph.co.uk/business/2022/05/02/disgruntled-employees-cashing-confidential-information-dark/

  • Google Sees More APTs Using Ukraine War-Related Themes

Researchers at Google's Threat Analysis Group (TAG) say the number of advanced threat actors using Ukraine war-related themes in cyber attacks went up in April with a surge in malware attacks targeting critical infrastructure.

According to Google, known state-backed APT groups from China, Iran, North Korea, and Russia, along with various unattributed groups have been using war-related themes in phishing and malware distribution campaigns.

Looking at the cyber attacks that target Eastern Europe, however, a new Google report notes there hasn't been a significant change from the normal levels of activity, despite the increased adoption of lures related to the Ukraine war.

https://www.securityweek.com/google-sees-more-apts-using-ukraine-war-related-themes

  • Cryptocurrency Regulators Are Scrambling to Catch Up with Hackers Who Are Swiping Billions

Just four months in, 2022 has been a banner year for hackers, and fraudsters targeting the industry have swindled more than $1 billion from cryptocurrency investors, according to separate estimates by cryptocurrency analysis firm Immunefi.

The rise in fraud has put US regulators on the offensive. The US Securities and Exchange Commission, which has positioned itself as the industry’s main regulator and enforcer, announced on Tuesday that it was going to double its staff working to resources to combat the rise in fraud.

“Crypto markets have exploded in recent years, with retail investors bearing the brunt of abuses in this space. Meanwhile, cyber-related threats continue to pose existential risks to our financial markets and participants,” Gurbir Grewal, director of the SEC’s Division of Enforcement said in a statement. “The bolstered Crypto Assets and Cyber Unit will be at the forefront of protecting investors and ensuring fair and orderly markets in the face of these critical challenges.”

https://www.cyberscoop.com/cryptocurrency-sec-cybersecurity-bitcoin-regulation-enforcement/

  • Tackling the Threats Posed by Shadow IT

While remote technologies have allowed businesses to shift their workforces online, this flexibility has created a swathe of challenges for IT teams who must provide a robust security framework for their organisation – encompassing all the personnel and devices within their remit. In addition to the ever-increasing number of personal devices, corporate devices and programs, more and more applications are moving to the cloud as workloads become increasingly distributed across public clouds and software-as-a-service (SaaS).

This means IT teams are even harder pressed to secure and manage the complex environments they operate in. The unsanctioned use of corporate IT systems, devices, and software – known as shadow IT – has increased significantly during the shift to remote work, and recent research found almost one in seven (68%) are concerned about information security because of employees following shadow IT practices.

Shadow IT can allow hackers to steal employee and customer identities, company intellectual property, and cause companies to fail compliance audits. It can also open the door to enterprises accidentally breaking laws and exposes organisations to data exfiltration, malware, and phishing.

https://www.helpnetsecurity.com/2022/05/05/shadow-it-risk/

  • Hackers Used the Log4j Flaw to Gain Access Before Moving Across a Company's Network, Say Security Researchers

State-backed hacking groups are some of the most advanced cyber attack operations in the world - but criminals don't need to rely on them if they can exploit unpatched cyber security flaws.

A North Korean hacking and cyber espionage operation breached the network of an engineering firm linked to military and energy organisations by exploiting a cyber security vulnerability in Log4j.

First detailed in December, the vulnerability (CVE-2021-44228) allows attackers to remotely execute code and gain access to systems that use Log4j, a widely used Java logging library.

The ubiquitous nature of Log4j meant cyber security agencies urged organisations globally to apply security updates as quickly as possible, but months on from disclosure, many are still vulnerable to the flaw.

According to cyber security researchers at Symantec, one of those companies that was still vulnerable was an undisclosed engineering firm that works in the energy and military sectors. That vulnerability resulted in the company being breached when attackers exploited the gap on a public-facing VMware View server in February this year. From there, attackers were able to move around the network and compromise at least 18 computers.

https://www.zdnet.com/article/heres-how-hackers-used-the-log4j-flaw-to-gain-access-before-moving-across-a-companys-network/

  • New Hacker Group Pursuing Corporate Employees Focused on Mergers and Acquisitions

[Explanatory note from Black Arrow: When a group of cyber attackers is identified by the cyber security community, it is given a code name usually composed of letters and digits. These groups are also sometimes referred to as APTs., or Advanced Persistent Threats, because the groups are highly skilled and are persistent in their attacks; they are often supported by their state government].

A newly discovered suspected espionage threat actor has been targeting employees focusing on mergers and acquisitions as well as large corporate transactions to facilitate bulk email collection from victim environments.

Mandiant is tracking the activity cluster under the uncategorised moniker UNC3524, citing a lack of evidence linking it to an existing group. However, some of the intrusions are said to mirror techniques used by different Russia-based hacking crews like APT28 and APT29.

"The high level of operational security, low malware footprint, adept evasive skills, and a large Internet of Things (IoT) device botnet set this group apart and emphasise the 'advanced' in Advanced Persistent Threat," the threat intelligence firm said in a report.

The initial access route is unknown but upon gaining a foothold, attack chains involving UNC3524 culminate in the deployment of a novel backdoor called QUIETEXIT for persistent remote access for as long as 18 months without getting detected in some cases.

https://thehackernews.com/2022/05/new-hacker-group-pursuing-corporate.html


Threats

Ransomware

Phishing & Email Based Attacks

Malware

Mobile

IoT

Organised Crime & Criminal Actors

Cryptocurrency/Cryptomining/Cryptojacking/NFTs

Supply Chain

Open Source

Passwords & Credential Stuffing

Spyware, Espionage & Cyber Warfare, including Russian Invasion of Ukraine


Nation State Actors

Nation State Actors – Russia

Nation State Actors – China

Nation State Actors – North Korea

Nation State Actors – Misc





As usual, contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.

Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.

You can also follow us on Facebook, Twitter and LinkedIn.

Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.

Read More
Black Arrow Admin Black Arrow Admin

Black Arrow Cyber Threat Briefing 01 April 2022

Black Arrow Cyber Threat Briefing 01 April 2022

-One Tenth of UK Staff Bypass Corporate Security

-Majority Of Data Security Incidents Caused by Insiders

-One-Third of UK Firms Suffer A Cyber Attack Every Week

-Russia's Cyber Criminals Fear Sanctions Will Erase Their Wealth

-86% Of Organisations Believe They Have Suffered a Nation-State Cyber Attack

-Multiple Hacking Groups Are Using the War in Ukraine As A Lure In Phishing Attempts

-4 Ways Attackers Target Humans to Gain Network Access

-Security Incidents Reported to FCA Surge 52% in 2021

-NCSC Suggests Rethinking Russian Supply Chain Risks

-25% Of Workers Lost Their Jobs In The Past 12 Months After Making Cyber Security Mistakes: Report

-Attackers Compromise 94% Of Critical Assets Within Four Steps Of Initial Breach

-UK Spy Chief Warns Russia Looking for Cyber Targets

Welcome to this week’s Black Arrow Cyber Threat Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.

Top Cyber Stories of the Last Week

  • One Tenth of UK Staff Bypass Corporate Security

A new study from Cisco has found that a tenth of UK employees actively circumvent their organisation’s security measures.

The network technology company polled over 1000 UK professionals working for organisations that allow hybrid working, in order to better understand the potential security risks of the modern, flexible workplace.

The research has revealed that many hybrid workers do not see cyber security as their responsibility, with many actively finding workarounds or engaging in risky behaviours such as password reuse.

19% of employees said they reuse passwords for multiple accounts and applications, with only 15% using password managers.

The problem seems to stem from user friction in existing security measures. Only 44% of survey participants said they found it easy to securely access their IT equipment.

A majority said they would be willing to use biometric authentication, a reflection of how enterprise security is still catching up to consumer functionality.

https://www.itsecurityguru.org/2022/03/28/one-tenth-of-uk-staff-bypass-corporate-security/

  • Majority Of Data Security Incidents Caused by Insiders

New research from Imperva has revealed that 70% of EMEA organisations have no insider risk strategy, despite 59% of data security incidents being caused by employees.

The shocking revelation comes as part of a wider study carried out by Forrester: Insider Threats Drive Data Protection Improvements. The study involved interviewing 150 security and IT professionals in EMEA.

An insider threat is defined by Imperva as originating from “inappropriate use of legitimate authorised user accounts” by either their rightful owner or a threat actor who has managed to compromise them.

The study found that insider threats were responsible for 59% of incidents impacting sensitive data in the past 12 months. This supports a previous Imperva analysis of the most significant breaches of the past five years, revealing that 24% were caused by either human error or compromised credentials.

https://www.itsecurityguru.org/2022/04/01/majority-of-data-security-incidents-caused-by-insiders/

  • One-Third of UK Firms Suffer a Cyber Attack Every Week

Cyber attacks and related incidents at UK organisations continue their seemingly unstoppable upward trajectory, with new statistics from the Department for Digital, Culture, Media and Sport (DCMS) revealing that 31% of businesses and 26% of charity organisations now experience incidents on a weekly basis.

The data, contained in the annual cyber security breaches survey report, paints a stark picture of the scale of the threat facing the average organisation, and the urgent need to boost standards and defences.

It is vital that every organisation takes cyber security seriously as more and more business is done online and we live in a time of increasing cyber risk.  No matter how big or small your organisation is, you need to take steps to improve digital resilience.

Some 20% of businesses and 19% of charities said they had experienced a negative outcome as a direct consequence of an attack. The average cost of an attack, spread out across all organisations, now works out at £4,200, or £19,400 if only medium and large businesses are considered, although there is probably a vast amount of under-reporting, so the true figures are certainly higher.

Meanwhile, 35% of businesses and 38% of charities said they had experienced some kind of negative impact during the incident, such as service downtime.

https://www.computerweekly.com/news/252515288/One-third-of-UK-firms-suffer-a-cyber-attack-every-week

  • Russia's Cyber Criminals Fear Sanctions Will Erase Their Wealth

Punitive economic sanctions over Russia's invasion of Ukraine had crooks discussing the best ways to adapt to the new reality.

Members of Russian-language underground forums are not immune to the latest news. Russia's invasion of Ukraine and subsequent economic sanctions against Moscow got forum users to discuss how to live in this new world they find themselves in.

According to a report by the Digital Shadows Photon team, dark web forums are teeming with questions on how to ensure the safety of funds held in Russia-based accounts.

One user sought advice on what to do with dollars held in a Russian bank, with others suggesting converting dollars to rubles for a few months.

"I hope you were joking about [holding the funds in rubles for] half a year? After half a year, your rubles will only be good for lighting a fire, they will not be good for anything else," a forum user responded.

https://cybernews.com/news/russias-cybercriminals-fear-sanctions-will-erase-their-wealth/

  • 86% Of Organisations Believe They Have Suffered a Nation-State Cyber Attack

A new study by Trellix and the Center for Strategic and International Studies (CSIS) has revealed that 86% of organisations believe they have fallen victim to a nation-state cyber attack.

The research surveyed 800 IT decision-makers in Australia, France, Germany, India, Japan, the UK and US.

It has also been revealed that 92% of respondents have faced, or suspect they have faced, a nation-state backed cyber attack in the past 18 months, or anticipate one in the future.

Russia and China were identified as the most likely suspects behind said attacks. 39% of organisations that believe they have been hit with a nation-state cyber attack believe Russia were the perpetrators.

https://www.itsecurityguru.org/2022/03/29/86-of-organisations-believe-they-have-suffered-a-nation-state-cyberattack/

  • Multiple Hacking Groups Are Using the War in Ukraine as A Lure in Phishing Attempts

Hostile hacking groups are exploiting Russia's invasion of Ukraine to carry out cyber attacks designed to steal login credentials, sensitive information, money and more from victims around the world.

According to cyber security researchers at Google's Threat Analysis Group (TAG), government-backed hackers from Russia, China, Iran and North Korea, as well as various unattributed groups and cyber criminal gangs, are using various themes related to the war in Ukraine to lure people into becoming victims of cyber attacks.

In just the last two weeks alone, Google has seen several hacking groups looking to take advantage of the war to fulfil their malicious aims, whether that's stealing information, stealing money, or something else.

https://www.zdnet.com/article/google-multiple-hacking-groups-are-using-the-war-in-ukraine-as-a-lure-in-phishing-attempts/

  • 4 Ways Attackers Target Humans to Gain Network Access

Since the day we started receiving email, we hope that our antivirus or endpoint protection software alerts us to problems. In reality, it often does not. When technology fails, it’s likely because the attacker made an end run around it by targeting humans. Here are four ways they do it:

1. The targeted human attack

2. Fraudulent wire transfer email

3. Tricking users into handing over credentials

4. Bypassing multi-factor authentication

https://www.csoonline.com/article/3654850/4-ways-attackers-target-humans-to-gain-network-access.html#tk.rss_news

  • Security Incidents Reported to FCA Surge 52% in 2021

The number of cyber security incidents reported to the UK’s financial regulator surged by over 50% last year after a significant increase in cyber-attacks, according to new figures from Picus Security.

The security vendor submitted Freedom of Information (FoI) requests to the Financial Conduct Authority (FCA) to compile its latest report, Cyber Security Incidents in the UK Financial Sector.

The 52% year-on-year increase in “material” security incidents reported to the FCA seems to have been driven by cyber-attacks, which comprised nearly two-thirds (65%) of these reports.

Picus Security claimed that the rest are likely explained by “system and process failures and employee errors.”

In addition, a third of incident reports were about corporate or personal data breaches, and a fifth involved ransomware.

Picus Security explained that to qualify as a material incident, there needs to have been a significant loss of data, operational IT outages, unauthorized IT access, and/or an impact on a large number of customers.

https://www.infosecurity-magazine.com/news/security-incidents-reported-fca/

  • NCSC Suggests Rethinking Russian Supply Chain Risks

The National Cyber Security Centre (NCSC) of the UK has urged organisations to reconsider the risks associated with “Russian-controlled” parts of their supply chains.

Ian Levy, technical director of the NCSC argued that “Russian law already contains legal obligations on companies to assist the Russian Federal Security Service (FSB), and the pressure to do so may increase in a time of war. We also have hacktivists on each side, further complicating matters, so the overall risk has materially changed.”

Levy has suggested that while there is currently nothing to suggest that the Russian state intends to force commercial providers to sabotage UK interests, that doesn’t mean it will not happen in the future.

https://www.itsecurityguru.org/2022/03/30/ncsc-suggests-rethinking-russian-supply-chain-risks/

  • 25% Of Workers Lost Their Jobs in The Past 12 Months After Making Cyber Security Mistakes: Report

For business leaders, there is never a good time for their employees to make mistakes on the job. This is especially true now for workers who have anything to do with the cyber security of their companies and organisations. Given the growing risks of cyber attacks across the world and the increased threats posed by Russia in the aftermath of their invasion of Ukraine, these are certainly perilous times.

Indeed, a new study released by email security company Tessian found that one in four employees (26%) lost their job in the last 12 months after making a mistake that compromised their company’s security.

According to the second edition of Tessian’s Psychology of Human Error report, people are falling for more advanced phishing scams—and the business stakes for mistakes are much higher.

The study also found that:

  • Two-fifths (40%) of employees sent an email to the wrong person, with almost one-third (29%) saying their business lost a client or customer because of the error

  • Over one-third (36%) of employees have made a mistake at work that compromised security and fewer are reporting their mistakes to IT.

https://www.forbes.com/sites/edwardsegal/2022/03/29/25-of-workers-lost-their-jobs-in-the-past-12-months-after-making-cybersecurity-mistakes-report/?sh=d47cdfa49b26

  • Attackers Compromise 94% of Critical Assets Within Four Steps of Initial Breach

New research from XM Cyber analysing the methods, attack paths, and impacts of cyber attacks has discovered that attackers can compromise 94% of critical assets within just four steps of initial breach points. The hybrid cloud security company’s Attack Path Management Impact Report incorporates insights from nearly two million endpoints, files, folders, and cloud resources throughout 2021, highlighting key findings on attack trends and techniques impacting critical assets across on-prem, multi-cloud, and hybrid environments.

The findings showed that 75% of an organisation’s critical assets are open to compromise in their current security state, while 73% of the top attack techniques used last year involved mismanaged or stolen credentials. Just over a quarter (27%) of most common attack techniques exploited a vulnerability or misconfiguration.

https://www.csoonline.com/article/3655633/attackers-compromise-94-of-critical-assets-within-four-steps-of-initial-breach.html

  • UK Spy Chief Warns Russia Looking for Cyber Targets

A UK intelligence chief warned that the Kremlin is hunting for cyber targets and bringing in mercenaries to shore up its stalled military campaign in Ukraine.

Jeremy Fleming, who heads the GCHQ electronic spy agency, praised Ukrainian President Volodymyr Zelenskyy’s “information operation” for being highly effective at countering Russia’s massive disinformation drive spreading propaganda about the war.

While there were expectations that Russia would launch a major cyber attack as part of its military campaign, Fleming said such a move was never a central part of Moscow’s standard playbook for war.

“That’s not to say that we haven’t seen cyber in this conflict. We have — and lots of it,” Fleming said in a speech in Canberra, Australia, according to a transcript released in London on Wednesday.

He said GCHQ’s National Cyber Security Centre has picked up signs of “sustained intent” by Russia to disrupt Ukrainian government and military systems.

“We’ve seen what looks like some spillover of activity affecting surrounding countries,” Fleming said. “And we’ve certainly seen indicators which suggest Russia’s cyber actors are looking for targets in the countries that oppose their actions.”

He provided no further details. He said the UK and other Western allies will continue to support Ukraine in beefing up its cyber security defences.

https://www.securityweek.com/uk-spy-chief-warns-russia-looking-cyber-targets


Threats

Ransomware

BEC – Business Email Compromise

Phishing & Email Based Attacks

Other Social Engineering

Malware

Mobile

IoT

Organised Crime & Criminal Actors

Cryptocurrency/Cryptomining/Cryptojacking

Insider Risk and Insider Threats

Fraud, Scams & Financial Crime

Supply Chain

Denial of Service DoS/DDoS

Passwords & Credential Stuffing

Spyware, Espionage & Cyber Warfare








As usual, contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.

Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.

You can also follow us on Facebook, Twitter and LinkedIn.

Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.

Read More