Threat Intelligence Blog
Contact us to discuss any insights from our Blog, and how we can support you in a tailored threat intelligence report.
Black Arrow Cyber Threat Briefing 10 May 2024
Black Arrow Cyber Threat Intelligence Briefing 10 May 2024:
-China Suspected of Hacking MoD, Through Its Payroll Provider
-Security Tools Fail to Translate Risks for Executives
-Gang Accused of MGM Hack Shifts Attacks to Finance Sector
-Are SMEs Paving the Way for Cyber Attacks on Larger Companies?
-Misconfigurations Drive 80% of Security Exposure, Report Finds
-Only 45% of Organisations Employ MFA Protections
-You Cannot Protect What You Do Not Know You Have, as Criminals are Exploiting Vulnerabilities Faster Than Ever
-The Rise and Stealth of The Socially Engineered Insider
-Over 70% of Staff Use AI At Work, But Only 30% of European Organisations Provide AI Training
-Don't Be the Weakest Link – You and Your Team's Crucial Role in Cyber Security
-Ransomware Activity Thrives, Despite Law enforcement Efforts
-NATO Warns of Russian Hybrid Warfare
Welcome to this week’s Black Arrow Cyber Threat Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Top Cyber Stories of the Last Week
China Suspected of Hacking UK Ministry of Defence, Through Its Payroll Provider
UK Defence Secretary Grant Shapps has confirmed that over 270,000 personal details have been leaked after the MoD was hacked through its third-party payroll provider, SSCL. The affected systems have been pulled offline since the attack. SSCL’s website describes that it manages HR for the armed forces, the Metropolitan Police and other areas of British government. The commercial supply chain, and in particular HR and payroll providers, is increasing being used as the soft underbelly to attack larger and better protected organisations.
Sources: [LBC] [The Register] [Sky News]
Security Tools Fail to Translate Risks for Executives
Organisations are struggling with internal communication barriers, hindering their ability to address and mitigate cyber security threats, according to a report which found that seven out of 10 C-suite executives said their security teams talk in technical terms without providing business context. However, in contrast, 75% of CISO’s highlight the issue is rooted in security tools that cannot generate the insights C-level executives and boards can use to understand business implications. The role of a good CISO should be to take the output of these tools and turn that data into metrics the Boards can understand.
The issues highlight the necessity for organisations to have someone in their organisation, whether an employee or a third-party, who is able to ingest technical results and translate them into a style that the C-suite can understand for business risk management.
Source: [Help Net Security]
Gang Accused of MGM Hack Shifts Attacks to Finance Sector
The hacking group responsible for the infamous hack on MGM and Caesar’s Palace resorts is engaged in a new campaign targeting the financial sector. The group known as Scattered Spider has targeted 29 companies since 20 April this year, compromising at least 2 insurance companies so far. The research has stated that the attackers are purchasing lookalike domains that match the name of target companies, hosting fake log-in pages. Links to these are sent to employees, in an attempt to direct them there. The most recent attack took place just days ago, with more expected.
Sources: [Bloomberg Law] [Claims Journal]
Are SMEs Paving the Way for Cyber Attacks on Larger Companies?
A recent study highlights the escalating cyber threats facing businesses, particularly SMEs and supply chains. The study found that 32% of UK businesses, including 69% of large and 59% of mid-sized organisations, suffered a cyber attack last year. The situation is worse for SMEs, with weaker security systems and 77% lacking in-house cyber security. SMEs can become entry points for hackers targeting larger partners through interconnected supply chains. Meanwhile, Verizon’s latest data breaches report revealed a 68% increase in supply chain breaches, accounting for 15% of all breaches in 2023, up from 9% in 2022. These breaches are primarily driven by third-party software vulnerabilities exploited in ransomware and extortion attacks. Experts emphasise proactive cyber policies, vulnerability scans, and employee education for SMEs to bolster defences. They also urge organisations to consider third-party bugs as both vulnerability and vendor management problems, make better vendor choices, and use external signals like SEC disclosures in the United States to guide decisions. These measures can help prevent SMEs from becoming gateways for larger attacks and manage the rising threat of supply chain breaches.
Sources: [Insurance Times] [Dark Reading]
Misconfigurations Drive 80% of Security Exposure, Report Finds
A recent report has found that 80% of security exposures are caused by identity and credential misconfigurations, with a third of these putting critical assets at risk of a breach. According to the report, the majority of this is within an organisation’s network user management (Active Directory) and 56% of breaches that impact critical assets are within cloud platforms. There is often the misconception that cloud-based environments are secure by default, but misconfigurations can undo any security benefits and still leave you exposed. Just because someone else built and maintains your house, it is still your responsibility to lock the doors and windows.
Sources: [Security Magazine]
Only 45% of Organisations Employ MFA Protections
A recent report of IT decision-makers has found that 97% are facing challenges with identity verification and 52% are very concerned about credential compromise, followed by account takeover (50%). When it comes to reinforcing identity verification, only 45% used multi-factor authentication (MFA). By using MFA, organisations are forcing two identification verifications: simply knowing a username and password is not enough, especially given the speeds with which attackers can crack passwords, with average 8 character passwords able to be cracked in less than a minute. Whilst no control is 100% impenetrable, enabling MFA will aid in increasing your organisation's cyber resilience.
Source: [Help Net Security]
You Cannot Protect What You Do Not Know You Have, as Criminals are Exploiting Vulnerabilities Faster Than Ever
For many organisations, visibility of their information assets can be incredibly hard to obtain and maintain, with different tools, under-reporting and shadow IT contributing to the problem. Unfortunately, cyber criminals are getting faster at exploiting vulnerabilities, and if you do not know you have the vulnerability in your estate then you cannot patch against it. In their recent report, Fortinet found that attacks started on average 4.76 days after new exploits were publicly disclosed.
Interestingly though, while zero-day threats garner much attention (these are ‘new’ vulnerabilities that are being exploited by attackers but for which there are no security patches yet available), one third of all exploits are for older vulnerabilities. This highlights the need for a comprehensive and robust approach to network security and vulnerability management, beyond simply patching what Microsoft puts out once a month. To have effective patch management, organisations must know what they need to patch and therefore must have visibility of the corporate environment. A good starting block is the creation of a robust information asset register.
Sources: [Security Brief] [Help Net Security] [IT Security Guru]
The Rise and Stealth of The Socially Engineered Insider
Social engineering has become increasingly prevalent as the preferred tactic for foreign adversaries. Insiders are prime targets due to their privileged access to sensitive data. This is particularly affecting the technology, pharma, and critical infrastructure sectors. Advances in AI and social platforms have made it easier to exploit these vulnerabilities. These advances allow threat actors to tailor attacks with unprecedented speed and realism. Using methods like coercion or deception, these actors exploit employees to gain high-value data that can be weaponised. As a result, the threat landscape has become more complex, blurring the lines between internal and external risks. To bolster their defences, organisations are now investing in insider risk management and AI. They are also emphasising employee education and cross-sector collaboration.
Source: [Forbes]
Over 70% of Staff Use AI At Work, But Only 30% of European Organisations Provide AI Training
An ISACA study and the AI Security & Governance Report reveal a complex landscape of AI adoption and security. 73% of European organisations and 54% of global organisations use AI, with 79% increasing their AI budgets, however training and policy development lag behind. Only 30% offer limited training, 40% provide none, and a mere 17% have a comprehensive AI policy. Despite AI’s potential, 80% of data experts find it complicates security, with concerns high around generative AI exploitation (61% of respondents) and AI-powered attacks (over 50% of business leaders). Data poisoning and privacy issues persist, yet 85% of leaders express confidence in their data security strategies, with 83% revising privacy and governance guidelines. With 86% recognising a need for AI training within two years, the call for dynamic governance strategies and formal education is clear to manage evolving threats.
Sources: [Help Net Security] [IT Security Guru]
Don't Be the Weakest Link – You and Your Team's Crucial Role in Cyber Security
Cyber security success depends on more than just technology. Bad actors are always looking for the easiest entry point, meaning that employees’ everyday actions are crucial, when even one careless click or a weak password can be an open door for hackers. However, empowered with the right knowledge and tools, staff can become a robust defence. Nearly 80% of organisations have reported an increase in phishing attacks, but training programs like role-playing exercises and phishing simulations significantly reduce these risks. Effective cyber security also hinges on C-suite leaders promoting a security-first culture, ensuring all employees understand the risks and follow strict protocols like MFA and strong password policies. Consistent training and open communication are vital in fostering a resilient, security-aware workforce.
Source: [JDSupra]
Ransomware Activity Thrives, Despite Law enforcement Efforts
Despite the recent law enforcement takedowns on ransomware groups, ransomware remains rife. Whilst the takedown of a group can come as an initial relief in that the group has gone, it simply forces ransomware affiliates to diversify. This is reflected in ransomware continuing its growth in the first quarter of 2024, with 18 new leak sites, the largest number in a single quarter, emerging over this period. When comes to those at risk, both financial services and healthcare remain a prominent target.
Sources: [Help Net Security ] [Infosecurity Magazine] [Help Net Security]
NATO Warns of Russian Hybrid Warfare
NATO has issued a statement in which it describes it is “deeply concerned about Russia's hybrid actions and the threat that they constitute to NATO security”. The actions are described to include sabotage, acts of violence, cyber and electronic interference, and disinformation campaigns. This comes as many countries including the UK and US are due to have elections this year.
Sources: [EU Reporter] [Financial Times]
Governance, Risk and Compliance
You cannot protect what you do not understand (securitybrief.co.nz)
Security tools fail to translate risks for executives - Help Net Security
It Costs How Much?!? The Financial Pitfalls of Cyber Attacks on SMBs (thehackernews.com)
Now More Than Ever, it's Crucial for Companies to Get Cyber Security Right (newsweek.com)
Why SMBs are facing significant security, business risks - Help Net Security
Are SMEs paving the way for cyber attacks on larger companies? | Insurance Times
Don't Be the Weakest Link – Your Team's Crucial Role in Cyber Security | NAVEX - JDSupra
The Art Of Cyber Security Governance: Safeguarding Beyond Code (forbes.com)
CISOs Are Worried About Their Jobs & Dissatisfied With Their Incomes (darkreading.com)
92% of CISOs Question the Future of Their Role Amidst Growing AI Pressures | Business Wire
Three strategies for winning the cyber security arms race | Fintech Nexus
Rethinking Cyber Security Investment Amid Rising Threats (govinfosecurity.com)
CIOs and CFOs, two parts of the same whole - IT Security Guru
Threats
Ransomware, Extortion and Destructive Attacks
Gang Accused of MGM Hack Turns Its Sights on Finance Sector (bloomberglaw.com)
Cybercrime Unicorns: What Everyone Needs to Know About Ransomware Gangs (pcmag.com)
Why Paying Should Be A Last Resort In Ransomware Attacks (forbes.com)
Ransomware activity is back on track despite law enforcement efforts - Help Net Security
Ransomware evolves from extortion to 'psychological attacks' • The Register
Russian Hacker Dmitry Khoroshev Unmasked as LockBit Ransomware Administrator (thehackernews.com)
Ransomware attacks impact 20% of sensitive data in healthcare orgs - Help Net Security
An overwhelming majority of organisations paid ransomware last year - eCampus News
The Growing Threat of Advanced Ransomware Attacks (inforisktoday.com)
Law enforcement seized Lockbit group's website again (securityaffairs.com)
Consultant charged with $1.5M extortion of IT giant • The Register
IT chiefs plan to spend and innovate their way out of ransomware swamp | TechRadar
Ransomware crooks SIM swap kids to pressure parents • The Register
Scattered Spider group a unique challenge for cyber cops, FBI leader says (therecord.media)
97% of Organisations Hit by Ransomware Worked with Law Enforcement (globenewswire.com)
CISA boss: Secure software needed to stop ransomware • The Register
Shields Up: How to Minimize Ransomware Exposure - Security Week
Ransomware Victims
UnitedHealth’s 'egregious negligence' led to that ransomware • The Register
Ascension healthcare takes systems offline after cyber attack (bleepingcomputer.com)
London Drugs president tight-lipped over recent cyber attack | CBC News
Boeing confirms attempted $200 million ransomware extortion attempt | CyberScoop
Cyber attack disrupts operations at major US health care network | CNN Business
City of Wichita Shuts Down Network Following Ransomware Attack - Security Week
Patient appointments imperilled by cyber attack on French radiologist (therecord.media)
Ransomware attack hits Brandywine Realty Trust | SC Media (scmagazine.com)
Phishing & Email Based Attacks
Other Social Engineering
The Rise And Stealth Of The Socially Engineered Insider (forbes.com)
Iranian hackers harvest credentials through advanced social engineering campaigns | CSO Online
What is social engineering penetration testing? | Definition from TechTarget
Artificial Intelligence
Organisations go ahead with AI despite security risks - Help Net Security
Innovation, Not Regulation, Will Protect Corporations From Deepfakes (darkreading.com)
Strategies for preventing AI misuse in cyber security - Help Net Security
AI is changing the game when it comes to cyber security | ITPro
Why the Cyber Security Industry Is Obsessed With AI Right Now - CNET
LLMs & Malicious Code Injections: 'We Have to Assume It's Coming' (darkreading.com)
Cyber Security, Deepfakes and the Human Risk of AI Fraud (govtech.com)
Criminal Use of AI Growing, But Lags Behind Defenders - Security Week
2FA/MFA
Only 45% of organisations use MFA to protect against fraud - Help Net Security
UnitedHealth Attack: Stolen Credentials, No MFA | MSSP Alert
Malware
ZLoader Malware adds Zeus's anti-analysis feature (securityaffairs.com)
Russia-linked APT28 and crooks are still using the Moobot botnet (securityaffairs.com)
Iranian hackers pose as journalists to push backdoor malware (bleepingcomputer.com)
New 'Cuckoo' Persistent macOS Spyware Targeting Intel and Arm Macs (thehackernews.com)
Hijack Loader Malware Employs Process Hollowing, UAC Bypass in Latest Version (thehackernews.com)
Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery (thehackernews.com)
Mobile
Mobile Banking Malware Surges 32% - Infosecurity Magazine (infosecurity-magazine.com)
Android bug can leak DNS traffic with VPN kill switch enabled (bleepingcomputer.com)
European Threat To End-To-End Encryption Would Invade Phones (forbes.com)
Ransomware crooks SIM swap kids to pressure parents • The Register
Denial of Service/DoS/DDOS
Data Breaches/Leaks
How does a data breach affect you and why should you care? | TechRadar
Dell customer order database stolen, for sale on dark web • The Register
The Breach of a Face Recognition Firm Reveals a Hidden Danger of Biometrics | WIRED
Cyber attack: Large volume of data stolen in attack on Scottish health board (scotsman.com)
Security breach affects 6,000 German military VC meetings (avinteractive.com)
Security company exposes 1.2M guard and suspect records • The Register
Children's mental health records published after cyber attack - BBC News
Georgia education agency's MOVEit data theft impacted 800K • The Register
Data Brokers: What They Are and How to Safeguard Your Privacy - IT Security Guru
Zscaler Investigates Hacking Claims After Data Offered for Sale - Security Week
UK government departments reveal rise in data breaches & lost devices (datacentrenews.uk)
'Sophisticated' cyber attacks involving British Colombia government networks found | CBC News
Over 380K more NYC students had info leaked, bringing total to over 1M (nypost.com)
Dating apps kiss'n'tell all sorts of sensitive user info • The Register
Organised Crime & Criminal Actors
Hackers of all kinds are attacking routers across the world | TechRadar
These Dangerous Scammers Don’t Even Bother to Hide Their Crimes | WIRED
Massive webshop fraud ring steals credit cards from 850,000 people (bleepingcomputer.com)
Scattered Spider group a unique challenge for cyber cops, FBI leader says (therecord.media)
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Insider Risk and Insider Threats
The Rise And Stealth Of The Socially Engineered Insider (forbes.com)
Don't Be the Weakest Link – Your Team's Crucial Role in Cyber Security | NAVEX - JDSupra
Supply Chain and Third Parties
UK Military Data Breach a Reminder of Third-Party Risk (darkreading.com)
Details of UK military personnel exposed in huge payroll data breach | AP News
Firm at centre of MoD 'China' hack handles data for several Whitehall departments (inews.co.uk)
DBIR: Supply Chain Breaches Up 68% Year Over Year (darkreading.com)
The complexities of third-party risk management - Help Net Security
Cloud/SaaS
Encryption
Cop complaints won't stop E2EE, says encryption advocate • The Register
European Threat To End-To-End Encryption Would Invade Phones (forbes.com)
Linux and Open Source
Open-Source Cyber Security Is a Ticking Time Bomb (gizmodo.com)
Spies Among Us: Insider Threats in Open Source Environments (darkreading.com)
Passwords, Credential Stuffing & Brute Force Attacks
Iranian hackers harvest credentials through advanced social engineering campaigns | CSO Online
Microsoft introduces Passkeys support for consumer accounts - gHacks Tech News
Google Announces Passkeys Adopted by Over 400 Million Accounts (thehackernews.com)
UnitedHealth Attack: Stolen Credentials, No MFA | MSSP Alert
Hackers can crack average 8-character passwords in under a minute (newsbytesapp.com)
How secure is the “Password Protection” on your files and drives? - Help Net Security
Social Media
Training, Education and Awareness
Regulations, Fines and Legislation
The EU Cyber Diplomacy Toolbox: Shaping Global Cyber Security Standards | UpGuard
The NIS2 Compliance Deadline Is Nearing. Are You Prepared? - Security Boulevard
Innovation, Not Regulation, Will Protect Corporations From Deepfakes (darkreading.com)
Models, Frameworks and Standards
Data Protection
Careers, Working in Cyber and Information Security
How workforce reductions affect cyber security postures - Help Net Security
One in Four Tech CISOs Unhappy with Compensation - Security Boulevard
Law Enforcement Action and Take Downs
Ransomware activity is back on track despite law enforcement efforts - Help Net Security
LockBit's seized darknet site resurrected by police, teasing new revelations (therecord.media)
LockBit leader unmasked and sanctioned - National Crime Agency
Israeli private investigator wanted for hacking in US is arrested in London | The Independent
German police bust Europe's 'largest' scam call centre – DW – 05/02/2024
Consultant charged with $1.5M extortion of IT giant • The Register
97% of Organisations Hit by Ransomware Worked with Law Enforcement (globenewswire.com)
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Israeli private investigator wanted for hacking in US is arrested in London | The Independent
Cyber Attacks on US Utilities: New Trends in Cyber Warfare - ClearanceJobs
'The Mask' Espionage Group Resurfaces After 10-Year Hiatus (darkreading.com)
Nation State Actors
China
Firm at centre of MoD 'China' hack handles data for several Whitehall departments (inews.co.uk)
Lessons from LOCKED SHIELDS 2024 cyber exercise | SC Media (scmagazine.com)
China-Linked Hackers Used ROOTROT Webshell in MITRE Network Intrusion (thehackernews.com)
Russia
Malice from Moscow: NATO warns of Russian hybrid warfare - EU Reporter
Russia plotting sabotage across Europe, intelligence agencies warn (ft.com)
How Nato could respond after wave of Russian spy arrests across Europe (inews.co.uk)
EU, NATO denounce Russia's cyber attacks on Germany, Czechia (kyivindependent.com)
Russia Cyber Attack Germany's Ruling Party, Defence | Silicon UK
Foreign Ministry: Czech institutions targeted by GRU cyber attacks | Radio Prague International
Russia-linked APT28 and crooks are still using the Moobot botnet (securityaffairs.com)
Ukraine records increase in financially motivated attacks by Russian hackers (therecord.media)
Cyber War? EU rages over alleged Russian cyber attack on German’s ruling SPD (brusselssignal.eu)
Lessons from LOCKED SHIELDS 2024 cyber exercise | SC Media (scmagazine.com)
A (Strange) Interview With the Russian-Military-Linked Hackers Targeting US Water Utilities | WIRED
Russia says Germany using baseless 'hacker myths' to destroy ties | Reuters
Poland says it too was targeted by Russian hackers – POLITICO
Kaspersky denies claims it helped Russia with drones • The Register
Iran
Iranian hackers pose as journalists to push backdoor malware (bleepingcomputer.com)
Iranian hackers harvest credentials through advanced social engineering campaigns | CSO Online
North Korea
Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence
Vulnerability Management
Cyber criminals are getting faster at exploiting vulnerabilities - Help Net Security
Misconfigurations drive 80% of security exposures | Security Magazine
Patch management vs. vulnerability management: Key differences | TechTarget
What is Risk-Based Vulnerability Management (RBVM)? (techtarget.com)
CISA’s KEV list improving private and public-sector patching • The Register
CISA Announces CVE Enrichment Project 'Vulnrichment' - Security Week
Vulnerabilities
Citrix Addresses High-Severity NetScaler Servers Flaw (darkreading.com)
Over 50,000 Tinyproxy servers vulnerable to critical RCE flaw (bleepingcomputer.com)
Veeam fixes RCE flaw in backup management platform (CVE-2024-29212) - Help Net Security
LiteSpeed Cache WordPress plugin actively exploited in the wild (securityaffairs.com)
New BIG-IP Next Central Manager bugs allow device takeover (bleepingcomputer.com)
Microsoft: April Windows Server updates also cause crashes, reboots (bleepingcomputer.com)
Android bug can leak DNS traffic with VPN kill switch enabled (bleepingcomputer.com)
Mirai Botnet Exploits Ivanti Connect Secure Flaws for Malicious Payload Delivery (thehackernews.com)
Tools and Controls
Behind Closed Doors: The Rise of Hidden Malicious Remote Access (cybereason.com)
Security tools fail to translate risks for executives - Help Net Security
Misconfigurations drive 80% of security exposures | Security Magazine
NSA, FBI Alert on North Korean Hackers Spoofing Emails from Trusted Sources (thehackernews.com)
Microsoft plans to lock down Windows DNS like never before. Here’s how. | Ars Technica
Novel attack against virtually all VPN apps neuters their entire purpose | Ars Technica
Strategies for preventing AI misuse in cyber security - Help Net Security
Shadow APIs: An Overlooked Cyber Risk for Orgs (darkreading.com)
What is social engineering penetration testing? | Definition from TechTarget
How workforce reductions affect cyber security postures - Help Net Security
What is Risk-Based Vulnerability Management (RBVM)? (techtarget.com)
Top 10 physical security considerations for CISOs | CSO Online
IT chiefs plan to spend and innovate their way out of ransomware swamp | TechRadar
A SaaS Security Challenge: Getting Permissions All in One Place (thehackernews.com)
Tips for Controlling the Costs of Security Tools - The New Stack
Rethinking Cyber Security Investment Amid Rising Threats (govinfosecurity.com)
Microsoft confirms Windows 11 24H2 turns on Device Encryption by default (windowslatest.com)
Reports Published in the Last Week
Other News
Microsoft overhaul treats security as ‘top priority’ after a series of failures - The Verge
The EU Cyber Diplomacy Toolbox: Shaping Global Cyber Security Standards | UpGuard
Complexity leads to trade-off between risk and innovation (betanews.com)
When has the UK faced cyber attacks in the past? | The Independent
Man-in-the-middle attack: The new cyber security threat | YourStory
Paris 2024 gearing up to face unprecedented cyber security threat | Reuters
38% of riskiest cyber physical systems neglected, warns Claroty report (securitybrief.co.nz)
Why undersea cables need high-priority protection • The Register
GAO: NASA Faces 'Inconsistent' Cyber Security Across Spacecraft (darkreading.com)
Cyber security regulations: Are non-compliant cars more vulnerable? | Autocar
Fujitsu sets aside £200m as calls mount for Post Office scandal payout
FE News | Why the education sector needs to do the homework on cyber security as attacks soar
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
As usual, contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.
Black Arrow Cyber Threat Briefing 03 May 2024
Black Arrow Cyber Threat Intelligence Briefing 03 May 2024:
-Most Attacks Impacting SMB’s Target Older, Unpatched Vulnerabilities
-91% of Ransomware Victims Paid At least One Ransom in the Past Year, as 1 in 5 Ransomware Attacks Triggers Lawsuit
-BEC and Fund Transfer Fraud Top Insurance Claims
-Correlating Cyber Investments with Business Outcomes
-Vulnerability Exploitation up 180%, 68% of Breaches involved Humans and Supply Chain Weak Link
-MOVEit & Change Healthcare Attacks Designated as Cyber Catastrophe Loss Events by Insurer
-Securing Your Organisation’s Supply Chain: Reducing the Risks of Third Parties
-Why Remote Desktop Tools are Facing an Onslaught of Cyber Threats
-95% of Organisations Revamped Cyber Security Strategies in the Last Year: Make Sure Yours is Right
-Human Factor a Significant Risk for Small and Medium-Sized Businesses.
-Microsoft CEO Says it is Putting Security Above All Else in Major Refocus
-Ending the Culture of Silence in Cyber Security; Three Ways to Empower Teams
Welcome to this week’s Black Arrow Cyber Threat Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Top Cyber Stories of the Last Week
Most Attacks Impacting SMB’s Target Older, Unpatched Vulnerabilities
Attackers continue to aggressively target small and mid-size businesses using specific high-profile vulnerabilities dating back a decade or more, network telemetry shows. Findings have shown that this is due to these vulnerabilities featuring in a wide range of products. Due to their prevalence, they can often become missed by organisations conducting patch management and therefore leave the organisation open.
For this reason it is critical that all organisations, including smaller organisations, have internal as well as external vulnerability scanning. You might believe your systems are patched up to date but there is no way to confirm without scanning , or to know which patches might have been missed.
Sources: [Infosecurity Magazine]
91% of Ransomware Victims Paid At least One Ransom in the Past Year, as 1 in 5 Ransomware Attacks Triggers Lawsuit
Ransomware attacks saw a significant surge in 2023, following a dip in 2022. The number of victims increased by 66% from 2022 to 2023, with 91% of those affected paying at least one ransom. 58% of organisations have been targeted six times or more.
The Sophos State of Ransomware 2023 report highlighted ransom payments rose by 500%; nearly two-thirds exceeded $1m or more, with an average payment of $2m. Furthermore, 30% of the demands were for over $5m.
In the US, 18% of incidents led to litigation, with 123 lawsuits filed in 2023 and 355 over five years. Data breaches, affecting 283.3 million records, primarily triggered these lawsuits, especially in healthcare and finance sectors. The resolution rate is 59%, with the highest settlement at $8.7m. Regulatory fines added nearly $10m to the financial impact. These figures underscore the significant financial implications of ransomware attacks and the urgent need for robust cyber security measures.
Sources: [ZD Net] [Infosecurity Magazine] [Security Magazine] [PrNewsWire] [Infosecurity Magazine]
BEC and Fund Transfer Fraud Top Insurance Claims
Cyber Insurer Coalition's 2024 Cyber Claims Report highlights a significant trend in cyber security threats, identifying email-based fraud as the predominant cause of insurance claims in 2023, accounting for 53% of all claims. Business email compromise (BEC) and funds transfer fraud (FTF) topped the list, contributing to 28% of claims and increasing claim amounts by 24% to an average loss exceeding $278,000. In contrast, ransomware, while less frequent at 19% of claims, also saw a rise in both frequency and severity, with average losses climbing to over $263,000. The report also notes a 13% year-on-year surge in overall claims, with substantial losses tied to compromised network security devices and a notable vulnerability in organisations using exposed remote desktop protocols.
Source: [Infosecurity Magazine]
Correlating Cyber Investments with Business Outcomes
The US Securities and Exchange Commission (SEC) has implemented stringent new rules compelling organisations to report significant cyber incidents within four days and to annually disclose details concerning their cyber security risk management, strategy, and governance. These mandates are seen as giving “more teeth to the idea that cyber security is a business problem” and “bringing an element of cyber security to the boardroom” according to cyber security solutions provider SecurityGate. Highlighted in the "Cybersecurity Insights" podcast, experts argue for simplifying cyber security strategies, advocating sustained resource allocation over reactive measures, and emphasising the importance of training over expensive solutions. These steps are deemed crucial for enhancing organisational resilience and security in a landscape where cyber threats are increasingly sophisticated and pervasive.
Source: [InfoRisk Today]
Verizon: Vulnerability Exploitation up 180%, 68% of Breaches involved Humans and Supply Chain Weak Link
Verizon has released the findings of its 17th Annual Data Breach Investigations Report, which showed security incidents doubled year over year in 2023 to a record high 30,458 security events and 10,626 confirmed breaches. Some of the key takeaways from the 100-page report include zero-day attacks on unpatched systems and devices rising 180% in 2023, most breaches (68%) involving a non-malicious human element and the median time for users to fall for phishing emails falling just south of 60 seconds. In its first inclusion as a separate metric, supply chain attacks were found to contribute to 15% of all attacks.
Sources: [MSSP Alert] [Verizon]
MOVEit & Change Healthcare Attacks Designated as Cyber Catastrophe Loss Events by Insurer
Verisk’s Property Claim Services (PCS) has recently identified the MOVEit and Change Healthcare cyber attacks as significant Cyber Catastrophe Loss Events. These designations are part of PCS’s Global Cyber solution, which tracks cyber incidents and their potential impact on the insurance market. The designation indicates that each attack is anticipated to result in insurance industry losses exceeding USD 250 million.
The MOVEit attack, linked to the Russian-affiliated group Cl0p, compromised over 2,700 organisations globally, affecting up to 90 million individuals. The Change Healthcare attack, attributed to the ALPHV/Blackcat gang, notably disrupted UnitedHealth Group’s operations, with projected costs and lost revenue totalling up to USD 1.6 billion. These designations highlight the escalating scale and financial impact of cyber incidents on global markets.
Source: [Reinsurance News]
Securing Your Organisation’s Supply Chain: Reducing the Risks of Third Parties
Nearly every organisation is part of a supply chain, where a significant amount of data is transferred. When data leaves your infrastructure, its security depends on the third party. The risks of a cyber incident increases as the supply chain increases.
Organisations need to mitigate the risks that their third party brings. This requires an understanding of the supply chain actors, and performing cyber security assessments of the most critical ones. The objective is to ensure that your organisation is satisfied with the third party’s security controls, or to work together to remediate any gaps.
Source: [Help Net Security]
Why Remote Desktop Tools are Facing an Onslaught of Cyber Threats
In the era of hybrid work, remote desktop tools have become crucial yet vulnerable points within corporate networks, attracting significant cyber criminal attention. A study by Barracuda Networks underscores the challenges of securing these tools. Virtual Network Computing (VNC) is particularly susceptible; it is targeted in 98% of these types of attacks due to its use of multiple, sometimes unsecured ports. VNC attacks predominantly exploit weak password practices, notably through brute force methods. Conversely, Remote Desktop Protocol (RDP) accounts for about 1.6% of these attacks but is favoured for more extensive network breaches, often involving ransomware or crypto mining. The study highlights a pressing need for robust endpoint management and heightened security measures to mitigate these threats.
Source: [ITPro]
95% of Organisations Revamped Cyber Security Strategies in the Last Year: Make Sure Yours is Right
A recent report found that 95% of companies have altered their cyber security strategies in the last twelve months. This was driven by keeping pace with the shifting regulatory landscape (98%), the need to meet customer expectations for data protection and privacy (89%), and the rise of AI-driven threats and solutions (65%). Almost half (44%) of non-security executives do not understand the regulatory requirements their organisation must adhere to.
When it came to reporting, the study found that security teams aren’t reporting on key operational metrics that define whether their security investments and strategy changes have a measurable impact. It is evident that there is a disconnect between security and non-security professionals when it comes to the business strategy.
Sources: [Business Wire] [Security Magazine]
Human Factor a Significant Risk for Small and Medium-Sized Businesses.
A survey of business and IT security in small and medium-sized businesses (SMBs) conducted by LastPass found that roughly one in five business leaders admits to circumventing security policies, as do one in 10 IT security leaders. The survey found that password management is critically important to cyber security, with nearly half (47%) reporting recent breaches due to compromised passwords.
Sources: [Beta News] [Business Wire]
Microsoft CEO Says it is Putting Security Above All Else in Major Refocus
Following a series of high-profile attacks in recent months and a report by the US Cyber Safety Review Board (CSRB), Microsoft’s CEO has revealed it will now focus its efforts on an increase in the commitment to security. Investigating a summer 2023 attack, Microsoft was deemed to have made a series of “avoidable errors”, including the failure to detect several compromises, the CSRB said.
Sources: [TechRadar]
Ending the Culture of Silence in Cyber Security; Three Ways to Empower Teams
A recent discussion on workplace errors highlights the significant repercussions of cyber breaches compared to typical office mistakes. In the UK, nearly a third of businesses face cyber attacks weekly, with each breach costing approximately £4,000. However, a concerning trend is that 41% of these breaches are not reported to internal leadership, often due to fears among staff about the consequences of admitting faults. A three-pronged approach has been suggested to foster a blame-free culture: providing tailored and evolving cyber training, establishing safe zones for admitting mistakes, and implementing robust recovery plans. This approach not only prepares employees to handle potential breaches more effectively but also encourages them to report incidents promptly, reducing the overall impact and aiding quicker recovery. Such strategies are essential for maintaining resilience against increasingly sophisticated cyber threats.
Source: [Minute Hack]
Governance, Risk and Compliance
Verizon 2024 Data Breach Investigations Report: 5 Takeaways | MSSP Alert
Verizon DBIR: Vulnerability exploitation in breaches up 180% | TechTarget
Verizon DBIR: Basic Security Gaffes Cause Breach Surge (darkreading.com)
95% of Organisations Revamped Their Cyber Security Strategies in the Last Year | Business Wire
95% of organisations adjusted cyber security strategies this past year | Security Magazine
1 in 5 US Ransomware Attacks Triggers Lawsuit - Infosecurity Magazine (infosecurity-magazine.com)
Are Enterprises Overconfident About Cyber Security Readiness? (govinfosecurity.com)
How CISOs Can Contend with Increasing Scrutiny from Regulators (informationweek.com)
Correlating Cyber Investments with Business Outcomes (inforisktoday.com)
Ending The Culture of Silence In Cyber Security – 3 Ways To Empower Teams - Minutehack
97% of security leaders have increased SaaS security budgets - Help Net Security
The rise in CISO job dissatisfaction – what’s wrong and how can it be fixed? | CSO Online
Should Cyber Security Leadership Finally be Professionalized? - SecurityWeek
What needs to change to overcome nonchalant security approaches | TechRadar
Agile by Design: Cyber Security at the Heart of Transformation (noeticcyber.com)
Threats
Ransomware, Extortion and Destructive Attacks
Q1 2024 Ransomware Report: 21% Increase in Q1 2023 Ransomware Activity (corvusinsurance.com)
91% of ransomware victims paid at least one ransom in the past year, survey finds | ZDNET
1 in 5 US Ransomware Attacks Triggers Lawsuit - Infosecurity Magazine (infosecurity-magazine.com)
There was an 81% year-over-year increase in ransomware attacks | Security Magazine
Ransom recovery costs reach $2.73 million - Help Net Security
Cactus Ransomware Group Targets Qlik Sense Servers | Decipher (duo.com)
How AI and data protection intersect in today's threat era - SiliconANGLE
Better hygiene may mitigate the need to ban ransomware payments | Computer Weekly
Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million (thehackernews.com)
How Businesses Should Grapple With Ransomware Threats (eetimes.eu)
Cyber security consultant arrested after allegedly extorting IT firm (bleepingcomputer.com)
Ransomware Victims
Change Healthcare breached via Citrix portal with no MFA | TechTarget
Almost all US hospitals took financial hit from Change hack, AHA says | Reuters
Another major pharmacy chain shuts following possible cyber attack | TechRadar
Hack That Paralyzed US Health Care Turns Up Scrutiny on Insurer (claimsjournal.com)
Cyber attack to cost Western Isles Council half a million pounds (holyrood.com)
LockBit publishes confidential data stolen from Cannes hospital in France (therecord.media)
French hospital CHC-SV refuses to pay LockBit extortion demand (bleepingcomputer.com)
'Cybersecurity incident' closes London Drugs' pharmacies • The Register
Phishing & Email Based Attacks
AI-driven phishing attacks deceive even the most aware users - Help Net Security
US Post Office phishing sites get as much traffic as the real one (bleepingcomputer.com)
If you receive a Shein mystery box, do not open it | TechRadar
Why the automotive sector is a target for email-based cyber attacks - Help Net Security
BEC
BEC and Fund Transfer Fraud Top Insurance Claims - Infosecurity Magazine (infosecurity-magazine.com)
Other Social Engineering
FBI warns of fake verification schemes targeting dating app users (bleepingcomputer.com)
A Lot of People Are Falling for Those 'Your Package Cannot Be Delivered' Texts | PCMag
Artificial Intelligence
AI-driven phishing attacks deceive even the most aware users - Help Net Security
AI is creating a new generation of cyber attacks - Help Net Security
Combating the Rising Tide of AI-Driven Cyber Crime (cryptopolitan.com)
Businesses turn to generative AI but many don't have policies on it (betanews.com)
How AI and data protection intersect in today's threat era - SiliconANGLE
Understanding emerging AI and data privacy regulations - Help Net Security
To understand the risks posed by AI, follow the money – O’Reilly (oreilly.com)
From Risk to Resilience: Managing Data Security in AI-Driven Enterprises | Inc.com
Cyber security experts face AI risks, deepfakes, burnout | Fortune
US Government Releases New AI Security Guidelines for Critical Infrastructure (thehackernews.com)
Why Using Microsoft Copilot Could Amplify Existing Data Quality and Privacy Issues - SecurityWeek
2FA/MFA
Malware
New "Goldoon" Botnet Targets D-Link Routers With Decade-Old Flaw (thehackernews.com)
New SOHO router malware aims for cloud accounts, internal company resources - Help Net Security
Guarding the Gates: The Growing Abundance of Linux Malware - VMRay
Bogus npm Packages Used to Trick Software Developers into Installing Malware (thehackernews.com)
Millions of Malicious 'Imageless' Containers Planted on Docker Hub Over 5 Years (thehackernews.com)
ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan (thehackernews.com)
New Cuttlefish malware infects routers to monitor traffic for credentials (bleepingcomputer.com)
Mobile
Powerful 'Brokewell' Android Trojan Allows Attackers to Takeover Devices - SecurityWeek
Google Prevented 2.28 Million Malicious Apps from Reaching Play Store in 2023 (thehackernews.com)
New Wpeeper Android malware hides behind hacked WordPress sites (bleepingcomputer.com)
Microsoft warns of "Dirty Stream" attack impacting Android apps (bleepingcomputer.com)
Denial of Service/DoS/DDOS
Internet of Things – IoT
NCSC: New UK law bans default passwords on smart devices (securityaffairs.com)
A glaring Android TV security flaw might put your Gmail at risk | Android Central
Data Breaches/Leaks
PSNI data breach: Almost 5,000 officers and staff in legal action - BBC News
Kaiser Permanente data breach may have impacted 13.4 million patients (securityaffairs.com)
FBCS data breach impacted 2M individuals (securityaffairs.com)
States shares health debt data of 5,000 in an email | Guernsey Press
Qantas app exposed sensitive traveller details to random users (bleepingcomputer.com)
Philadelphia Inquirer: Data of over 25,000 people stolen in 2023 breach (bleepingcomputer.com)
Australian pubgoers' personal info posted to leak site • The Register
Monash Health data breach exposes sexual assault and family violence claims (smh.com.au)
Panda Restaurant Group disclosed a data breach (securityaffairs.com)
Organised Crime & Criminal Actors
AI is creating a new generation of cyber attacks - Help Net Security
Combating the Rising Tide of AI-Driven Cyber Crime (cryptopolitan.com)
Router Roulette: Cyber Criminals and Nation-States Sharing Compromised Networks | Trend Micro (US)
Insider Risk and Insider Threats
How insider threats can cause serious security breaches - Help Net Security
Ex-NSA Employee Sentenced to 22 Years for Trying to Sell U.S. Secrets to Russia (thehackernews.com)
Insurance
Cyber facility in capacity raise as risk severity grows (emergingrisks.co.uk)
Hack That Paralyzed US Health Care Turns Up Scrutiny on Insurer (claimsjournal.com)
Supply Chain and Third Parties
Cloud/SaaS
New SOHO router malware aims for cloud accounts, internal company resources - Help Net Security
97% of security leaders have increased SaaS security budgets - Help Net Security
Encryption
UK's Investigatory Powers Bill approved to become law • The Register
Ten years of Heartbleed: Lessons learned | SC Media (scmagazine.com)
Linux and Open Source
Passwords, Credential Stuffing & Brute Force Attacks
Change Healthcare breached via Citrix portal with no MFA | TechTarget
Okta warns of "unprecedented" credential stuffing attacks on customers (bleepingcomputer.com)
NCSC: New UK law bans default passwords on smart devices (securityaffairs.com)
New Cuttlefish malware infects routers to monitor traffic for credentials (bleepingcomputer.com)
How to use a YubiKey to log into Windows and macOS (xda-developers.com)
Social Media
How TikTok Grew From a Fun App for Teens Into a Potential National Security Threat - SecurityWeek
Facebook at 20: Contemplating the Cost of Privacy (darkreading.com)
Training, Education and Awareness
Ending The Culture Of Silence In Cyber Security – 3 Ways To Empower Teams - Minutehack
Everyone's an Expert: How to Empower Your Employees for Cyber Security Success (thehackernews.com)
Regulations, Fines and Legislation
UK's Investigatory Powers Bill approved to become law • The Register
UK rolls out new consumer safeguards for smart devices (betanews.com)
FCC fines major wireless carriers over illegal location data sharing - Help Net Security
Understanding emerging AI and data privacy regulations - Help Net Security
CISA's incident reporting requirements go too far, trade groups and lawmakers say | CyberScoop
Data Protection
Careers, Working in Cyber and Information Security
Cyber security experts face AI risks, deepfakes, burnout | Fortune
The rise in CISO job dissatisfaction – what’s wrong and how can it be fixed? | CSO Online
Agencies to turn toward ‘skill-based hiring’ for cyber and tech jobs, ONCD says | CyberScoop
Cyber Security Degrees, Are They Really Worth It? | HackerNoon
Beyond the Buzz: Rethinking Alcohol as a Cyber Security Bonding Ritual - SecurityWeek
Law Enforcement Action and Take Downs
Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million (thehackernews.com)
Police shuts down 12 fraud call centres, arrests 21 suspects (bleepingcomputer.com)
Cyber security consultant arrested after allegedly extorting IT firm (bleepingcomputer.com)
CEO who sold fake Cisco devices to US military gets 6 years in prison (bleepingcomputer.com)
Misinformation, Disinformation and Propaganda
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Nation State Actors
China
‘Honeypots’ and influence operations: China’s spies turn to Europe (ft.com)
Philippines Pummelled by Cyber Attacks & Misinformation Tied to China (darkreading.com)
Germany grapples with wave of spying threats from Russia and China - BBC News
How TikTok Grew From a Fun App for Teens Into a Potential National Security Threat - SecurityWeek
Think tank: Tech companies spread China's propaganda • The Register
China's attacks on critical infrastructure ‘tip of the iceberg' | SC Media (scmagazine.com)
Chinese Hackers Have Been Probing DNS Networks Globally for Years: Report - SecurityWeek
Muddling Meerkat hackers manipulate DNS using China’s Great Firewall (bleepingcomputer.com)
Chinese government website security has big problems • The Register
Espionage breaches account for 25% in APAC, report reveals (securitybrief.co.nz)
Russia
Router Roulette: Cyber Criminals and Nation-States Sharing Compromised Networks | Trend Micro (US)
Russian Hackers Target Industrial Systems in North America, Europe - SecurityWeek
Pro-Russia hacktivists attacking vital tech in water and other sectors, agencies say | CyberScoop
Germany grapples with wave of spying threats from Russia and China - BBC News
Ukraine Targeted in Cyber Attack Exploiting 7-Year-Old Microsoft Office Flaw (thehackernews.com)
Germany Warns Of Consequences For Alleged Russian Cyber Attack (rferl.org)
Hackers Claim to Have Infiltrated Belarus’ Main Security Service - SecurityWeek
Military Tank Manual, 2017 Zero-Day Anchor Latest Ukraine Cyber Attack (darkreading.com)
Sweden prepares for Eurovision amidst fears of protests, cyber attacks and unrest | Euronews
Ex-NSA Employee Sentenced to 22 Years for Trying to Sell U.S. Secrets to Russia (thehackernews.com)
Two British men charged with helping Russian intelligence - BBC News
Two hackers in Ukraine accused of spreading Russian propaganda (therecord.media)
Iran
North Korea
Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence
Vulnerability Management
When is One Vulnerability Scanner Not Enough? (thehackernews.com)
Vulnerability exploitation nearly tripled in 2023 (telecoms.com)
Vulnerabilities
Cisco devices again targeted by state-linked threat campaign - TechCentral.ie
Okta warns of "unprecedented" credential stuffing attacks on customers (bleepingcomputer.com)
1,200+ Vulnerabilities Detected In Microsoft Products In 2023 (gbhackers.com)
Most attacks affecting SMBs target five older vulnerabilities | CSO Online
Severe Flaws Disclosed in Brocade SANnav SAN Management Software (thehackernews.com)
UnitedHealth hackers took advantage of Citrix vulnerability to break in, CEO says (yahoo.com)
Palo Alto Updates Remediation for Max-Critical Firewall Bug (darkreading.com)
WordPress plugin vulnerability poses severe security risk, allows for site takeovers | TechSpot
Ukraine Targeted in Cyber Attack Exploiting 7-Year-Old Microsoft Office Flaw (thehackernews.com)
New R Programming Vulnerability Exposes Projects to Supply Chain Attacks (thehackernews.com)
Grafana Tool Vulnerability Let Attackers Inject SQL Queries (gbhackers.com)
Microsoft says April Windows updates break VPN connections (bleepingcomputer.com)
NTLM auth traffic spikes after Windows Server patch • The Register
New "Goldoon" Botnet Targets D-Link Routers With Decade-Old Flaw (thehackernews.com)
Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks (thehackernews.com)
Ten years of Heartbleed: Lessons learned | SC Media (scmagazine.com)
1,400 GitLab Servers Impacted by Exploited Vulnerability - SecurityWeek
Tools and Controls
Why remote desktop tools are facing an onslaught of cyber threats | ITPro
Correlating Cyber Investments With Business Outcomes (inforisktoday.com)
When is One Vulnerability Scanner Not Enough? (thehackernews.com)
Microsoft CEO says it is "putting security above all else" in major refocus | TechRadar
Can automating security relieve CISO pressure? (techinformed.com)
10 Critical Endpoint Security Tips You Should Know (thehackernews.com)
Businesses turn to generative AI but many don't have policies on it (betanews.com)
Ending The Culture Of Silence In Cyber Security – 3 Ways To Empower Teams - Minutehack
Organisations Struggle with Zero Trust: Gartner | MSSP Alert
Tech Tip: Why Haven't You Set Up DMARC Yet? (darkreading.com)
97% of security leaders have increased SaaS security budgets - Help Net Security
DPRK's Kimsuky APT Abuses Weak DMARC Policies, Feds Warn (darkreading.com)
How to Red Team GenAI: Challenges, Best Practices, and Learnings (darkreading.com)
Chinese Hackers Have Been Probing DNS Networks Globally for Years: Report - SecurityWeek
Muddling Meerkat hackers manipulate DNS using China’s Great Firewall (bleepingcomputer.com)
Why LLMs are predicting the future of compliance and risk management | VentureBeat
Other News
Microsoft CEO says it is "putting security above all else" in major refocus | TechRadar
A Season Of Health Breaches, A Season Of Changes (forbes.com)
Bank of England tells payment firms to step up disruption mitigation plans (yahoo.com)
NCSC updates warning over hacktivist threat to CNI | Computer Weekly
The EU's Strategy for a Cyber Secure Digital Single Market | UpGuard
To Damage OT Systems, Hackers Tap USBs, Old Bugs & Malware (darkreading.com)
During National Small Business Week, Take Steps to Secure Your Business | CISA
At Microsoft, years of security debt come crashing down | Cybersecurity Dive
Sweden prepares for Eurovision amidst fears of protests, cyber attacks and unrest | Euronews
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
As usual, contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.