Threat Intelligence Blog
Contact us to discuss any insights from our Blog, and how we can support you in a tailored threat intelligence report.
Black Arrow Cyber Threat Briefing 09 February 2024
Black Arrow Cyber Threat Intelligence Briefing 09 February 2024:
-Over Half of Companies Experienced Cyber Security Incidents Last Year
-Deepfake Video Conference Costs Business $25 Million
-Watershed Year for Ransomware as Victims Rose by Almost 50% and Payments Hit $1 Billion All-Time High
-Malware-as-a-Service Now the Top Threat to Organisations
-Over 9 in 10 UK Firms Who Fell Victim to Ransomware Paid the Ransom, Despite Alleged “No Pay” Stances
-Chinese State Hackers Hid in National Infrastructure for at Least 5 Years
-Email Attacks on Businesses Tripled and AI is a Huge Contributing Factor
-Security Leaders, C-Suite Unite to Tackle Cyber Threats
-UN Experts Investigate Cyber Attacks by North Korea that Raked in $3 Billion to Build Nuclear Weapons
-What Does a ‘Cyber Security Culture’ Actually Entail?
-Beyond Checkboxes: Security Compliance as a Business Enabler
-No One in Cyber Security Is Ready for the SolarWinds Prosecution
Welcome to this week’s Black Arrow Cyber Threat Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Top Cyber Stories of the Last Week
Over Half of Companies Experienced Cyber Security Incidents Last Year
According to a recent global survey, over half of the participating companies faced major security incidents in the past year, necessitating additional resources to tackle these challenges. Despite these incidents, many organisations claim improved performance on key cyber security indicators and express confidence in their threat detection capabilities. The research highlights a concerning discrepancy between perceived security measures and the actual state of security operations, underscoring a lack of comprehensive visibility and effective response mechanisms within companies. Particularly concerning is the finding that organisations can typically monitor only two-thirds of their IT environments, exposing significant vulnerabilities. Furthermore, the study points to a greater need for greater automation and third-party assistance in threat detection and response, suggesting that while companies are aware of their shortcomings, the path to enhanced security involves embracing AI-driven solutions to close these gaps. This insight highlights to leadership the importance of investing in advanced cyber security technologies and expertise to safeguard the organisation’s digital assets effectively.
Sources: [Beta News] [Verdict]
Deepfake Video Conference Costs Business $25 Million
There has been a surge in the number of artificial intelligence deepfake attacks where technology is being used to impersonate individuals. In one case, a finance professional at a multinational was reportedly swindled out of $25 million (HK$200 million) of company money when scammers created a deepfake of his London-based chief financial officer in a video conference call, faking both the CFO’s look and voice. The scam involved the fake CFO making increasingly urgent demands to execute money transfers, resulting in 15 transfers from the victim employee. The reality of the attack was only discovered by the victim after he had contacted the company’s corporate head office.
Sources: [The Register] [Help Net Security] [TechCentral ] [Tripwire]
Watershed Year for Ransomware as Victims Rose by Almost 50% And Payments Hit $1 Billion All-Time High
Even with enforcers shutting down some ransomware gangs, the business of ransomware is booming. A recent report from Palo Alto Networks Unit 42 found a 49% increase in the number of victims reported on ransomware leak sites; this does not include those who were victims but did not appear on sites. This comes as ransomware hit an all time high, with over $1b made in ransomware payments. Of note, this is just ransom payments; this does not take in to account reputational damage, recovery costs and loss in share value. The real effects of a ransomware attack may take months or even years to materialise. As ransomware remains a constant threat, it is important for organisations to be prepared.
Sources: [The Verge ] [Malwarebytes] [Infosecurity Magazine] [CSO Online] [ITPro] [TechRadar]
Malware-as-a-Service Now the Top Threat to Organisations
Recent studies have underscored a significant shift in the cyber threat landscape, with Malware-as-a-Service (MaaS) and Ransomware-as-a-Service (RaaS) now dominating. These ‘as-a-service’ tools are particularly concerning as they lower the barrier to entry for cyber criminals, enabling even those with limited technical knowledge to launch sophisticated attacks. The report found that the most common as-a-Service tools were Malware loaders (77% of investigated threats), crypto-miners (52% of investigated threats) and botnets (39% of investigated threats). These findings underscore the adaptability of these threats, with malware strains being developed with multiple functions to maximise damage. Despite these trends, traditional methods like phishing continue to pose significant challenges for security teams. It’s clear that staying ahead of these evolving threats requires a proactive and comprehensive approach to cyber security.
Sources:[Infosecurity Magazine] [Beta News] [Help Net Security]
Over 9 in 10 UK Firms Who Fell Victim to Ransomware Paid the Ransom, Despite Alleged “No Pay” Stances
A recent report has found that over 97% of UK firms have paid a ransom in the last two years, finding even more reason to operate in a when-not-if environment. When asked about their recovery in an event, 38% said they could recover in four to six days, and 34% need one to two weeks to recover; almost one in four (24%) need over three weeks to recover data and restore business processes. Only 12% said their company had stress-tested their data security, data management, and data recovery processes or solutions in the six months prior to being surveyed, and 46% had not tested their processes or solutions in over 12 months.
Sources: [The FinTech Times] [ Help Net Security]
Chinese State Hackers Hid in National Infrastructure for at Least 5 Years
US cyber officials have said that they discovered China-sponsored hackers lurking in American computer networks, positioning themselves to disrupt communications, energy, transportation and water systems; and this had been going on for at least 5 years. This has led to a joint warning from the US FBI, National Security Agency and Cyber Infrastructure and Security Agency, which has been cosigned by Britain, Canada, Australia and New Zealand. This dwell time isn’t just something that is encountered in critical infrastructure networks; attackers lurk on networks, undiscovered often for years, allowing them to see everything going on in the corporate environment.
Sources: [NTD] [Washington Times]
Email Attacks on Businesses Tripled and AI is a Huge Contributing Factor
Email attacks against businesses have increased dramatically as hackers continually use generative AI tools to optimise their content and streamline malicious campaigns, new research has claimed.
The report from Acronis is based on data collected from more than a million unique endpoints across 15 countries, and found AI-powered phishing affected more than 90% of organisations last year. AI helped has email attacks grow by 222% since the second half of 2023.
Sources: [New Electronics] [TechRadar]
Security Leaders, C-Suite Unite to Tackle Cyber Threats
A recent survey found that CEOs are taking a more hands-on approach and prioritising cyber resilience in 2024, leading to the breakdown of traditional silos between IT operations and security teams. The survey polled over 200 C-Suite and senior-level IT executives globally, and revealed a growing recognition of the importance of collaboration in combating sophisticated cyber threats, with 99% of respondents observing increased connectivity between the teams over the past year. While progress has been made, challenges remain, with only 48% of organisations establishing joint protocols for incident mitigation or recovery. Looking ahead, respondents anticipate a significant role for artificial intelligence (AI) in enhancing security efforts, with 68% expecting AI to streamline threat detection and response. Despite advancements, fragmented data protection solutions persist as a challenge, impacting over 90% of organisations' cyber resiliency. This underscores the need for a top-down approach to cyber security, with CEOs and boards driving collaboration between IT operations and security teams to optimise cyber preparedness initiatives and mitigate cyber risks effectively.
Source: [Security Boulevard]
UN Experts Investigate Cyber Attacks by North Korea that Raked in $3 Billion to Build Nuclear Weapons
UN sanction monitors are investigating dozens of suspected cyber attacks by North Korea that have raked in $3 billion to help North Korea further its nuclear weapons programme, according to excerpts of an unpublished UN report. “The panel is investigating 58 suspected DPRK cyber attacks on cryptocurrency-related companies between 2017 and 2023, valued at approximately $3 billion, which reportedly help fund DPRK’s WMD development,” according to the monitors, who report twice a year to the 15-member security council.
Source: [The Guardian]
What Does a ‘Cyber Security Culture’ Actually Entail?
Fostering a robust cyber security culture emerges as a critical imperative for organisations in 2023, as revealed by ITPro Today's "State of Cybersecurity in 2023" study. Despite this recognition, organisations grapple with various challenges, including budget constraints, staffing shortages, and the failure to implement fundamental security practices like the principle of least privilege and zero trust. Insufficient staffing and constrained budgets elevate the risk of breaches, emphasising the need for a collective effort to bolster security measures.
Cultivating a cyber security culture entails educating every employee on security risks and holding them accountable for risk reduction efforts. While security teams play a pivotal role in setting expectations and providing guidance, a culture of cyber security necessitates continuous training, integration of security into everyday work, and clear delineation of risk ownership throughout the organisation. By prioritising proactive measures and fostering individual responsibility, organisations can fortify their defences against evolving cyber threats and mitigate risks effectively.
Source: [ITPro Today]
Beyond Checkboxes: Security Compliance as a Business Enabler
In today's complex business landscape, regulatory requirements are increasingly intricate, especially concerning cyber security compliance. While compliance might evoke images of stringent regulations and time-consuming audits, reframing our perspective reveals its potential as a vital business enabler. Security leaders, in collaboration with senior management, must cultivate a culture where commitment to cyber security compliance permeates the organisation, emphasising its role in fostering trust, facilitating global market access, and even serving as a competitive advantage. Moreover, robust compliance programs drive operational efficiency, innovation, and cost savings in the long run. Embracing cyber security compliance as a strategic enabler, rather than a regulatory burden, positions businesses for success, innovation, and resilience in an ever-evolving digital landscape.
Source: [Forbes]
No One in Cyber Security Is Ready for the SolarWinds Prosecution
The concept of "materiality" has taken centre stage for Chief Information Security Officers (CISOs) in light of new SEC regulations, requiring US public companies to disclose "material cyber security incidents" within four days. The SolarWinds breach and subsequent SEC charges against the company and its CISO highlight the seriousness of these regulations. This shift necessitates a deeper understanding of what constitutes "material" risk in cyber security and a more transparent approach to risk communication. However, many CISOs face challenges in quantifying and communicating cyber risks effectively to boards and executives, who often lack familiarity with cyber security terminology. This regulatory change underscores the need for CISOs to bridge the gap between cyber security and financial reporting, ensuring accurate and precise risk communication at the C-Suite level. Additionally, policymakers should incentivise C-Suite accountability for cyber risk management, fostering a culture where cyber risks are addressed proactively and transparently.
Source:[Council on Foreign Relations]
Governance, Risk and Compliance
Over half of companies experienced cyber security incidents last year (betanews.com)
Beyond Checkboxes: Security Compliance As Business Enabler (forbes.com)
Why an HR-IT Partnership is Critical for Managing Cyber Security Risk - Security Boulevard
The Cyber Threats Every C-Level Exec Should Care About In 2024 (forbes.com)
Security Leaders, C-Suite Unite to Tackle Cyberthreats - Security Boulevard
Cyber Security, Hybrid Workforce Management Among Top 2024 Business Challenges (allwork.space)
How CISOs navigate policies and access across enterprises - Help Net Security
Threats
Ransomware, Extortion and Destructive Attacks
The ransomware business is booming, even as enforcers shut down some players - The Verge
Paying ransoms is becoming a cost of doing business for many - Help Net Security
Chainalysis: 2023 a 'watershed' year for ransomware | TechTarget
The hidden cost of ransomware is more painful than many realize | ITPro
Is critical infrastructure prepared for OT ransomware? • The Register
Akira and 8Base are the ransomware gangs to watch in 2024 • The Register
Crypto-related ransomware attacks made 'major comeback' in 2023 (verdict.co.uk)
NCC Group records the most ransomware victims ever in 2023 | TechTarget
US govt ups bounty on Hive ransomware gang members to $15M • The Register
Ransomware Victims
Clorox says cyber attack caused $49 million in expenses (bleepingcomputer.com)
Blackbaud blasted for failing to prevent customer breaches | Computer Weekly
Lurie Children's Hospital cyber attack forces systems offline • The Register
Blackbaud settles FTC data security probe into 2020 ransomware attack | K-12 Dive (k12dive.com)
California union confirms ransomware attack following LockBit claims (therecord.media)
Another Chicago hospital announces cyber attack (therecord.media)
Funerals reportedly canceled due to ransomware attack on Austrian town (therecord.media)
Phishing & Email Based Attacks
Fake board meeting nets cyber criminals more than €28m - TechCentral.ie
QR Code 'Quishing' Attacks on Execs Surge, Evading Email Security (darkreading.com)
Email attacks on business tripled in 2023 — and ChatGPT was often the culprit | TechRadar
South African Railways Lost Over $1M in Phishing Scam (darkreading.com)
Artificial Intelligence
Fake board meeting nets cyber criminals more than €28m - TechCentral.ie
Surge in deepfake "Face Swap" attacks puts remote identity verification at risk | Tripwire
Email attacks on business tripled in 2023 — and ChatGPT was often the culprit | TechRadar
Could a threat actor socially engineer ChatGPT? (securityintelligence.com)
Current approaches can’t mitigate the AI cyber security threat. What can? (networkingplus.co.uk)
Malware
Malware-riddled Android apps spotted on Google Play Store — here's what to avoid | TechRadar
Google Play Used to Spread 'Patchwork' APT's Espionage Apps (darkreading.com)
macOS Malware Campaign Showcases Novel Delivery Technique (darkreading.com)
China Caught Dropping RAT Designed for FortiGate Devices (darkreading.com)
Netherlands accuses China of cyber spying after security service makes malware discovery | NL Times
Mobile
Malware-riddled Android apps spotted on Google Play Store — here's what to avoid | TechRadar
Google Links Over 60 Zero-Days to Commercial Spyware Vendors - SecurityWeek
'Coyote' Malware Begins Its Hunt, Preying on 61 Banking Apps (darkreading.com)US insurance firms sound alarm after 66,000 individuals impacted by SIM swap attack (bitdefender.com)
Google Play Used to Spread 'Patchwork' APT's Espionage Apps (darkreading.com)
Government hackers targeted iPhones owners with zero-days, Google says | TechCrunchWizz Removed from Apple and Google Stores for Sextortion Concerns - Infosecurity Magazine (infosecurity-magazine.com)
February 2024 Android security patch here for Pixels - Android Authority
Google fixed an Android critical remote code execution flaw (securityaffairs.com)
Warning from LastPass as fake app found on Apple App Store | Malwarebytes
Android XLoader malware can now auto-execute after installation (bleepingcomputer.com)
Denial of Service/DoS/DDOS
Internet of Things – IoT
Data Breaches/Leaks
HPE investigates new breach after data for sale on hacking forum (bleepingcomputer.com)
Blackbaud Comments on FTC Settlement, Continues to Strengthen Cyber Security - MarketWatch
FTC orders Blackbaud to overhaul ‘reckless’ security practices in wake of 2020 breach | TechCrunch
Looted RIPE Credentials for Sale on the Dark Web (darkreading.com)
Millions of User Records Stolen From 65 Websites via SQL Injection Attacks - SecurityWeek
'ResumeLooters' Attackers Steal Millions of Career Records (darkreading.com)
Data breach at French healthcare services firm puts millions at risk (bleepingcomputer.com)
Verizon Says Data Breach Impacted 63,000 Employees - SecurityWeek
Data breaches at Viamedis and Almerys impact 33 million in France (bleepingcomputer.com)
Report: More Than Half of Americans Have Had Their Data Exposed (govtech.com)
HopSkipDrive says personal data of 155,000 drivers stolen in data breach | TechCrunch
Organised Crime & Criminal Actors
Over half of companies experienced cyber security incidents last year (betanews.com)
As-a-Service tools empower criminals with limited tech skills - Help Net Security
Teens Committing Scary Cyber Crimes, What's Behind the Trend? (darkreading.com)
Nigerian President Dismisses Nation's 'Cyber Crime Haven' Image (darkreading.com)
Lessons Learned From Tracing Cyber Crime’s Evolution On The Dark Web (forbes.com)
US must ratchet up its response in pursuing hackers, MITRE CTO argues - Nextgov/FCW
Report: Blocked IP addresses increased by 116.42% | Security Magazine
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Pig-butchering scams morph into DeFi threats (cointelegraph.com)
Crypto-related ransomware attacks made 'major comeback' in 2023 (verdict.co.uk)
Insider Risk and Insider Threats
Former CIA worker spilled to WikiLeaks, jailed for 40 years • The Register
How bias can undermine insider threat monitoring | TechRadar
What is a Behavioral Risk Indicator? Demystifying Insider Risk Indicators - Security Boulevard
Supply Chain and Third Parties
Blackbaud blasted for failing to prevent customer breaches | Computer Weekly
Removing the weakest link: Strengthen the security of your supply chain (techuk.org)
Cloud/SaaS
Stop chasing shadow IT: Tackle the root causes of cloud breaches | SC Media (scmagazine.com)
Midnight Blizzard and Cloudflare-Atlassian Cyber Security Incidents - Security Boulevard
Organisations Left Grappling for Solutions Amid Alarming Cloud Security Gaps | Network Computing
Identity and Access Management
Encryption
Linux and Open Source
Passwords, Credential Stuffing & Brute Force Attacks
Credential Harvesting Vs. Credential Stuffing Attacks: What’s the Difference? - Security Boulevard
Looted RIPE Credentials for Sale on the Dark Web (darkreading.com)
AnyDesk downplays impact of cyber attack | SC Media (scmagazine.com)
Midnight Blizzard and Cloudflare-Atlassian Cyber Security Incidents - Security Boulevard
Social Media
Regulations, Fines and Legislation
How the SEC's Rules on Cyber Security Incident Disclosure Are Exploited (darkreading.com)
No one's happy with latest US cyber incident reporting plan • The Register
2023 Cyber Security Regulation Recap (Part 3): Privacy Protection - Security Boulevard
Models, Frameworks and Standards
Careers, Working in Cyber and Information Security
Combatting Stress In The Cyber Security Industry (forbes.com)
IT Security Hiring Must Adapt to Skills Shortages (informationweek.com)
Law Enforcement Action and Take Downs
Former CIA worker spilled to WikiLeaks, jailed for 40 years • The Register
Romance fraudster jailed after conning women out of £300k - BBC News
Cops arrest 17-year-old suspected of hundreds of swattings nationwide | Ars Technica
US must ratchet up its response in pursuing hackers, MITRE CTO argues - Nextgov/FCW
Report: Blocked IP addresses increased by 116.42% | Security Magazine
Misinformation, Disinformation and Propaganda
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Google Play Used to Spread 'Patchwork' APT's Espionage Apps (darkreading.com)
How to Win a Cyberwar: Use a Combined Intelligence Strategy (inforisktoday.com)
Nation State Actors
China
Chinese Hackers Preparing ‘Destructive Attacks,’ CISA Warns (govinfosecurity.com)
Chinese Hackers Hid in US Infrastructure for 5 Years | Newsmax.com
China's Cyber Attackers Target US and Allied Militaries (newsweek.com)
FBI Issues Ominous Warning of Imminent Cyber Attack on Critical Infrastructure - Security Boulevard
Dutch intelligence finds Chinese hackers spying on secret Defence Ministry network (therecord.media)
Shutting Down the Grid: Possible Cyber Attacks From Chinese Hackers | NTD
China Caught Dropping RAT Designed for FortiGate Devices (darkreading.com)
Top US venture capitalists invest in China tech for big returns (nypost.com)
Classified Japanese diplomatic info leaked after Chinese cyber attacks - The Japan Times
Philippines Says Hacker in China Behind Foiled Attack on Government Website - Bloomberg
Chinese hackers fail to rebuild botnet after FBI takedown (bleepingcomputer.com)
Russia
Iran
Designating Iranian Cyber Officials - United States Department of State
Microsoft: Iran is refining its cyber operations | CyberScoop
US sanctions Iranian officials over cyber attacks on water plants - BBC News
North Korea
Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence
Vulnerability Management
Vulnerabilities
Fortinet FortiSIEM hit by two 10/10 severity vulns • The Register
Fortinet warns of new FortiSIEM RCE bugs in confusing disclosure (bleepingcomputer.com)
Experts Detail New Flaws in Azure HDInsight Spark, Kafka, and Hadoop Services (thehackernews.com)
Critical Patches Released for New Flaws in Cisco, Fortinet, VMware Products (thehackernews.com)
Ivanti: Patch new Connect Secure auth bypass bug immediately (bleepingcomputer.com)
Newest Ivanti SSRF zero-day now under mass exploitation (bleepingcomputer.com)
Critical vulnerability in Mastodon sparks patching frenzy • The Register
Mastodon Vulnerability Allows Hackers to Hijack Any Decentralized Account (thehackernews.com)
February 2024 Android security patch here for Pixels - Android Authority
Government hackers targeted iPhones owners with zero-days, Google says | TechCrunch
JetBrains warns of new TeamCity auth bypass vulnerability (bleepingcomputer.com)
Critical vulnerability affecting most Linux distros allows for bootkits | Ars Technica
Google fixed an Android critical remote code execution flaw (securityaffairs.com)
Cisco fixes critical Expressway Series CSRF vulnerabilities (securityaffairs.com)
QNAP Patches High-Severity Bugs in QTS, Qsync Central - SecurityWeek
Tools and Controls
What is a Behavioral Risk Indicator? Demystifying Insider Risk Indicators - Security Boulevard
How to Win a Cyberwar: Use a Combined Intelligence Strategy (inforisktoday.com)
Surge in deepfake "Face Swap" attacks puts remote identity verification at risk | Tripwire
Close security gaps with attack path analysis and management | TechTarget
Using Proactive Intelligence Against Adversary Infrastructure - Security Boulevard
A Hacker’s Perspective For Building Proactive Organisational Defences (forbes.com)
Reports Published in the Last Week
Other News
Report: Mac security threats on the rise, here’s what to watch out for - 9to5Mac
Trustees urged to review cyber incident frameworks following NCSC changes - Pensions Age Magazine
Airbus App Vulnerability Introduced Aircraft Safety Risk: Security Firm - SecurityWeek
What Will the Future of Cyber Security Bring? - Security Boulevard
Cyber attacks on knowledge institutions are increasing: what can be done? (nature.com)
McPartland Review - Driving Economic Growth through Cyber Security (techuk.org)
A view from Brussels: ENISA celebrates 20th anniversary amid 'grim times' (iapp.org)
Revealed – top 10 cyber incidents of 2023 | Insurance Business America (insurancebusinessmag.com)
NCSC warns CNI operators over ‘living-off-the-land’ attacks | Computer Weekly
Super Bowl LVIII Presents a Vast Attack Surface for Threat Actors (darkreading.com)
We Need Cyber Security in Space to Protect Satellites | Scientific American
Inquiry to explore cyber risk to Sunak-Starmer showdown | Computer Weekly
Three predictions for responding to the cyber threat landscape in 2024 | Computer Weekly
How Hospitals Can Help Improve Medical Device Data Security (darkreading.com)
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
As usual, contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.
Black Arrow Cyber Threat Briefing 08 December 2023
Black Arrow Cyber Threat Intelligence Briefing 08 December 2023:
-Cyber Attacks More Likely Than Fire or Theft, as Fifth of UK Businesses Fallen Victim To Cyber Attack in Past Year
-Russia Hacking: 'FSB in Years-Long Cyber Attacks on UK', Says Government
-NCSC CTO Cyber Security is Essential, Not Optional
-69% of Organisations Paid Ransoms, contributing to Inflation as Firms Increase Costs
-75% of Sports Related Passwords are Reused Across Accounts
-Ransomware in 2024: Anticipated Impact, Targets, and Landscape Shift
-Ransomware, Vendor Hacks Push Breach Number to Record High
-Nuclear Hack Creates Rising Fears of Cyber Vulnerability in Critical Infrastructure
-Thousands of House Purchases Frozen by Cyber Attack; Will They Complete Before Christmas?
-US Government Agency Was Hacked Thanks to 'End of Life' Software
-Digital Transformation, Security Implications, and their Effects on The Modern Workplace
-Third Party Breaches Shake up Energy Sector, with 90% Suffering from Third-Party Breach
-Report Reveals Sorry State of Cyber Security at UK Football Clubs
Welcome to this week’s Black Arrow Cyber Threat Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Top Cyber Stories of the Last Week
Cyber Attacks More Likely Than Fire or Theft, as Fifth of UK Businesses Fallen Victim To Cyber Attack in Past Year
A survey of more than 1,200 UK businesses of all sizes across multiple industries conducted by Aviva found that a fifth of UK businesses were victims to cyber attacks in the past year. The report found that businesses were 67% more likely to have experienced a cyber incident than a physical theft and five times more likely to have experienced a cyber attack than a fire.
When it came to the fallout from a cyber attack, 31% of businesses experienced operational disruption and 20% admit to not being confident in knowing what to do should this happen. This lack of confidence rises to more than a quarter (27%) for small businesses, who appear to be the most vulnerable to such a risk. Financially, the average incident was found to cost £21,000, however this figure is likely to be more given the further implications that result from a cyber attack.
Sources: [Insurance Age] [theHRD] [Infosecurity Magazine]
Russia Hacking: 'FSB in Years-Long Cyber Attacks on UK', Says UK Government
The UK government has accused Russia's Federal Security Service (FSB), successor to the KGB, of conducting a prolonged cyber hacking campaign since at least 2015, targeting politicians, journalists, academics, and others through sophisticated attacks that included the creation of false accounts. This accusation, part of a coordinated effort with the US, aims to disrupt FSB operations and raise awareness ahead of major elections. This comes as a recent report by Palo Alto Networks' Unit 42 found that the Russia-linked APT28 group, also known as “Forest Blizzard” or “Fancybear,” has exploited a Microsoft Outlook vulnerability to target European NATO members. Active since 2007 and linked to the Russian military, APT28's recent campaigns have focused on government, energy, transportation, and NGOs in the US, Europe, and the Middle East. These incidents highlight the critical need for enhanced cyber security measures and international cooperation to counter sophisticated and evolving cyber threats, ensuring the security of sensitive sectors and the integrity of global democratic processes.
Sources: [BBC News] [ Security Affairs]
NCSC CTO: Cyber Security is Essential, Not Optional
Ollie Whitehouse, Chief Technology Officer (CTO) of the UK’s NCSC has argued in a recent keynote that extra security features should not be a premium feature, highlighting the importance of vendors adopting a secure-by-design method, rather than implementing security upcharges where vendors charge extra for users to secure their product.
The speech also noted that organisations should utilise the tools that are already available to them, on top of maintaining a focus on user awareness.
Sources: [Infosecurity Magazine] [Dark Reading]
69% of Organisations Paid Ransoms, contributing to Inflation as Firms Increase Costs
According to a survey, 75% of respondents reported being targeted by ransomware in the past year, and of those, 69% paid the ransom. 54% of those who paid the ransom, suffered financial ramifications of $100,000 or more. It is unclear whether the research includes further implications such as regulatory fines, loss of work, reputational damage, and cost of down-time.
A separate study found that ransomware attacks costs are directly contributing to rising inflation in the UK, as businesses face an average increase of 17% to their costs following an attack. Cumulatively, 68% of the companies represented in the survey reported they had increased prices by at least 11% as a direct result of suffering an attack. In addition, of those falling victim to ransomware, 70% believed their business would have to close if they suffered another attack. When it came to the time lost to dealing with ransomware, companies took an average of two months to recover from an attack and 16% took between three and six months.
Sources: [ITPro] [Beta News] [Security Magazine]
75% of Sports Related Passwords are Reused Across Accounts
According to a recent Bitwarden report, 33% of Americans have used a sports-themed password. This figure rose to 49% for those ages 18-34. Of those, 75% admitted to using it across multiple accounts. Password re-use a common issue globally: by re-using passwords, users are multiplying the likelihood of being breached by an attacker. Additionally, this can crossover to the corporate environment, where users’ personal breached credentials can be utilised to get into their corporate account.
Sources: [Security Magazine] [Help Net Security]
Ransomware in 2024: Anticipated Impact, Targets, and Landscape Shift
As ransomware continues to rise, we can expect groups to evolve their attacks, operating on a larger scale for bigger profits, especially following large-scale supply chain attacks in the past 12 months. Ransomware has solidified its position as the predominant security threat in 2023, with a record number of victims. A recent report highlighted a 46% increase in cyber extortion and ransomware attacks compared to previous years. This trend shows ransomware evolving into a profitable microcosm, akin to a startup ecosystem, with more groups emerging as disruptors and newcomers. In response, organisations are increasingly turning to services that lend-out cryptocurrency, a frequent ransomware payment method. With changing tactics and the formation of new groups, it's crucial for leaders to prepare their 2024 security strategies now, ensuring they have a robust plan in place to counter ransomware threats to their organisations.
Sources: [Barrons] [Help Net Security] [Computer Weekly]
Ransomware, Vendor Hacks Push Breach Number to Record High
The world is experiencing a significant rise in data breaches, reaching a record high with more than 360 million individuals affected in the first eight months of 2023 in the US alone, according to a joint report from Apple and an MIT researcher. This alarming increase includes a notable surge in ransomware attacks, which have escalated by nearly 70% compared to 2022. The healthcare sector is particularly vulnerable, with 60% of organisations reporting ransomware attacks in 2023, an increase from 34% in 2021. The largest health data breach this year impacted 11 million people at HCA Healthcare. A critical factor in these breaches is the exploitation of third-party vendors, as seen in attacks on Progress Software's MOVEit and Fortra's GoAnywhere applications. These incidents highlight the urgent need for organisations to prioritise data security, especially in managing relationships with vendors, to protect sensitive information and mitigate the growing threat of cyber attacks.
Source: [Info Risk Today]
Nuclear Hack Creates Rising Fears of Cyber Vulnerability in Critical Infrastructure
News of one of the UK’s most high profile nuclear power stations, Sellafield, being hacked, with fears that highly sensitive information has been accessible for years, has led to new calls for the UK to tighten up security of its vital infrastructure. Rather worryingly, The Guardian have added that it discovered that authorities were unaware of its first compromise, but it has been detected as far back as 2015.
Sources: [Emerging Risks]
Thousands of House Purchases Frozen by Cyber Attack; Will They Complete Before Christmas?
Conveyancing firms across the UK faced significant disruption when they discovered blank screens on their computers due to a problem originating from CTS, a cloud hosting provider widely used for legal applications. This unexpected issue led many within these affected firms to hastily purchase new laptops to regain partial access to emails and documents, but their case management systems remained largely inaccessible. Firms had to devise manual workarounds to keep transactions moving, amidst concerns about the safety of client data and funds. While most firms have found ways to progress with exchanges and completions, the reliance on cumbersome manual processes and limited access to client data and financial systems has more than doubled the workload. This situation raises several questions about the preparedness and resilience of paperless (or paper-light) office environments, the adequacy of backup systems, and potential compensation for those inconvenienced. The immediate focus, however, is on collaborative efforts to ensure as many clients as possible can move into their new homes before Christmas.
Source: [Property Industry Eye]
US Government Agency Was Hacked Thanks to 'End of Life' Software
The US Cyber security and Infrastructure Security Agency (CISA) recently issued a warning about two cyber attacks on an undisclosed federal agency, exploiting a vulnerability in outdated Adobe ColdFusion software. This software, now end-of-life, no longer receives updates, leaving the agency vulnerable and unable to apply security patches. The attacks, which occurred in June and July, appeared to be reconnaissance efforts to map the agency's network, with no evidence of malware installation or data exfiltration. However, it's unclear if the same hackers were behind both incidents. Microsoft Defender for Endpoint detected and limited the hackers' activities. This situation underscores the significant risks associated with running end-of-life software, highlighting the need for organisations to update or replace such software to protect against potential cyber threats.
Source:[ TechCrunch]
Digital Transformation, Security Implications, and their Effects on The Modern Workplace
The vast majority of digital transformation projects will have implications for your cyber security, yet too often this is overlooked with the focus on delivery of the project or the functionality it will bring. Thinking about security after the fact is not only more expensive and less efficient, but can also mean dangerous gaps remaining open in the meantime. In this era, where remote work and public network access are prevalent, the lack of a robust cyber security framework significantly undermines the digital transformation process. Continuous employee education on digital threats and proactive cyber security measures are not just add-ons but essential components of a successful digital transformation. As businesses move towards 2024, integrating advanced cyber security practices is as crucial as adopting new technologies for a truly effective and secure digital transformation.
Source:[ Forbes]
Third Party Breaches Shake up Energy Sector, with 90% Suffering from Third-Party Breach
With 90% of the largest energy companies globally experiencing a third-party breach in the past 12 months, it is no wonder the sector is shaken. In the US, 100% of the top 10 US energy providers suffered a breach and in total, 98% of the organisations in the research used at least one third party vendor that had experienced a breach in the last two years.
Third-party breaches are a concern for any organisation. It is important to know who has access to your organisation’s data, and what security controls they have in place to protect it. Organisations can benefit from firstly identifying who has their information and then conducting supply chain risk assessments to understand what information is held and how it is protected.
Sources: [Help Net Security]
Report Reveals Sorry State of Cyber Security at UK Football Clubs
A new report reveals a concerning lack of cyber resilience within UK football clubs, extending from the Premier League downwards. The industry, increasingly targeted by cyber attacks, suffers from a disconnect between the perceived and actual risk levels. Key findings include a general lack of cyber maturity, outdated approaches to cyber security, and a scarcity of dedicated IT and cyber security roles, including Chief Information Security Officers (CISOs). Despite significant financial investments in players, there's reluctance from club boards to allocate sufficient resources for cyber security. The report underscores the need for comprehensive training, increased awareness of security risks across all levels of club operations, and the hiring of dedicated cyber security professionals. This situation calls for an industry-wide standard for cyber security budgets, scaled according to the club's size and turnover, to adequately address these emerging digital threats.
Source: [Computer Weekly]
Governance, Risk and Compliance
A fifth of UK businesses victims of cyber attacks in past year - Insurance Age
Cyber Attacks More Likely Than Fire or Theft - Infosecurity Magazine (infosecurity-magazine.com)
Digital Transformation And Its Effects On The Modern Workplace (forbes.com)
UK Cyber CTO: Vendors' Security Failings Are Rampant (darkreading.com)
Record-breaking 2023 highlights constant cyber threat (emergingrisks.co.uk)
2024 will see wave after wave of cyber attacks | theHRD (thehrdirector.com)
Doing More With Less: Cyber Security Tools And Budget Efficiency (forbes.com)
Why Invest? Building a Case for Increasing Cyber Security Budgets | UpGuard
SolarWinds lawsuit by SEC puts CISOs in the hot seat | SC Media (scmagazine.com)
CISOs are getting more help after cyber attacks, but often it isn't helping | TechRadar
Cyber and remote working: How Covid moved the cursor | Computer Weekly
Why effective cyber security is more important than ever for European family offices | Campden FB
Building cyber-resilience: Security, compliance, governance, and privacy - Digital Journal
Massive Consolidated Lawsuit Blazes Trail for Hacking Litigation (bloomberglaw.com)
Threats
Ransomware, Extortion and Destructive Attacks
69% of organisations facing ransomware attacks paid the ransom | Security Magazine
2023 may have seen highest ransomware ‘body count’ yet | Computer Weekly
Cyber attacks surge in 2023, as millions fall victim to ransomware: Report (yahoo.com)
Ransomware attack costs are driving up inflation in the UK | ITPro
Ransomware ramped up against private sector in November | TechTarget
BlackCat threatens to directly extort vendor's customers • The Register
New wave of ransomware attacks plague US critical infrastructure post-Thanksgiving (axios.com)
How Ransomware Gangs Are Fueling a New Cyber Security Arms Race - Barron's (barrons.com)
Ransomware, Vendor Hacks Push Breach Number to Record High (inforisktoday.com)
Expert warns of Turtle macOS ransomware (securityaffairs.com)
Microsoft Warns of Malvertising Scheme Spreading CACTUS Ransomware (thehackernews.com)
Linux version of Qilin ransomware focuses on VMware ESXi (bleepingcomputer.com)
LockBit Remains Top Global Ransomware Threat - Infosecurity Magazine (infosecurity-magazine.com)
Wanted: top three most prolific ransomware gangs revealed! (techinformed.com)
Russian pleads guilty to running crypto-exchange used by ransomware gangs (bleepingcomputer.com)
Ransomware, Data Breaches Inundate OT & Industrial Sector (darkreading.com)
Ransomware Victims
60 US credit unions offline after cloud ransomware infection • The Register
'Thousands' affected by cyber attack on conveyancing platform (thenegotiator.co.uk)
Western Isles Council 'counting cost' of November's cyber attack - BBC News
Austal USA Investigates Cyber Attack Claimed by Ransomware Group (darkreading.com)
Almost 440K individuals affected by cyber attack on Proliance Surgeons (WA) | HealthLeaders Media
Phishing & Email Based Attacks
Black Friday phishing attacks, and other cyber security news | World Economic Forum (weforum.org)
US aerospace firm downed by spearphishing attack | SC Media (scmagazine.com)
Booking.com users angry at firm's response to hacks - BBC News
Hershey warns of data breach following phishing attack (therecord.media)
This huge Russian phishing campaign is hitting targets across the world | TechRadar
ChatGPT builder helps create scam and hack campaigns - BBC News
Artificial Intelligence
ChatGPT builder helps create scam and hack campaigns - BBC News
Artificial Intelligence: How It Can Target Your Firm’s Cyber Security Defences - Above the Law
Bank of England Will Review the Risks That AI Poses to UK Financial Stability - SecurityWeek
How do security leaders view AI and cyber risk insurance? • Foundry (foundryco.com)
Exploring the impact of generative AI in the 2024 presidential election - Help Net Security
Put guardrails around AI use to protect your org, but be open to changes - Help Net Security
Major Organisations Using 'Hugging Face' AI Tools Put at Risk by Leaked API Tokens - SecurityWeek
Proliferation of AI-driven Attacks Anticipated in 2024 (itsecuritywire.com)
Artificial Intelligence: How It Can Target Your Firm’s Cyber Security Defences - Above the Law
Researchers automated jailbreaking of LLMs with other LLMs - Help Net Security
Malware
Fake WordPress security advisory pushes backdoor plugin (bleepingcomputer.com)
Russian Hacker Vladimir Dunaev Convicted for Creating TrickBot Malware (thehackernews.com)
Critical 'LogoFAIL' Bugs Offer Secure Boot Bypass for Millions of PCs (darkreading.com)
Agent Racoon Backdoor Targets Organisations in Middle East, Africa, and US (thehackernews.com)
Mac users are being targeted again with dangerous malware - here's what to know | TechRadar
Russian hacker pleads guilty to Trickbot malware conspiracy (bitdefender.com)
New Stealthy 'Krasue' Linux Trojan Targeting Telecom Firms in Thailand (thehackernews.com)
Hackers switch from email attacks to downloads (therecord.com)
Microsoft Warns of COLDRIVER's Evolving Evading and Credential-Stealing Tactics (thehackernews.com)
Mobile
Android users warned about new threat after one victim loses $280K - PhoneArena
December Android updates fix critical zero-click RCE flaw (bleepingcomputer.com)
94 Vulnerabilities Patched in Android with December 2023 Security Updates - SecurityWeek
Top mobile password managers could be exposing user details | TechRadar
Apple Commissions Data Breach Study to Highlight Need for End-to-End Encryption - SecurityWeek
Russian Hackers’ Lawsuit Reveals Weaknesses In Apple’s iOS 16 (forbes.com)
SpyLoan Android malware on Google Play downloaded 12 million times (bleepingcomputer.com)
Vulns in Android WebView, Password Managers Can Leak User Credentials (darkreading.com)
New Bluetooth Flaw Let Hackers Take Over Android, Linux, macOS, and iOS Devices (thehackernews.com)
Apple and some Linux distros are open to Bluetooth attack • The Register
Denial of Service/DoS/DDOS
Internet of Things – IoT
EU gets tough on cyber threat with sweeping security agreement (emergingrisks.co.uk)
Customizing Cyber Security For Critical Infrastructure In Smart Cities (forbes.com)
Data Breaches/Leaks
23andMe to Book Up to $2M in Cyber Security Breach Expenses - MarketWatch
After hack, 23andMe gives users 30 days to opt out of class-action waiver | Ars Technica
23andMe updates user agreement to prevent data breach lawsuits (bleepingcomputer.com)
23andMe confirms hackers stole ancestry data on 6.9 million users | TechCrunch
23andMe: Data Breach Was a Credential-Stuffing Attack (darkreading.com)
Data breach debacle hits yet another UK public sector org • The Register
Fortune-telling website WeMystic exposes 13M+ user records (securityaffairs.com)
Hackers Claim to Have Stolen Data From Naval Shipyard Austal USA (maritime-executive.com)
Hershey warns of data breach following phishing attack (therecord.media)
Nissan is investigating cyber attack and potential data breach (bleepingcomputer.com)
GST Invoice Billing Inventory exposes sensitive data to threat actors (securityaffairs.com)
Ransomware, Data Breaches Inundate OT & Industrial Sector (darkreading.com)
Organised Crime & Criminal Actors
Record-breaking 2023 highlights constant cyber threat (emergingrisks.co.uk)
Police Arrests 1000 Suspected Money Mules - Infosecurity Magazine (infosecurity-magazine.com)
Online crime risks are doubling: Are cyber criminal groups starting to merge? - Digital Journal
Russian pleads guilty to running crypto-exchange used by ransomware gangs (bleepingcomputer.com)
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
North Korea's state hackers stole $3 billion in crypto since 2017 (bleepingcomputer.com)
Platypus exploiters walk free after claiming to be ‘ethical hackers’ (cointelegraph.com)
Russian pleads guilty to running crypto-exchange used by ransomware gangs (bleepingcomputer.com)
Insider Risk and Insider Threats
Insurance
Cyber Attacks More Likely Than Fire or Theft - Infosecurity Magazine (infosecurity-magazine.com)
How do security leaders view AI and cyber risk insurance? • Foundry (foundryco.com)
Brokers urged to deliver cyber threat message (emergingrisks.co.uk)
Hot Topics to Consider for 2024 D&O Questionnaires | Bryan Cave Leighton Paisner - JDSupra
Supply Chain and Third Parties
Third-party breaches shake the foundations of the energy sector - Help Net Security
Ransomware, Vendor Hacks Push Breach Number to Record High (inforisktoday.com)
60 US credit unions offline after cloud ransomware infection • The Register
Tipalti investigates claims of data stolen in ransomware attack (bleepingcomputer.com)
Major Organisations Using 'Hugging Face' AI Tools Put at Risk by Leaked API Tokens - SecurityWeek
BlackCat threatens to directly extort vendor's customers • The Register
Cloud/SaaS
60 US credit unions offline after cloud ransomware infection • The Register
Make a Fresh Start for 2024: Clean Out Your User Inventory to Reduce SaaS Risk (thehackernews.com)
Alert: Threat Actors Can Leverage AWS STS to Infiltrate Cloud Accounts (thehackernews.com)
More oversight needed for cloud in banking, say regulators - Tech Monitor
Encryption
Cracking Weak Cryptography Before Quantum Computing Does (darkreading.com)
HSBC tests protecting FX trading from quantum computer attacks (yahoo.com)
Apple Commissions Data Breach Study to Highlight Need for End-to-End Encryption - SecurityWeek
Linux and Open Source
New Bluetooth Flaw Let Hackers Take Over Android, Linux, macOS, and iOS Devices (thehackernews.com)
Apple and some Linux distros are open to Bluetooth attack • The Register
Passwords, Credential Stuffing & Brute Force Attacks
75% of sports-related passwords are reused across accounts | Security Magazine
New Relic admits attack on staging systems, user accounts • The Register
After hack, 23andMe gives users 30 days to opt out of class-action waiver | Ars Technica
23andMe: Data Breach Was a Credential-Stuffing Attack (darkreading.com)
Vulns in Android WebView, Password Managers Can Leak User Credentials (darkreading.com)
Top mobile password managers could be exposing user details | TechRadar
Malvertising
Training, Education and Awareness
Regulations, Fines and Legislation
EU gets tough on cyber threat with sweeping security agreement (emergingrisks.co.uk)
More oversight needed for cloud in banking, say regulators - Tech Monitor
Bank of England Will Review the Risks That AI Poses to UK Financial Stability - SecurityWeek
SolarWinds lawsuit by SEC puts CISOs in the hot seat | SC Media (scmagazine.com)
Models, Frameworks and Standards
Data Protection
Careers, Working in Cyber and Information Security
Law Enforcement Action and Take Downs
Russian Hacker Vladimir Dunaev Convicted for Creating TrickBot Malware (thehackernews.com)
Interpol Arrests Smuggler With New Biometric Screening Database (darkreading.com)
Russian pleads guilty to running crypto-exchange used by ransomware gangs (bleepingcomputer.com)
Misinformation, Disinformation and Propaganda
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Nation State Actors
China
Sellafield nuclear site 'hit by cyber attacks from Russian and Chinese hackers' - Tech Monitor
Sellafield nuclear site under ‘robust scrutiny’ over cyber security fears (telegraph.co.uk)
UK government denies China/Russia nuke plant hack claim • The Register
Russia
Russia hacking: 'FSB in years-long cyber attacks on UK', says government - BBC News
NCSC exposes Russian cyber attacks on UK political processes | Computer Weekly
UK names FSB unit behind hack-and-leak campaigns, summons Russian ambassador (therecord.media)
2 Russian intel officers charged with hacking into US and British government agencies (nbcnews.com)
Russia's APT8 exploited Outlook 0day to target EU NATO members (securityaffairs.com)
Fancy Bear goes phishing in US, European high-value networks • The Register
This huge Russian phishing campaign is hitting targets across the world | TechRadar
Russian hacker pleads guilty to Trickbot malware conspiracy (bitdefender.com)
Microsoft Warns of COLDRIVER's Evolving Evading and Credential-Stealing Tactics (thehackernews.com)
Russian Hackers’ Lawsuit Reveals Weaknesses In Apple’s iOS 16 (forbes.com)
Iran
Breaches by Iran-Affiliated Hackers Spanned Multiple US States, Federal Agencies Say - SecurityWeek
US, Israel Warn of Iranian-Linked Cyber Attacks on Water Systems - Bloomberg
North Korea
Vulnerability Management
CISA says US government agency was hacked thanks to ‘end of life’ software | TechCrunch
CISA's Goldstein wants to ditch 'patch faster, fix faster' model | CyberScoop
Key drivers of software security for financial services - Help Net Security
Vulnerabilities
Sticking With Windows 10 Instead Of Upgrading? Get Ready To Pay For Security Updates (slashgear.com)
Quick: Update iPhones and Macs – WebKit security hole found • The Register
VMware Patches Critical Authentication Bypass Bug | Decipher (duo.com)
Critical 'LogoFAIL' Bugs Offer Secure Boot Bypass for Millions of PCs (darkreading.com)
Notepad++ Input Validation Flaw Leads Search Path Vulnerability (cybersecuritynews.com)
December Android updates fix critical zero-click RCE flaw (bleepingcomputer.com)
94 Vulnerabilities Patched in Android With December 2023 Security Updates - SecurityWeek
Adobe ColdFusion flaw exploited in US government agency attacks (stackdiary.com)
Qualcomm Releases Details on Chip Vulnerabilities Exploited in Targeted Attacks (thehackernews.com)
Dangerous vulnerability in fleet management software seemingly ignored by vendor | CyberScoop
Future Intel, AMD and Arm CPUs Vulnerable to New 'SLAM' Attack: Researchers - SecurityWeek
Tools and Controls
Cyber Attacks More Likely Than Fire or Theft - Infosecurity Magazine (infosecurity-magazine.com)
How to recover systems in the event of a cyber attack | Computer Weekly
How Financial Institutions Can Navigate the ‘Operational Resilience' imperative (finextra.com)
How to solve 2 MFA challenges: SIM swapping and MFA fatigue | TechTarget
Why you should create a physical security standard for your company (securitybrief.co.nz)
Why Invest? Building a Case for Increasing Cyber Security Budgets | UpGuard
New 'Pool Party' Process Injection Techniques Undetected by EDR Solutions - SecurityWeek
Best 10 Best Cyber Attack Maps - 2024 (cybersecuritynews.com)
Brokers urged to deliver cyber threat message (emergingrisks.co.uk)
Proactive, not reactive: the path to ensuring operational resilience in cyber security | CSO Online
Cyber Security: How to Demonstrate Resilience and Hygiene - Techopedia
Cyber Security Insurance: Once Optional, Now Essential (informationweek.com)
When Should You Replace A Cyber Security Vendor? (forbes.com)
Are companies falling behind on cyber security awareness training? | CTV News
Other News
NATO’s Flagship Cyber Exercise Concludes In Estonia – Eurasia Review
Ofcom publishes UK age verification proposals • The Register
Microsoft Hires New CISO in Major Security Shakeup - SecurityWeek
US aerospace companies are facing dangerous new cyber attacks | TechRadar
Report reveals sorry state of cyber security at UK football clubs | Computer Weekly
2023’s Dark Horse Cyber Story: Critical Infrastructure Attacks (govtech.com)
Nuclear hack creates rising fears of cyber vulnerability in critical services (emergingrisks.co.uk)
The World Depends on 60-Year-Old Code No One Knows Anymore | PCMag
Public sector has misplaced confidence in cyber security (securitybrief.co.nz)
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
As usual, contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.