Black Arrow Cyber Threat Intelligence Briefing 01 November 2024
Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Top Cyber Stories of the Last Week
Banks and Regulators Warn of Rise in ‘Quishing’ QR Code Scams
Banks and regulators have flagged a concerning rise in "quishing" scams, where fraudsters use QR codes in emails to bypass corporate cyber security. This technique, involving QR codes in PDF attachments, often evades standard security filters, tricking recipients into disclosing financial details. Increased during the pandemic, such scams now represent over 20% of UK online scams, with reports doubling in the past year. While these scams frequently occur via email, they also target public QR code installations, from parking meters to EV chargers. As quishing continues to evolve, organisations may need to enhance detection capabilities to counter this growing threat.
Russia Carrying Out Targeted Attacks In UK, Microsoft Warns
Microsoft and AWS have issued warnings about targeted cyber attacks by a Russian-backed group, aimed primarily at the UK and other countries. Known as Midnight Blizzard or APT29, this group has been using highly targeted spear-phishing emails since October to infiltrate government, defence, academic, and non-profit sectors. Posing as Microsoft or AWS staff, attackers use social engineering techniques involving remote access protocol attachments that create direct connections to attacker-controlled servers. This method can expose user credentials and facilitate unauthorised access to sensitive information, including device resources, potentially allowing attackers to install persistent malware on compromised systems.
Spoof Eventbrite Phishing Emails Lure in Victims in Major Attack
Cyber criminals have increasingly exploited Eventbrite’s platform, with a 900% surge in phishing attacks using this trusted event management service. Hackers create fake events under familiar brand names, leveraging Eventbrite's built-in mailing system to distribute phishing emails that bypass common security filters due to the trusted domain of ‘noreply@events.eventbrite.com’. Through these messages, victims are urged to take immediate action, often leading to the disclosure of sensitive data like login credentials, tax identification numbers, and payment details. This method has proven effective, highlighting the need for heightened vigilance around trusted online platforms.
Business Email Compromise Scams Dominate Q3 2024 Threats
The VIPRE Security Group’s recent report highlights the increasing sophistication of Business Email Compromise (BEC) scams, which accounted for 58% of phishing attempts and heavily relied on impersonating authority figures such as CEOs and IT staff, representing 89% of these attacks. Techniques like URL redirection and harmful attachments disguised as critical documents have increased, underscoring the need for robust cyber security measures and employee awareness, especially approaching the holiday season.
This Nasty Android Trojan is Hijacking Calls to Your Bank and Sending Them to Hackers
A recent report highlights a sophisticated threat from the Android-based FakeCall trojan, which intercepts sensitive calls by replacing the phone’s default dialler. This malicious software enables hackers to hijack both incoming and outgoing calls, allowing them to impersonate bank staff and gather sensitive data from unsuspecting users. FakeCall is distributed through malicious apps that exploit Android’s accessibility features. Since its detection in 2022, FakeCall has expanded its reach, now able to mimic over 20 financial organisations. This trojan's continuous development, including screen streaming and screenshot capabilities, points to its evolving potency.
What Military Wargames Can Teach About Cyber Security
Tabletop wargaming has become an essential tool in cyber security, helping organisations prepare for the swift, critical decisions required in the first 24-48 hours of a ransomware attack. Despite the widespread use of technologies to prevent cyber attacks, 2024 has seen an increase in ransomware and data breaches, exposing gaps in many companies' response capabilities. By simulating realistic ransomware scenarios, tabletop exercises enable organisations to stress-test response strategies, address compliance gaps, and refine their disaster recovery plans. This hands-on approach enhances organisational resilience, ensuring leadership and cross-functional teams are equipped for effective incident response and secure recovery. Black Arrow Cyber Consulting provides proctored tabletop cyber incident response exercises, enabling firms to better handle and recover from cyber incidents.
Businesses Expect Cyber Threats to Rise, but Aren’t Ready for Them
Recent research indicates UK businesses are increasingly concerned about cyber threats, with 75% of companies reporting a rise in attempted attacks and nearly 40% experiencing a successful breach. Despite these concerns, only 35% of leaders feel adequately prepared to handle cyber incidents. This gap between awareness and readiness highlights the need for robust, proactive security measures, especially as the UK emerges as the most targeted country in Europe. As organisations recognise the strategic value of cyber security, embedding it into decision-making becomes essential to protect against evolving digital risks and ensure future resilience.
The Overlooked Importance of Identifying the Riskiest Users
Reach Security highlights the significance of identifying and managing the riskiest users within an organisation. Their findings indicate that 80% to 90% of cyber security threats are linked to just 3% to 5% of users, with 20% of these high-risk individuals changing each month. Implementing a "see one, do one, teach one" model, similar to healthcare’s incremental learning, can empower high-risk users to understand and mitigate specific threats. This approach helps organisations allocate resources more effectively, reduce dependency on numerous security tools, and foster a more resilient cyber security culture by enabling high-risk users to act as advocates within the organisation.
Hackers Targeted a $12 Billion Cyber Security Company with a Deepfake of Its CEO. Here's Why Small Details Made It Unsuccessful.
A recent incident involving $12 billion cyber security firm Wiz highlights the growing threat of deepfake scams targeting top executives. Hackers attempted to use an audio deepfake of Wiz’s CEO, Assaf Rappaport, to steal employee credentials, aiming to access the firm’s internal systems and data. The attempt failed because employees recognised the CEO’s distinct speech patterns. Deepfake scams are increasingly sophisticated, with recent reports indicating that half of global companies have faced such attacks, and 66% of business leaders see deepfakes as a serious risk to their organisations.
Small Businesses Boosting Cyber Security as Threats Grow
The Identity Theft Resource Center’s latest report highlights that small businesses are increasingly bolstering their cyber security efforts in response to growing identity-related cyber attacks. Over 80% of small businesses reported experiencing a cyber attack or data breach in the past year with financial losses exceeding $500,000, in some cases doubling. In response, many small businesses are ramping up investment in security tools, staff training, and vendor checks. Additionally, as new state privacy laws emerge, over 75% of small business leaders express concern about compliance, spurring increased focus on data protection practices.
The Rise of the vCISO: From Niche to Necessity?
The rise of virtual Chief Information Security Officers (vCISOs) highlights a shift in cyber security for small and medium-sized businesses (SMBs). With cyber threats evolving rapidly, vCISOs offer flexible, high-level security expertise that strengthens defences while remaining cost-effective. vCISOs help organisations navigate complex regulatory requirements and manage emerging technologies, such as IoT and machine learning, ensuring a tailored security approach that promotes resilience and business growth. Speak to Black Arrow about our fully scalable and flexible vCISO service to help organisations of all sizes and sectors.
Five Eyes Agencies Offer Security Advice for Small Businesses
The Five Eyes alliance, composed of intelligence agencies from the US, UK, Canada, Australia, and New Zealand, has issued new security guidelines to support small businesses, especially tech firms, in defending against cyber attacks. These guidelines focus on safeguarding intellectual property from sophisticated state-backed actors, such as China, as well as criminal groups and competitors. Recommendations include appointing dedicated security managers, keeping a comprehensive asset inventory, and managing data access with third-party partners. This coordinated effort aims to strengthen business security globally, reducing vulnerabilities across both private and public sectors.
Sources:
https://www.ft.com/content/8aca741e-6448-4511-a54d-64f3a97747b1
https://www.silicon.co.uk/security/microsoft-aws-attacks-russia-586762
https://securitybrief.co.nz/story/business-email-compromise-scams-dominate-q3-2024-threats
https://www.techradar.com/pro/businesses-expect-cyber-threats-to-rise-but-arent-ready-for-them
https://securityboulevard.com/2024/10/small-businesses-boosting-cybersecurity-as-threats-grow-itrc/
https://www.csoonline.com/article/3595617/the-rise-of-the-vciso-from-niche-to-necessity.html
https://www.scworld.com/news/five-eyes-agencies-offers-security-advice-for-small-businesses
Governance, Risk and Compliance
The 10 biggest issues CISOs and cyber teams face today | CSO Online
Businesses expect cyber threats to rise, but aren’t ready for them | TechRadar
Most companies are bracing for a cyber attack within a year
For a Stronger Security Culture, Replace Sticks With Carrots
The rise of the vCISO: From niche to necessity? | CSO Online
Security outsourcing on the rise as CISOs seek cyber relief | CSO Online
Small Businesses Boosting Cyber Security as Threats Grow: ITRC - Security Boulevard
The State of Cyber Security: Challenges, Priorities and Insights - Infosecurity Magazine
CISOs as Organisational Bridge Builders for Cyber Security Culture | HackerNoon
13 Cyber Crime Facts That Will Give You Chills | HackerNoon
A Halloween Haunting: Unveiling Cyber Security’s Scary Stats
Terrifying Trends in the 2024 Cyber Threat Landscape - Security Boulevard
Spooky Cyber Stats and Trends in Time for Halloween
Five Eyes agencies offer security advice for small businesses | SC Media
Security priorities emphasize CISO role on the rise | CSO Online
Three quarters of businesses report rise in cyber attacks
Is Your Business Truly Safe From Risk? | Entrepreneur
What Military Wargames Can Teach Us About Cyber Security
NCSC warns of gap between threats and defence capabilities
99% of CISOs work extra hours every week - Help Net Security
How CIOs and CISOs can partner to improve workforce productivity and security | CIO
The Power of Proactive Risk Assessments in Cyber Security - Security Boulevard
Threats
Ransomware, Extortion and Destructive Attacks
Black Basta ransomware poses as IT support on Microsoft Teams to breach networks
In legal first, Japan convicts man of abusing AI to generate ransomware | Malay Mail
Black Basta Ransomware Operators Using Microsoft Teams To Breach Organisations
Fog ransomware targets SonicWall VPNs to breach corporate networks
Patched SonicWall critical vulnerability still used in several ransomware attacks | CSO Online
Black Basta operators phish employees via Microsoft Teams - Help Net Security
North Korean govt hackers linked to Play ransomware attack
Three common privilege access mistakes that can lead to a ransomware incident | SC Media
Russia sentences REvil ransomware members to over 4 years in prison
Massive PSAUX ransomware attack targets 22,000 CyberPanel instances
REvil convictions unlikely to curb Russian cyber crime | TechTarget
Ransomware hits web hosting servers via vulnerable CyberPanel instances - Help Net Security
The ransomware negotiation playbook adds new chapters | CSO Online
Ransomware Victims
OnePoint Patient Care Data Breach Exposes 795,000 Records
Atende refused to pay the ransom, and now pays the price | CSO Online
Interbank confirms data breach following failed extortion, data leak
Ransomware hits web hosting servers via vulnerable CyberPanel instances - Help Net Security
Phishing & Email Based Attacks
Cyber Scams & Why We Fall for Them - Security Boulevard
BEC cyber attacks have the highest financial impact - Digital Journal
Business Email Compromise scams dominate Q3 2024 threats
The Weapon of Choice of Cyber Criminals: BEC Impersonation
Spoof Eventbrite phishing emails look to lure in victims in major attack | TechRadar
Threat actors are stepping up their tactics to bypass email protections - Help Net Security
Black Basta operators phish employees via Microsoft Teams - Help Net Security
Phishers reach targets via Eventbrite services - Help Net Security
Spooky Spam, Scary Scams: Halloween Threats Rise - Security Boulevard
Microsoft Warns of Russian Spear-Phishing Attacks Targeting Over 100 Organisations - SecurityWeek
Russian Hackers Pose as Microsoft Employees in Email Phishing Attacks
Facebook Businesses Targeted in Infostealer Phishing Campaign
Cyber criminals are leveraging big retail names in attacks this holiday season | TechRadar
Over a thousand online shops hacked to show fake product listings
Russian spies using remote desktop protocol files to phish • The Register
New Xiu Gou Phishing Kit Targets US, Other Countries with Mascot - Infosecurity Magazine
Hackers are swiping cookies to bypass email security, FBI says - UPI.com
APT29 Spearphishing Campaign Targets Thousands with RDP Files - Infosecurity Magazine
German MPs and their staff fail simple phishing attack test | Tom's Hardware
Russia Is Targeting US Officials in Email Phishing Campaign: Microsoft - Bloomberg
Ukraine Warns of Mass Phishing Campaign Targeting Citizens Data - Infosecurity Magazine
Business Email Compromise (BEC)/Email Account Compromise (EAC)
BEC cyber attacks have the highest financial impact - Digital Journal
Business email compromise scams dominate Q3 2024 threats
The Weapon of Choice of Cyber Criminals: BEC Impersonation
Phishers reach targets via Eventbrite services - Help Net Security
AI-Powered BEC Scams Zero in on Manufacturers - Infosecurity Magazine
Other Social Engineering
Cyber Scams & Why We Fall for Them - Security Boulevard
BEC cyber attacks have the highest financial impact - Digital Journal
Banks and regulators warn of rise in ‘quishing’ QR code scams
Hackers Sent a Deepfake of Wiz CEO to Dozens of Employees | Entrepreneur
Fraudsters revive old tactics mixed with modern technology - Help Net Security
How Hackers Exploit Google To Target You
Mishing in Motion: Uncovering the Evolving Functionality of FakeCall Malware - Zimperium
Artificial Intelligence
In legal first, Japan convicts man of abusing AI to generate ransomware | Malay Mail
Hackers Sent a Deepfake of Wiz CEO to Dozens of Employees | Entrepreneur
Mozilla: ChatGPT Can Be Manipulated Using Hex Code
AI Cyber Attacks Rise but Businesses Still Lack Insurance - Security Boulevard
Future capabilities of AI-powered threats
How artificial intelligence is lowering the barrier to cyber crime
Trust and risk in the AI era - Help Net Security
White House Issues New Directive on AI and National Security | UC Berkeley School of Information
Apple is challenging hackers to break into the company's servers | Fortune
Regulators Combat Deepfakes With Anti-Fraud Rules
80 percent believe cyber security skills will be vital in AI environments
2FA/MFA
New Windows Warning As Hacker Breaks Google Chrome 2FA Security Encryption
Malware
New Windows Driver Signature bypass allows kernel rootkit installs
Police hacks, disrupts Redline, Meta infostealer operations - Help Net Security
'All servers' for Redline and Meta infostealers hacked by Dutch police and FBI
Malvertising Campaign Hijacks Facebook Accounts to Spread SYS01stealer Malware
New Xiu Gou Phishing Kit Targets US, Other Countries with Mascot - Infosecurity Magazine
BeaverTail Malware Resurfaces in Malicious npm Packages Targeting Developers
Kremlin-backed hackers have new Windows and Android malware to foist on Ukrainian foes
Why Wiping Your Hard Drive Doesn't Always Remove Malware
Mishing in Motion: Uncovering the Evolving Functionality of FakeCall Malware - Zimperium
Government Sector Suffers 236% Surge in Malware Attacks - Infosecurity Magazine
Bots/Botnets
Microsoft: Chinese hackers use Quad7 botnet to steal credentials
Mobile
Macron's bodyguards show his location by sharing Strava data • The Register
Google Warns Of New Android And Windows Cyber Attack—1 Thing Stops It
Android malware "FakeCall" now reroutes bank calls to attackers
These Samsung phones are at risk for a big security vulnerability | Digital Trends
Russia Targets Ukraine Army via Spoofed Recruitment App
Denial of Service/DoS/DDoS
DDoS attacks surge to unprecedented levels, bombarding servers with 4.2Tbps | Cybernews
Is DDoS being left out in the cold by regulations? | TechFinitive
Russia arrests hacker accused of preventing electronic voting during local election
Internet of Things – IoT
Government Warns Foreign Tech In Cars Is Vulnerable To Hackers, Proposes Ban
IoT needs more respect for its consumers, creations, and itself - Help Net Security
Hackers target critical zero-day vulnerability in PTZ cameras
Data Breaches/Leaks
Free, France’s second largest ISP, confirms data breach after leak
ICO: 55% of UK Adults Have Had Data Lost or Stolen - Infosecurity Magazine
Hacker claims to have data linked to 19 million French mobile and internet customers | ITPro
Over 80% of US Small Businesses Have Been Breached - Infosecurity Magazine
OnePoint Patient Care Data Breach Exposes 795,000 Records
Cyber security Breaches Survey 2024: Impact of Cyber Crime | SC Media UK
Combatting Human Error: How To Safeguard Your Business Against Costly Data Breaches
Organised Crime & Criminal Actors
Russia sentences REvil ransomware members to over 4 years in prison
How artificial intelligence is lowering the barrier to cyber crime
REvil convictions unlikely to curb Russian cyber crime | TechTarget
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Insider Risk and Insider Threats
Ex-Disney techie arrested for potentially deadly menu hacks • The Register
The Overlooked Importance of Identifying Riskiest Users
Combatting Human Error: How To Safeguard Your Business Against Costly Data Breaches
Insider threat hunting best practices and tools | TechTarget
Insurance
AI Cyber Attacks Rise but Businesses Still Lack Insurance - Security Boulevard
Supply Chain and Third Parties
Third-Party Identities: The Weakest Link in Your Cyber Security Supply Chain
How the NIS2 Directive Impacts Supply Chain Cyber Security
Cloud/SaaS
AWS CDK flaw exposed accounts to full takeover • The Register
Black Basta Ransomware Operators Using Microsoft Teams To Breach Organisations
Adversarial groups adapt to exploit systems in new ways - Help Net Security
The SaaS Governance Gap | Grip Security - Security Boulevard
NIS2 Arrives with Major Changes to EU SaaS Cyber Security - Security Boulevard
What the CrowdStrike outage teaches us about cloud security | SC Media
China's 'Evasive Panda' APT Debuts High-End Cloud Hijacking
Black Basta operators phish employees via Microsoft Teams - Help Net Security
Hackers find 15,000 credentials by scanning for git configuration | CyberScoop
Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services
New Details Emerge About Expansive TeamTNT Attacks | MSSP Alert
Outages
Delta Sues CrowdStrike Over ‘Catastrophic’ Software Glitch – BNN Bloomberg
What the CrowdStrike outage teaches us about cloud security | SC Media
When Cyber Security Tools Backfire
The Case Against Abandoning CrowdStrike Post-Outage
Identity and Access Management
Third-Party Identities: The Weakest Link in Your Cyber Security Supply Chain
Three common privilege access mistakes that can lead to a ransomware incident | SC Media
Encryption
Quantum Computing and Cyber Security – Preparing for a New Age of Threats | MSSP Alert
How to achieve crypto-agility and future-proof security | TechTarget
Linux and Open Source
Admins Spring into action over latest open source vuln • The Register
Hardening Linux Servers Against Threats and Attacks | Linux Journal
Passwords, Credential Stuffing & Brute Force Attacks
The state of password security in 2024 - Help Net Security
Hackers find 15,000 credentials by scanning for git configuration | CyberScoop
Microsoft: Chinese hackers use Quad7 botnet to steal credentials
Social Media
Malvertising Campaign Hijacks Facebook Accounts to Spread SYS01stealer Malware
Stolen credit cards up for grabs on Meta’s Threads • The Register
Facebook Businesses Targeted in Infostealer Phishing Campaign
Malicious Ads Are Flooding Facebook: Here's How to Stay Safe
Malvertising
Malvertising Campaign Hijacks Facebook Accounts to Spread SYS01stealer Malware
Malicious Ads Are Flooding Facebook: Here's How to Stay Safe
Training, Education and Awareness
For a Stronger Security Culture, Replace Sticks With Carrots
3 crucial considerations for your security awareness and training program | CSO Online
Regulations, Fines and Legislation
NIS2 Arrives with Major Changes to EU SaaS Cyber Security - Security Boulevard
NIS2 directive impact | Professional Security Magazine
NIS2 Compliance Puts Strain on Business Budgets - Infosecurity Magazine
Cyber Security | UK Regulatory Outlook October 2024 - Osborne Clarke | Osborne Clarke
UK organisations scrambling to divert funds for NIS2 compliance spending | ITPro
The SEC is Cracking Down on Misleading Cyber Security Disclosure | Fenwick & West LLP - JDSupra
Industry trade groups still have ‘concerns’ with cyber reporting mandate | CyberScoop
Is DDoS being left out in the cold by regulations? | TechFinitive
Regulators Combat Deepfakes With Anti-Fraud Rules
Models, Frameworks and Standards
NIS2 Arrives with Major Changes to EU SaaS Cyber Security - Security Boulevard
NIS2 directive impact | Professional Security Magazine
UK organisations scrambling to divert funds for NIS2 compliance spending | ITPro
Backup and Recovery
Is Backup Testing Part of Your Security Strategy? | HackerNoon
Data Protection
ICO: 55% of UK Adults Have Had Data Lost or Stolen - Infosecurity Magazine
Careers, Working in Cyber and Information Security
99% of CISOs work extra hours every week - Help Net Security
Mastering Cyber Security: A Comprehensive Guide to Self-Learning - Security Boulevard
Aldi managers paid more than government cyber security expert
UK needs cyber security professionals, but won't pay up • The Register
80 percent believe cyber security skills will be vital in AI environments
The Government Wants You to Fight Cyber Crime. Do You Have What It Takes?
Cyber security Awareness Month: 5 new AI skills cyber pros need
Law Enforcement Action and Take Downs
In legal first, Japan convicts man of abusing AI to generate ransomware | Malay Mail
Alexander McCartney: Catfish killer brought down by one phone call - BBC News
Police hacks, disrupts Redline, Meta infostealer operations - Help Net Security
'All servers' for Redline and Meta infostealers hacked by Dutch police and FBI
Two notorious infostealer malware operations were just knocked offline | ITPro
FBI has conducted more than 30 disruption operations in 2024 | CyberScoop
REvil convictions unlikely to curb Russian cyber crime | TechTarget
Russia arrests hacker accused of preventing electronic voting during local election
Misinformation, Disinformation and Propaganda
Senator says domain reg firms aiding Russian disinfo spread • The Register
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
What can businesses learn from the rise of cyber espionage?
Nation State Actors
Cyber threats surge from state-sponsored and criminal actors
China
China's 'Evasive Panda' APT Debuts High-End Cloud Hijacking
US says Chinese hackers breached multiple telecom providers
Microsoft: Chinese hackers use Quad7 botnet to steal credentials
Government Warns Foreign Tech In Cars Is Vulnerable To Hackers, Proposes Ban
Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services
Inside Sophos' 5-Year War With the Chinese Hackers Hijacking Its Devices | WIRED
Chinese hackers targeted phones used by Trump and Vance, New York Times reports - The Hindu
Donald Trump and JD Vance potential targets of China cyber attack - BBC News
Chinese Hackers Reportedly Targeted Trump, Vance Phones
China's Elite Cyber Corps Hone Skills on Virtual Battlefields
Russia and China-linked state hackers intensify attacks on Netherlands, security officials warn
Beijing claims its found spy devices at sea • The Register
Canada Faces 'Second-to-None' PRC-Backed Threat Actors
Russia
Russia Carrying Out Targeted Attacks In UK, Microsoft Warns
Amazon seizes domains used in rogue Remote Desktop campaign to steal data
New Cyber Attack Warning—Confirming You Are Not A Robot Can Be Dangerous
APT29 Spearphishing Campaign Targets Thousands with RDP Files - Infosecurity Magazine
Google Warns Of New Android And Windows Cyber Attack—1 Thing Stops It
Microsoft Warns of Russian Spear-Phishing Attacks Targeting Over 100 Organisations - SecurityWeek
Russian Hackers Pose as Microsoft Employees in Email Phishing Attacks
Russian spies using remote desktop protocol files to phish • The Register
Senator says domain reg firms aiding Russian disinfo spread • The Register
Russia’s ‘Midnight Blizzard’ hackers target government workers in novel info-stealing campaign
Kremlin-backed hackers have new Windows and Android malware to foist on Ukrainian foes
Sweden and Norway rethink cashless society plans over Russia security fears | Sweden | The Guardian
Pro-Russia hackers claim Greater Manchester council cyber attacks - BBC News
Kremlin-linked hackers target Ukraine’s state, military agencies in new espionage campaign
Russia and China-linked state hackers intensify attacks on Netherlands, security officials warn
Russia Targets Ukraine Army via Spoofed Recruitment App
Russia Is Targeting US Officials in Email Phishing Campaign: Microsoft - Bloomberg
Ukraine Warns of Mass Phishing Campaign Targeting Citizens Data - Infosecurity Magazine
REvil convictions unlikely to curb Russian cyber crime | TechTarget
Russia sentences REvil ransomware members to over 4 years in prison
Iran
Cyber threats surge from state-sponsored and criminal actors
Iran Hackers Peddle Stolen Trump Emails
North Korea
Cyber threats surge from state-sponsored and criminal actors
Tools and Controls
For a Stronger Security Culture, Replace Sticks With Carrots
Threat actors are stepping up their tactics to bypass email protections - Help Net Security
The Overlooked Importance of Identifying Riskiest Users
Is Backup Testing Part of Your Security Strategy? | HackerNoon
The SaaS Governance Gap | Grip Security - Security Boulevard
Proactive and responsible disclosure | Professional Security Magazine
When Cyber Security Tools Backfire
What Military Wargames Can Teach Us About Cyber Security
Attack surface management: The key to securing expanding digital frontiers | SC Media
New report reveals persistent API security breaches risk
Hackers are swiping cookies to bypass email security, FBI says - UPI.com
US, Australia Release New Security Guide for Software Makers - SecurityWeek
More Than Just a Corporate Wiki? How Threat Actors are Exploiting Confluence - Security Boulevard
Why cyber tools fail SOC teams - Help Net Security
Into the Wild: Using Public Data for Cyber Risk Hunting
API Security Matters: The Risks of Turning a Blind Eye - SecurityWeek
Designing a Future-focused Cyber Security Investment Strategy - SecurityWeek
The Power of Proactive Risk Assessments in Cyber Security - Security Boulevard
Risk hunting: A proactive approach to cyber threats - Help Net Security
Top 10 Cyber Security Metrics and KPIs | Mimecast
Apple opens Private Cloud Compute to public scrutiny • The Register
German MPs and their staff fail simple phishing attack test | Tom's Hardware
Insider threat hunting best practices and tools | TechTarget
How IT leaders can assess “secure-by-design” software claims | CIO
Companies are spending barely any IT budget on security | TechRadar
Reports Published in the Last Week
Other News
Small Businesses Boosting Cyber Security as Threats Grow: ITRC - Security Boulevard
13 Cyber Crime Facts That Will Give You Chills | HackerNoon
Spooky Cyber Stats and Trends in Time for Halloween
Five Eyes Agencies Launch Startup Security Initiative - Infosecurity Magazine
Five Eyes tell tech startups to take infosec seriously • The Register
Terrifying Trends in the 2024 Cyber Threat Landscape - Security Boulevard
Stop being a sitting target for cyber threats! | TechRadar
Healthcare Breaches Costliest for 12 Years Running, Hit New $10.1M Record High
Irish businesses now facing more than one cyber attack per week
Funding crisis ‘puts universities at higher risk of cyber attacks’
CISA Launches First International Cyber Security Plan - Infosecurity Magazine
Lateral Movement in Recent Cyber Security Breaches - Security Boulevard
Government Sector Suffers 236% Surge in Malware Attacks - Infosecurity Magazine
US, Australia Release New Security Guide for Software Makers - SecurityWeek
Proactive & Preventative Cyber Defence - DevX
OT security becoming a mainstream concern | CSO Online
Microsoft delays its troubled AI-powered Recall feature yet again | ZDNET
Vulnerability Management
Many financial firms have high-severity software security flaws over a year old | TechRadar
Put End-of-Life Software to Rest
Microsoft Update Warning—400 Million Windows PCs Now At Risk
A Sherlock Holmes Approach to Cyber Security: Eliminate the Impossible with Exposure Validation
Microsoft will charge Windows 10 users $30 per year for security updates | Tom's Hardware
Vulnerabilities
Apple Patches Over 70 Vulnerabilities Across iOS, macOS, Other Products - SecurityWeek
New tool bypasses Google Chrome’s new cookie encryption system
AWS CDK flaw exposed accounts to full takeover • The Register
New Cisco ASA and FTD features block VPN brute-force password attacks
New Windows Driver Signature bypass allows kernel rootkit installs
Fog ransomware targets SonicWall VPNs to breach corporate networks
Patched SonicWall critical vulnerability still used in several ransomware attacks | CSO Online
Researchers Uncover OS Downgrade Vulnerability Targeting Microsoft Windows Kernel
New Research Reveals Spectre Vulnerability Persists in Latest AMD and Intel Processors
Wi-Fi Alliance test suite has a worrying security flaw | TechRadar
New Windows Warning As Hacker Breaks Google Chrome 2FA Security Encryption
Synology, QNAP, TrueNAS Address Vulnerabilities Exploited at Pwn2Own Ireland - SecurityWeek
Google Patches Critical Chrome Vulnerability Reported by Apple - SecurityWeek
LiteSpeed Cache Plugin Vulnerability Poses Admin Access Risk - Infosecurity Magazine
Admins Spring into action over latest open source vuln • The Register
Opera Browser Fixes Big Security Hole That Could Have Exposed Your Information
These Samsung phones are at risk for a big security vulnerability | Digital Trends
CVE-2024-9680 – Mozilla Firefox Security Vulnerability – October 2024 - Security Boulevard
Hackers target critical zero-day vulnerability in PTZ cameras
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.