Black Arrow Cyber Threat Briefing 02 August 2024
Welcome to this week’s Black Arrow Cyber Threat Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Top Cyber Stories of the Last Week
UK IT Leaders Feeling Less Secure Despite Cyber Security Investments
A recent report indicates that despite increased investment in cyber security, over 87% of UK IT leaders feel less secure than a year ago. In a survey of 150 decision-makers, 90% noted a rise in the risk and severity of cyber attacks, with 61% finding the attack surface uncontrollable. Concerns include ransomware, lack of visibility, identity misuse, misconfiguration, and emerging technologies like Generative AI. Despite 97% increasing their cyber security budgets, 61% doubt its sufficiency, and 71% believe complete security is unattainable. Additionally, 53% have adopted some Zero Trust controls, but face challenges in comprehensive implementation due to costs and resource limitations.
Average Data Breach Cost Jumps to $4.88 Million, Collateral Damage Increased
IBM's annual Cost of a Data Breach Report for 2024 reveals the global average cost of a data breach has reached $4.88 million, marking a 10% increase from the previous year. A significant 70% of breached organisations reported severe disruption, with recovery taking over 100 days for most. AI and automation in security can reduce breach costs by $2.2 million, with organisations using these technologies detecting incidents 98 days faster. The report notes that 40% of breaches involved data stored across multiple environments, costing over $5 million on average. Staffing shortages also led to higher breach costs, averaging $5.74 million for those with severe shortages.
Cyber Attacks Are Inevitable, Stop Preparing for If One Happens and Start Preparing for When One Will
Cyber resilience is crucial for businesses, going far beyond the traditional approach to cyber security measures. In Q1 2024, organisations faced an average of 1,308 cyber attacks per week, marking a 28% increase from the previous quarter. Cyber crime losses hit $12.8 billion in 2023 and are projected to reach $23.84 trillion by 2027. A robust incident response plan and regular security audits are key to help mitigate long-term costs and ensure business continuity. Training employees and engaging third-party experts are also recommended to fortify defences against sophisticated cyber threats. Embracing cyber resilience is not merely a trend but a vital strategy for maintaining operational integrity in the digital landscape.
How AI is Shaping Fraud as BEC Attacks Surge 20% Annually Thanks to AI Tooling
A recent study by Vipre Security Group reveals a significant rise in business email compromise (BEC) attacks, driven by AI tools generating scam messages. The Email Threat Trends Report: Q2 2024, based on 1.8 billion processed emails, detected 226 million spam messages and nearly 17 million malicious URLs. Almost half (49%) of blocked spam emails were BEC attacks, with a 20% increase in BEC incidents compared to Q2 2023, and 40% of these attacks were AI-generated. Additionally, the report highlighted a doubling of evasive malicious attachments and a 74% rise in malicious URLs, with phishing being a dominant threat as 86% of malspam emails used malicious links.
Organisations Fail to Log 44% of Cyber Attacks. Just One in 10 Attacks Flagged by Security Tools, 40% of Environments are Vulnerable to Full Takeover
A recent study by Picus Security highlights significant gaps in cyber defence, revealing that only 12% of simulated cyber attacks triggered an alert and just 56% were logged by detection tools. Organisations manage to prevent 70% of attacks on average, but 40% of tested environments had vulnerabilities allowing attackers to gain domain admin privileges. Despite their reputation macOS endpoints were found to be particularly vulnerable, preventing just 23% of simulated attacks compared to 62% for Windows and 65% for Linux. Furthermore, only 9% of data exfiltration techniques were thwarted, with BlackByte ransomware being notably difficult to defend against, stopped by just 17% of organisations. These findings underscore the need for improved threat exposure management and the adoption of an "assume breach" mindset to enhance detection and response capabilities.
One in Five Employees Have No Cyber Security Training
A recent report by reveals significant gaps in workplace cyber security training among UK employees. The survey found that 18% of employees have never received any cyber security training, with 83% lacking training on deepfakes and AI, 60% on secure remote working, and 51% on avoiding phishing scams. Additionally, 48% have never been trained on creating strong passwords. Despite nearly three-quarters claiming to follow cyber security advice, 29% admit they forget to adhere to practices, and 22% find the advice too complicated. Furthermore, 14% do not consider it their responsibility to secure work systems. Organisations need to provide clear, relevant training, integrating it into daily roles and workflows to mitigate cyber risks effectively.
Ferrari Exec Foils Deepfake Attempt by Asking the Scammer a Question Only CEO Benedetto Vigna Could Answer
A Ferrari NV executive was recently targeted as part of a deepfake scam, where a fraudster impersonated CEO Benedetto Vigna in a convincing live phone call. The executive’s suspicion was aroused by mechanical intonations, leading to the scam's exposure when the impersonator failed to answer a personal question. Such incidents are on the rise, with AI tools increasingly used for voice cloning. In a similar case, an unnamed multinational lost $26 million to a deepfake scam. Experts warn that these AI-based tools will become increasingly accurate, necessitating robust training and vigilance for executives.
Half of Businesses Report an Increase in State-Sponsored Cyber Threats Amid Rising Geopolitical Tension
A recent report by Absolute Security reveals a significant rise in state-sponsored cyber threats, amid escalating geopolitical tensions, with 47% of businesses noting increased attacks over the past year. The UK faced a Chinese-backed cyber attack exposing the personal information of 270,000 Defence Ministry personnel, servicemen and veterans. The report, surveying 250 UK CISOs, reveals that 69% fear the financial impact of ransomware could cripple their organisation, with 62% worried about job security following a major attack. Ransomware remains the top concern, with four out of five CISOs identifying it as their most significant cyber threat.
New Android Malware Wipes your Device After Draining Bank Accounts
A recent report reveals a new Android malware, BingoMod, which can wipe devices after stealing up to €15,000 per transaction from victims' bank accounts. Disguised as legitimate security apps, BingoMod is distributed through smishing (SMS based phishing) campaigns and exploits Android's Accessibility Services for extensive control. It uses on-device fraud techniques to bypass standard anti-fraud systems by initiating transactions directly from the victim's device. The malware includes features like remote command execution and screen-casting, and can disable security apps and goes on to wipe external storage. Currently in early development, BingoMod employs advanced evasion mechanisms, complicating detection efforts.
Report Reveals how Cyber Attacks Target Organisations Depending on Size
A recent report by Barracuda highlights distinct differences in email attack types based on company size. Large organisations with over 2,000 employees face a higher risk of lateral phishing (a kind of cyber attack where the phishing email purportedly comes from a corporate email address), accounting for 42% of targeted attacks, compared to just 2% for companies with up to 100 employees. Smaller companies, however, are predominantly targeted by external phishing, which comprises 71% of email threats against them. Additionally, smaller firms experience three times more extortion attacks than larger ones. The report emphasises the need for regular security awareness training and multi-layered defences to mitigate these threats, with smaller businesses potentially benefiting from managed service providers.
An 18% Increase in Ransomware Attacks Includes $75M Payment
A recent report reveals an 18% increase in ransomware attacks, with a record $75 million payment made to the Dark Angels group. The US experienced a 93% year-over-year rise, followed by Italy at 78% and Mexico at 58%. Despite law enforcement efforts, ransomware syndicates like Lockbit 2.0 reconstitute operations using standby IT infrastructure. Similarly, a report by Cisco Talos Incident Response reveals that ransomware and business email compromise (BEC) attacks now constitute 60% of cyber engagements. Ransomware alone accounted for nearly 30% of these incidents, marking a 22% increase from the previous quarter. Although BEC engagements have slightly decreased, they remain a significant threat for the second consecutive quarter. Additionally, 80% of ransomware victims lacked proper multi-factor authentication (MFA) on critical systems, with misconfigured systems contributing to a 46% increase in vulnerabilities.
UK ‘Desperately Exposed’ to Cyber Threats - Is It Time for the UK to Refresh Its Cyber Strategy?
A recent warning from the UK Science Secretary highlights Britain's dire vulnerability to cyber and other potentially catastrophic threats such as another pandemic, attributing this exposure to severe public spending cuts under the previous government. Peter Kyle, appointed Science Secretary three weeks ago, criticised the lack of action on rising cyber security risks and inadequate preparedness for cyber and other threats, exacerbated by internal conflicts within the Tory ranks. He emphasised that "national resilience suffered terribly, catastrophically," leaving the NHS and other services weakened and the country ill-prepared for future threats. This comes as a report by the Chartered Institute for IT (BCS) has listed a series of recommendations after the last month saw more concerns about Russian cyber attacks on the UK linked to misinformation about the Southport attack and a major outage taking down aeroplanes, trains, hospitals, broadcasters and scores of companies.
People Overconfident in Password Habits, Overwhelmed by Too Many Passwords
A recent report by Keeper Security, Fortifying Cyber Resilience: Insights Into Global Cybersecurity Practices, highlights concerning trends in password management. Despite 85% of respondents believing their passwords are secure, over half admit to sharing them, and 2 in 5 reuse passwords. The survey of over 6,000 individuals globally found that 62% are overwhelmed by managing multiple passwords, with 24% writing them down and 19% storing them in browsers or phone apps. Notably, 34% share passwords for streaming sites. Organisations and employees should consider the need for adopting password managers, creating strong, unique passwords, and enabling Multi-Factor Authentication (MFA) to help mitigate cyber risks. A recent study highlights the alarming speed at which modern systems can crack passwords. An eight-character password of same-case English letters and digits can be guessed in just 17 seconds. The study found that 59% of passwords can be cracked in under an hour, revealing a significant vulnerability.
Sources:
https://www.helpnetsecurity.com/2024/07/30/ibm-cost-data-breach-report-2024/
https://www.infosecurity-magazine.com/news/bec-attacks-surge-20-annually-ai/
https://informationsecuritybuzz.com/bec-emails-are-now-ai-generated/
https://www.infosecurity-magazine.com/news/one-10-attacks-detected-security/
https://www.helpnetsecurity.com/2024/08/02/threat-exposure-management/
https://pcr-online.biz/2024/07/26/report-exposes-lack-of-cybersecurity-training-in-uk-workplaces/
https://www.hrmagazine.co.uk/content/news/one-in-five-employees-have-no-cybersecurity-training
https://www.computerweekly.com/opinion/Is-it-time-to-refresh-the-UKs-cyber-strategy
Governance, Risk and Compliance
UK IT leaders feeling less secure despite cybersecurity investments (securitybrief.co.nz)
SMEs spending thousands on outsourced cyber security costs | Insurance Times
What CISOs need to keep CEOs (and themselves) out of jail - Help Net Security
Average data breach cost jumps to $4.88 million, collateral damage increased - Help Net Security
Cyber Threat Worries Hit HR | The Global Recruiter
Recent Incidents Have CISOs — and Everyone Else — Talking (recordedfuture.com)
The Cybersecurity Leadership Crisis Dooming America’s Companies (forbes.com)
Cyber warning amid regulatory countdown (emergingrisks.co.uk)
Why CISOs face greater personal liability - Help Net Security
Report exposes lack of Cybersecurity training in UK workplaces – PCR (pcr-online.biz)
Executive Cybersecurity Accountability: A Rising Trend? - Security Boulevard
The three cybersecurity blind spots affecting today’s CISOs | TechRadar
Is it time to refresh the UK's cyber strategy? | Computer Weekly
Emerging Issues Shaping The Future Of Cyber GRC (realbusiness.co.uk)
Addressing communication roadblocks to overcome cybersecurity threats - IT Security Guru
Crucial Lessons Learned For Cybersecurity Resilience (forbes.com)
Business focus: Instilling best cybersecurity practices at work - Digital Journal
Threats
Ransomware, Extortion and Destructive Attacks
Ransomware and email attacks are hitting businesses more than ever before | TechRadar
Report: An 18% Increase in Ransomware Attacks Includes $75M Payment - Security Boulevard
Ransomware: What Every Business Needs To Know (informationsecuritybuzz.com)
Email Attacks Surge, Ransomware Threat Remains Elevated - Security Boulevard
Organisations urged to take a proactive approach to ransomware threats (securitybrief.co.nz)
Law firms facing "astronomical ransom demands" from cyber attackers - Legal Futures
Russian ransomware generates over $500m in crypto proceeds, TRM Labs says
Russian ransomware gangs account for 69% of all ransom proceeds (bleepingcomputer.com)
Utility firms hit by huge leap in cyber threats – insurer (emergingrisks.co.uk)
How the Change Healthcare attack may affect cyber insurance | TechTarget
Ransomware Dominated by Russian Threat Operations | MSSP Alert
Black Basta ransomware switches to more evasive custom malware (bleepingcomputer.com)
LockBit ransomware titan now hangs by a thread • The Register
Would Making Ransom Payments Illegal Result in Fewer Attacks? (darkreading.com)
Black Basta Develops Custom Malware in Wake of Qakbot Takedown (darkreading.com)
Australian Companies Will Soon Need to Report Ransom Payments (darkreading.com)
Ransomware Victims
'Fortune 50' Company Made Record-Breaking $75M Ransomware Payment (pcmag.com)
Law firms facing "astronomical ransom demands" from cyber attackers - Legal Futures
How the Change Healthcare attack may affect cyber insurance | TechTarget
World leading silver producer Fresnillo discloses cyber attack (bleepingcomputer.com)
Phishing & Email Based Attacks
13% of phishing scams analysed likely to be AI-generated: CSA | The Straits Times
Ransomware and email attacks are hitting businesses more than ever before | TechRadar
Proofpoint settings exploited to send millions of phishing emails daily (bleepingcomputer.com)
Hackers Use Microsoft Forms for Two-Step Phishing Attacks (cybersecuritynews.com)
IBM, Nike, Disney, others caught in Proofpoint phish palaver • The Register
Email Attacks Surge, Ransomware Threat Remains Elevated - Security Boulevard
'LockBit of phishing' EvilProxy used in 1M+ attacks monthly • The Register
Watch out — that Microsoft OneDrive security warning could actually be a malware scam | TechRadar
Nation-state actors exploit political tension to launch phishing campaigns (betanews.com)
Acronis reports 293% increase in email cyber attacks in H1 2024 (securitybrief.co.nz)
Microsoft is the most commonly imitated company in phishing scams | TechRadar
Vulnerabilities Enable Attackers to Spoof Emails From 20 Million Domains - Security Week
Phishing campaigns target SMBs in Poland, Romania and Italy (securityaffairs.com)
SideWinder phishing campaign targets maritime facilities in multiple countries (securityaffairs.com)
Business Email Compromise (BEC), Email Account Compromise (EAC)
13% of phishing scams analysed likely to be AI-generated: CSA | The Straits Times
Ransomware and email attacks are hitting businesses more than ever before | TechRadar
Email Attacks Surge, Ransomware Threat Remains Elevated - Security Boulevard
Other Social Engineering
Watch out — that Microsoft OneDrive security warning could actually be a malware scam | TechRadar
Massive SMS stealer campaign infects Android devices in 113 countries (bleepingcomputer.com)
Dynamically Evolving SMS Stealer Threatens Global Android Users (darkreading.com)
New Android malware wipes your device after draining bank accounts (bleepingcomputer.com)
9 Social Engineering Attack Examples to Watch Out For | MSSP Alert
Threat actor impersonates Google via fake ad for Authenticator | Malwarebytes
A field guide on how to spot fake pictures - The Washington Post
North Koreans Target Devs Worldwide With Spyware, Job Offers (darkreading.com)
Artificial Intelligence
13% of phishing scams analysed likely to be AI-generated: CSA | The Straits Times
Ferrari exec foils deepfake plot by asking a question only the CEO could answer | Fortune
Most people worry about deepfakes - and overestimate their ability to spot them | ZDNET
AI-Powered Deepfake Tools Used by Cyber Criminals | Trend Micro (US)
How AI Is Assisting Cyber Criminals - TechRound
FraudGPT helps cyber criminals hack (mybroadband.co.za)
CISOs face AI risks while managing innovation & security (securitybrief.co.nz)
IT leaders worry the rush to adopt Gen AI may have tech infrastructure repercussions | ZDNET
Growing underground market for rogue AI sparks cyber security concerns | The Straits Times
A field guide on how to spot fake pictures - The Washington Post
Malware
Watch out — that Microsoft OneDrive security warning could actually be a malware scam | TechRadar
How Infostealers Pillaged the World’s Passwords | WIRED
WhatsApp for Windows lets Python, PHP scripts execute with no warning (bleepingcomputer.com)
New Specula tool uses Outlook for remote code execution in Windows (bleepingcomputer.com)
Black Basta ransomware switches to more evasive custom malware (bleepingcomputer.com)
Updated TgRat trojan sets sights on Linux servers | SC Media (scmagazine.com)
OneDrive Phishing Scam Tricks Users into Running Malicious PowerShell Script (thehackernews.com)
macOS Malware Disguise As Unarchiver App Steals User Data (cybersecuritynews.com)
Black Basta Develops Custom Malware in Wake of Qakbot Takedown (darkreading.com)
Hackers abuse free TryCloudflare to deliver remote access malware (bleepingcomputer.com)
Mobile
New Android malware wipes your device after draining bank accounts (bleepingcomputer.com)
WhatsApp for Windows lets Python, PHP scripts execute with no warning (bleepingcomputer.com)
Massive SMS stealer campaign infects Android devices in 113 countries (bleepingcomputer.com)
Dynamically Evolving SMS Stealer Threatens Global Android Users (darkreading.com)
Google on why you should disable 2G on your Android phone (9to5google.com)
CBP needs warrant to search phones, says yet another judge • The Register
Denial of Service/DoS/DDOS
Microsoft Confirms New Outage Was Triggered By Cyber Attack (forbes.com)
Microsoft apologises after thousands report new outage - BBC News
Microsoft: DDoS defence error amplified attack on Azure, leading to outage - Help Net Security
Internet of Things – IoT
Global Smart Buildings Cyber Security Market Responds to (globenewswire.com)
Data Breaches/Leaks
Basic failures led to hack of Electoral Commission data on 40 million people | Computer Weekly
More Legal Records Stolen in 2023 Than Previous 5 Years Combined (darkreading.com)
Unauthorized access at HealthEquity affects 4.3M people • The Register
UK govt links 2021 Electoral Commission breach to Exchange server (bleepingcomputer.com)
FBCS data breach impact now reaches 4.2 million people (bleepingcomputer.com)
Researcher says deleted GitHub data can be accessed 'forever' | TechTarget
South Korea probes data leak of agents spying on the North | South China Morning Post (scmp.com)
CrowdStrike Denies Claims that IoC list Exposed by USDoD | MSSP Alert
Cognizant denies data breach claims, says hacker group stole fake test data
France's cyber crime unit called in on Israeli athletes data leak (insidethegames.biz)
Organised Crime & Criminal Actors
Russian cyber criminals head home in US prisoner swap deal • The Register
Hacker USDoD: “I don't pick sides. I play both sides and always win” – interview | Cybernews
Cyber Crime and the Dark Web | MSSP Alert
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Russian ransomware generates over $500m in crypto proceeds, TRM Labs says
Blockchain Security: Vulnerabilities and Protective Measures | MSSP Alert
Russian-Speaking Groups Dominate Crypto-Related Cyber Crime: TRM Labs (cryptopotato.com)
WazirX increases bounty to $23 million for recovery of stolen assets
Wave of Cyber Attacks Rocks the Crypto World: Key Incidents from the Past Week (coinpedia.org)
Insurance
How the Change Healthcare attack may affect cyber insurance | TechTarget
Supply Chain and Third Parties
Microsoft charts plans for a future without CrowdStrike-like outages | Windows Central
Top Ways To Assess And Address Third-Party Cyber Security Risk (forbes.com)
Here's what the CrowdStrike outage exposed about our connected world. It's not good. (yahoo.com)
CrowdStrike Outage Losses Estimated at a Staggering $5.4B (darkreading.com)
Microsoft admits 8.5 million CrowdStruck machines was low • The Register
Microsoft 365 and Azure outage takes down multiple services (bleepingcomputer.com)
Microsoft Confirms New Outage Was Triggered By Cyber Attack (forbes.com)
CrowdStrike Faces Lawsuits From Customers, Investors - Security Week
The CrowdStrike Meltdown: A Wake-up Call for Cyber Security (darkreading.com)
IT Outage Cost Delta Air Lines $500 million - AVweb
Cloud/SaaS
Microsoft Confirms New Outage Was Triggered By Cyber Attack (forbes.com)
Microsoft: DDoS defence error amplified attack on Azure, leading to outage - Help Net Security
The three cyber security blind spots affecting today’s CISOs | TechRadar
The gap between business confidence and cyber resiliency - Help Net Security
Outages
Microsoft Suggests Windows Changes After CrowdStrike Outage (petri.com)
Here's what the CrowdStrike outage exposed about our connected world. It's not good. (yahoo.com)
CrowdStrike Outage Losses Estimated at a Staggering $5.4B (darkreading.com)
Companies Struggle to Recover From CrowdStrike's Crippling Falcon Update (darkreading.com)
Microsoft admits 8.5 million CrowdStruck machines was low • The Register
Microsoft Confirms New Outage Was Triggered By Cyber Attack (forbes.com)
CrowdStrike Faces Lawsuits From Customers, Investors - Security Week
The CrowdStrike Meltdown: A Wake-up Call for Cyber Security (darkreading.com)
IT Outage Cost Delta Air Lines $500 million - AVweb
Linux and Open Source
Updated TgRat trojan sets sights on Linux servers | SC Media (scmagazine.com)
Passwords, Credential Stuffing & Brute Force Attacks
People Overconfident in Password Habits, Overwhelmed by Too Many Passwords - IT Security Guru
Acronis warns of Cyber Infrastructure default password abused in attacks (bleepingcomputer.com)
How quickly can attackers guess your password? | Securelist
Russia-linked brute-force attacks trying to compromise European networks, report (computing.co.uk)
How Infostealers Pillaged the World’s Passwords | WIRED
Social Media
Elon Musk's X now trains Grok on your data by default - here's how to opt out | ZDNET
Meta agrees to pay record $1.4B in Texas facial recognition suit - The Washington Post
Training, Education and Awareness
HR Magazine - One in five employees have no cyber security training
Report exposes lack of Cyber Security training in UK workplaces – PCR (pcr-online.biz)
SANS Institute Unveils Highly Anticipated Annual Security Awareness Report for 2024 (prweb.com)
Regulations, Fines and Legislation
Basic failures led to hack of Electoral Commission data on 40 million people | Computer Weekly
NIS2 Directive: German government adopts draft NIS2 Implementation Act | Hogan Lovells - JDSupra
One Year Post-SEC Cyber Security Disclosure Updates: What has Changed? | Law.com
The Cyber Security Leadership Crisis Dooming America’s Companies (forbes.com)
The NIS2 Directive: Implications for Your Organisation - Security Boulevard
Cyber warning amid regulatory countdown (emergingrisks.co.uk)
Meta agrees to pay record $1.4B in Texas facial recognition suit - The Washington Post
'Essential' cyber protection law comes closer - Jersey Evening Post
Models, Frameworks and Standards
NIS2 Directive: German government adopts draft NIS2 Implementation Act | Hogan Lovells - JDSupra
The NIS2 Directive: Implications for Your Organisation - Security Boulevard
Cyber warning amid regulatory countdown (emergingrisks.co.uk)
Careers, Working in Cyber and Information Security
The cost of cyber security burnout: Impact on performance and well-being - Help Net Security
Contributing to Your Cyber Security Team as an Informal Leader (govinfosecurity.com)
Law Enforcement Action and Take Downs
UK cops shut down global call-spoofing service • The Register
FBI Flies 65-Strong Cyber Action Team Across Globe To Fight Hackers (forbes.com)
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Half of Businesses Report Rise in State-Sponsored Cyber Threats (itsecuritywire.com)
SideWinder Launches New Espionage Campaign on Ports (inforisktoday.com)
Nation State Actors
Half of Businesses Report Rise in State-Sponsored Cyber Threats (itsecuritywire.com)
Nation-state actors exploit political tension to launch phishing campaigns (betanews.com)
China
Basic failures led to hack of Electoral Commission data on 40 million people | Computer Weekly
Germany summons Chinese envoy over 2021 cyber attack – DW – 07/31/2024
Russia
Russian ransomware gangs account for 69% of all ransom proceeds (bleepingcomputer.com)
Russia-linked brute-force attacks trying to compromise European networks, report (computing.co.uk)
US Trades Cyber Criminals to Russia in Prisoner Swap – Krebs on Security
Russian ransomware generates over $500m in crypto proceeds, TRM Labs says
Russia’s war against Ukraine: Lessons on infrastructure security an (epc.eu)
Ukraine's IT Army Is a 'World First' in Cyberwarfare, but It's a Gamble - Business Insider
Ransomware Dominated by Russian Threat Operations | MSSP Alert
Domains with delegated name service may be Sitting Ducks • The Register
Russian-Speaking Groups Dominate Crypto-Related Cyber Crime: TRM Labs (cryptopotato.com)
From Geopolitics to Boardrooms: The Impact of the Kaspersky Ban - Security Boulevard
Cyber Espionage Group XDSpy Targets Companies in Russia and Moldova (thehackernews.com)
Ukraine's cyber op shut down ATM services of major Russian banks (securityaffairs.com)
North Korea
UK and allies expose North Korean cyber campaign (ukdefencejournal.org.uk)
North Koreans Target Devs Worldwide With Spyware, Job Offers (darkreading.com)
South Korea probes data leak of agents spying on the North | South China Morning Post (scmp.com)
Tools and Controls
Just One in 10 Attacks Flagged By Security Tools - Infosecurity Magazine (infosecurity-magazine.com)
People Overconfident in Password Habits, Overwhelmed by Too Many Passwords - IT Security Guru
SMEs spending thousands on outsourced cyber security costs | Insurance Times
HR Magazine - One in five employees have no cyber security training
Report exposes lack of Cyber Security training in UK workplaces – PCR (pcr-online.biz)
SANS Institute Unveils Highly Anticipated Annual Security Awareness Report for 2024 (prweb.com)
Threat intelligence: A blessing and a curse? - Help Net Security
Crucial Lessons Learned For Cyber Security Resilience (forbes.com)
Top Ways To Assess And Address Third-Party Cyber Security Risk (forbes.com)
The Critical Role Of Response Time In Cyber Security (informationsecuritybuzz.com)
Cheshire East Council ready to 'wargame' potential cyber attacks - BBC News
What is cyber attribution? | Definition from TechTarget
PR vs cyber security teams: Handling disagreements in a crisis (securityintelligence.com)
The Power and Peril of RMM Tools (thehackernews.com)
The three cyber security blind spots affecting today’s CISOs | TechRadar
Building Resilience: Key Cyber Security Solutions for Enterprises (itprotoday.com)
Sitting Ducks attack exposes over a million domains to hijacking (securityaffairs.com)
Why monitoring dark web traffic is crucial for cyber security teams | TechRadar
ECB cyber resilience stress test reveals banks' strengths and gaps - ThePaypers
6 types of DNS attacks and how to prevent them | TechTarget
DigiCert Revoking 83,000 Certificates of 6,800 Customers - Security Week
Cyber crisis? How good PR can save your brand | Computer Weekly
Reports Published in the Last Week
SANS Institute Unveils Highly Anticipated Annual Security Awareness Report for 2024 (prweb.com)
Cost of a Data Breach Report 2024.pdf (ibm.com)
Vipre Q2 2024 Email Threat Report
Fortifying Cyber Resilience: Insights Into Global Cyber Security Practices (keepersecurity.com)
Other News
Nearly 7% of Internet Traffic Is Malicious - Schneier on Security
Starmer told to ‘wake up’ and protect UK from cyber attacks before it is too late | The Independent
Organisations fail to log 44% of cyber attacks, major exposure gaps remain - Help Net Security
Report reveals how cyber attacks target organisations depending on size (securitybrief.co.nz)
Cyber attacks against UK utility companies up 586% in 2023: Chaucer - Reinsurance News
Cyber attacks on utilities increased seven-fold in 2023 - Utility Week
Millions of Websites Susceptible to XSS Attack via OAuth Implementation Flaw - Security Week
Utility firms hit by huge leap in cyber threats – insurer (emergingrisks.co.uk)
Is it time to refresh the UK's cyber strategy? | Computer Weekly
French Internet Lines Cut in Latest Attack During Olympics – BNN Bloomberg
The Top Challenges Of Managed Security (forbes.com)
ECB cyber resilience stress test reveals banks' strengths and gaps - ThePaypers
Cyber Attacks Present Shipping's Biggest Threat Since WWII (pymnts.com)
Cyber Security: A key focus for North American Banks | Global Finance Magazine (gfmag.com)
From Geopolitics to Boardrooms: The Impact of the Kaspersky Ban - Security Boulevard
8 in 10 Large Merchants Have Faced Cyber Attacks in Past Year (pymnts.com)
Telecoms are prime targets for cyber attacks in 2024, Kaspersky report - Africa Business Communities
Vulnerability Management
6% of All Published CVEs Have Been Exploited in the Wild, Report Finds - IT Security Guru
NIST may not resolve vulnerability database backlog until early 2025, analysis shows - Nextgov/FCW
Why a strong patch management strategy is essential for reducing business risk - Help Net Security
NVD Backlog Continues to Grow (darkreading.com)
Navigating the Evolving Landscape of Cyber Security - Security Boulevard
Vulnerabilities
VMware ESXi hypervisor vulnerability grants full admin privileges | CSO Online
PatchNow: ServiceNow Critical RCE Bugs Under Active Exploit (darkreading.com)
Proofpoint settings exploited to send millions of phishing emails daily (bleepingcomputer.com)
Microsoft Says Ransomware Gangs Exploiting Just-Patched VMware ESXi Flaw - Security Week
Exploited Vulnerability Could Impact 20k Internet-Exposed VMware ESXi Instances - Security Week
Veeam Backup Software Being Exploited By New Ransomware Group - Security Boulevard
July Windows Server updates break Remote Desktop connections (bleepingcomputer.com)
Update your Chrome browser to add critical security feature | Digital Trends
Could Intel Have Fixed Spectre & Meltdown Bugs Earlier? (darkreading.com)
Millions of Devices Vulnerable to 'PKFail' Secure Boot Bypass Issue (darkreading.com)
Microsoft Confirms It Broke Windows As 30-Minute Crashes Hit After Update (forbes.com)
RADIUS Protocol Vulnerability Impacted Multiple Cisco Products (cybersecuritynews.com)
Acronis Cyber Infrastructure bug actively exploited in the wild (securityaffairs.com)
Apple Rolls Out Security Updates for iOS, macOS - Security Week
Researcher says deleted GitHub data can be accessed 'forever' | TechTarget
New Specula tool uses Outlook for remote code execution in Windows (bleepingcomputer.com)
Got a PC with a 13th or 14th gen Intel Core CPU? You need to read this | ZDNET
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
As usual, contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.