Black Arrow Cyber Threat Intelligence Briefing 06 December 2024
Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Top Cyber Stories of the Last Week
Generative AI Makes Phishing Attacks More Believable and Cost-Effective
In a survey of 14,500 executives, IT and security professionals, and office workers, Avanti found that phishing is the top threat that is increasing due to generative AI. Training is a vital element of security, and although 57% of organisations say they use anti-phishing training to protect themselves from sophisticated social engineering attacks, only 32% believe that such training is “very effective”. Lack of skills is a major challenge for one in three security professionals. Real-time, accessible data is essential, yet 72% of IT and security data remain siloed.
Nearly Half a Billion Emails to Businesses Contain Malicious Content
A report by Hornetsecurity shows that over a third of all business emails in 2024 were unwanted, with 2.3% (around 427.8 million) containing malicious content. Phishing drove a third of all cyber attacks, while malicious URLs accounted for nearly a quarter. Reverse-proxy credential theft rose, using links instead of file attachments. Shipping brands like DHL and FedEx were the most impersonated. The data underscores the need for a zero-trust mindset and improved user awareness to strengthen defences against increasingly sophisticated threats.
65% of Office Workers Bypass Cyber Security to Boost Productivity
CyberArk found that 65% of office staff circumvent policies to improve their productivity, with half frequently reusing passwords and nearly a third sharing credentials. Over a third ignore important updates, and many use AI tools, often feeding sensitive data without adhering to guidelines. Senior executives are twice as likely to fall victim to phishing. The findings highlight the urgent need for identity-focused security strategies that enable efficient work while reducing risk.
Cyber Warfare Rising Across EU in Bid to 'Destabilise' Member States
EU cyber body ENISA reports a surge in hostile cyber activity across Europe, warning that escalating espionage, sabotage, violence, and disinformation threaten essential services and strategic interests. A successful attack on Europe’s key supply chains could have catastrophic cascading effects. Germany has formed a new task force to counter these threats before the federal election, while the UK’s national cyber agency confirms increased and more sophisticated hostile activity. Russia and China remain prominent cyber espionage threats. ENISA rates the threat to EU entities as “substantial”, as malicious cyber activity is deployed to manipulate events, destabilise societies, and undermine EU democracy and values.
INTERPOL Arrests 5,500 in Global Cyber Crime Crackdown, Seizes Over $400 Million
INTERPOL’s latest global cyber crime crackdown led to over 5,500 arrests and seized more than $400 million in assets. Involving 40 countries, it dismantled a voice phishing operation that stole $1.1 billion from over 1,900 victims. Criminals impersonated law enforcement, exploiting digital currencies and undermining trust in financial systems. INTERPOL also warned of new scams using stablecoins and romance-themed lures to drain victims’ wallets. These results highlight the urgent need for international collaboration to counter large-scale cyber crime and protect individuals, businesses, and the integrity of digital economies.
Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defences
A new phishing campaign is using corrupted ZIP archives and Office documents to bypass email security measures. Since August 2024, attackers have exploited the built-in recovery features of popular software to open seemingly broken files. Users are tricked by false promises like employee benefits, and once opened, these documents contain QR codes redirecting victims to malicious websites. The files evade most security filters while appearing to function normally. This highlights how attackers continually search for new techniques to slip past cyber security tools and compromise organisations’ systems and data.
Russian Money Laundering Networks Uncovered Linking Narco Traffickers, Ransomware Gangs and Kremlin Spies
British authorities uncovered a vast Russian-linked money laundering system connecting drug traffickers, cyber criminals and sanctioned elites, resulting in over 80 arrests worldwide. This billion-dollar operation relied on two Moscow-based firms to shift value across 30 countries using cryptocurrency, property and other assets. More than £20 million in cash and cryptocurrency has already been seized. New sanctions target senior figures behind the networks, aiming to disrupt their access to global financial systems. The investigation revealed that narcotics gangs, Russian state-linked espionage activities and cyber criminals all benefited, posing a significant threat to global security and financial stability.
UK Underestimates Threat of Cyber Attacks from Hostile States and Gangs
The UK’s National Cyber Security Centre (NCSC) warns organisations are underestimating state and criminal cyber threats. Hostile activities have increased, with severe incidents trebling to 12 last year. Ransomware attacks remain a major concern, targeting sectors from academia to healthcare. The centre responded to 430 serious incidents, up from 371 previously. Russia’s “aggression and recklessness” and China’s “sophisticated” attacks highlight how critical national infrastructure and key services remain vulnerable. The call is clear: organisations must strengthen defences to address these evolving threats, which pose a growing risk to both economic stability and public services.
Why You Must Beware of Dangerous New Scam-Yourself Cyber Attacks
The latest report from cyber security provider Gen shows a 614% quarterly rise in ‘scam-yourself’ cyber attacks, where victims unwittingly paste malicious code themselves. Tactics include fake tutorials, deceptive tech support, false CAPTCHA prompts and bogus updates. This spike coincides with a 39% surge in data-stealing malware and a 1154% increase in a popular information stealer. Such threats are reshaping the landscape, catching millions off-guard and driving urgent attention to robust cyber security solutions. Business leaders must foster greater awareness and invest in proactive, multilayered cyber security strategies to protect their organisations.
Security Must Be Used as a Springboard, Not Just a Shield
Many organisations still view cyber security as a necessary expense rather than a growth catalyst. Research suggests that embracing it as a strategic enabler can boost productivity, build customer trust, and strengthen competitiveness. It found that nearly half of surveyed organisations suffered more than 12 hours of downtime after a cyber attack, with a third experiencing a full day’s disruption. As more connected environments emerge, security leaders must highlight metrics like uptime and customer satisfaction to board members. By doing so, cyber security becomes a driver of operational resilience and long-term success, not just a shield against threats.
Why Your Cyber Insurance May Not Cover Everything: Finding and Fixing Blind Spots
Only 1% of organisations recently surveyed received full reimbursement from their cyber insurance, and the average payout covered just 63% of incurred costs. Nearly half lacked clarity about what their policies covered. Common shortfalls arose when remediation expenses exceeded coverage limits or were not pre-approved, and when required security measures were not fully implemented. Strengthening cyber security practices increased the likelihood of better coverage, with more than three-quarters seeing improved terms after boosting cyber defences. Involving IT and security teams in insurance decisions and improving internal protections can help deliver more comprehensive and cost-effective cyber insurance in the future.
Cyber Criminals Already Using AI for Most Types of Scams, FBI Warns
The FBI warns that cyber criminals increasingly use generative AI to create believable text, images, audio, and video. This allows them to scale their cyber crime operations and trick victims by avoiding usual warning signs. Criminals impersonate trusted individuals, forge identification, and run convincing investment or donation scams. The FBI suggests using a secret word with loved ones, being cautious with personal details, and watching for subtle inconsistencies. Confirm unsolicited calls or messages by independently contacting banks or authorities, and limit sharing personal images or voice recordings online as a precaution.
Sources:
https://www.helpnetsecurity.com/2024/12/06/genai-phishing-attacks-concerns/
https://www.helpnetsecurity.com/2024/12/04/employees-privileged-access-security-risk/
https://www.irishexaminer.com/news/arid-41529398.html
https://thehackernews.com/2024/12/interpol-arrests-5500-in-global.html
https://thehackernews.com/2024/12/hackers-use-corrupted-zips-and-office.html
https://therecord.media/russian-money-laundering-networks-trafficking-cybercrime-kremlin
https://betanews.com/2024/11/29/security-must-be-used-as-a-springboard-not-just-a-shield/
https://cybernews.com/security/cybercriminals-using-ai-for-most-types-of-scams-fbi/
Governance, Risk and Compliance
Many small businesses are falling well short when it comes to cyber security plans | TechRadar
Security must be used as a springboard, not just a shield
NIS2 still a mystery to cyber security bosses, research shows - Data Centre & Network News
6 Considerations to Determine if a Cyber Incident Is Material | Troutman Pepper - JDSupra
CISOs will face growing challenges in 2025 and beyond | Computer Weekly
CISOs in 2025: Evolution of a High-Profile Role
65% of employees bypass cyber security policies, driven by hybrid work and flexible access
Why Operational Risk Planning Is Crucial For Every SME
Large And Small Businesses Face More Serious Repercussions From Cyber Threats | HackerNoon
Incident Response Playbooks: Are You Prepared?
63% of companies plan to pass data breach costs to customers | CSO Online
Why your cyber insurance may not cover everything: Finding and fixing blind spots | SC Media
How to talk to your board about tech debt | CIO
Navigating the Changing Cyber Security Regulations Landscape
The Rising Tide of Cyber Threats: Stay Ahead, Fortify Defences - The Futurum Group
Employees suffering compliance and security fatigue | theHRD
Building a robust security posture with limited resources - Help Net Security
Threats
Ransomware, Extortion and Destructive Attacks
Ransomware Strikes when Organisations Unknowingly Open the Door | Security Info Watch
Does Cyber Insurance Drive Up Ransom Demands?
Russian Hacker With $10 Million Bounty on His Head Reportedly Arrested - SecurityWeek
No company too small for Phobos ransomware gang, indictment reveals | Malwarebytes
Storm-1811 exploits RMM tools to drop Black Basta ransomware
Ransomware attacks on critical sectors ramped up in November | TechTarget
Hackers are pivoting from data breaches to business shutdowns
Wanted Russian Hacker Linked to Hive and LockBit Ransomware Arrested
Ransomware's Grip on Healthcare
Ransomware Costs Manufacturing Sector $17bn in Downtime - Infosecurity Magazine
Ransomware Victims
UK hospital resorts to paper and postpones procedures after cyber attack
Arrowe Park: 'Longer A&E wait times' continue after cyber attack - BBC News
Cyber attack hits three NHS Liverpool hospitals | UKAuthority
Blue Yonder Confirms Reports of Recent Ransomware Attack | Console and Associates, P.C. - JDSupra
Ransomware Attack Disrupts Operations at US Contractor ENGlobal - Infosecurity Magazine
Bologna FC Hit By 200GB Data Theft and Ransom Demand - Infosecurity Magazine
Stoli Vodka and Kentucky Owl File for Bankruptcy Following Cyber Attack, Russian Seizures | NTD
Vodka maker Stoli files for bankruptcy in US after ransomware attack
Phishing & Email Based Attacks
Novel phising campaign uses corrupted Word documents to evade security
Corrupted Word Files Fuel Sophisticated Phishing Campaign - Infosecurity Magazine
This worrying new phishing attack is going after Microsoft 365 accounts | TechRadar
This New Microsoft 365 Attack Can Break Through Your 2FA: Here's How
Hackers Use Corrupted ZIPs and Office Docs to Evade Antivirus and Email Defences
Nearly half a billion emails to businesses contain malicious content, Hornet Security report finds
KnowBe4 Releases the Latest Phishing Trends Report
GenAI makes phishing attacks more believable and cost-effective - Help Net Security
New Rockstar 2FA phishing service targets Microsoft 365 accounts
North Korean Hacking Group Launches Undected Malwareless URL Phishing Attacks
HR and IT are among top-clicked phishing subjects
Top Five Industries Aggressively Targeted By Phishing Attacks
Don't Fall For This "Sad Announcement" Phishing Scam
Defending Against Email Attachment Scams - Security Boulevard
Widespread RAT compromise via bogus emails, JavaScript payloads detailed | SC Media
This sneaky phishing attack is a new take on a dirty old trick | PCWorld
Phishing attacks rose by more than 600% in the buildup to Black Friday | Security Magazine
Other Social Engineering
Why You Must Beware Of Dangerous New Scam-Yourself Cyber Attacks
North Korea deploying fake IT workers and hackers to target UK firms, cryptocurrency,... - LBC
Spotting the Charlatans: Red Flags for Enterprise Security Teams - SecurityWeek
How North Korean Hackers Pilfered $16 Million From A Crypto Exchange Via LinkedIn
Artificial Intelligence
GenAI makes phishing attacks more believable and cost-effective - Help Net Security
Cyber criminals already using AI for most types of scams, FBI warns | Cybernews
How laws strain to keep pace with AI advances and data theft | ZDNET
FBI Warns GenAI is Boosting Financial Fraud - Infosecurity Magazine
Teenagers leading new wave of cyber crime - Help Net Security
Cyber security professionals call for AI regulations
Cyber security in 2025: AI threats & zero trust focus
Microsoft's Vasu Jakkal on how gen AI is redefining cyber security | VentureBeat
Treat AI like a human: Redefining cyber security - Help Net Security
AI chatbot startup WotNot leaks 346,000 files, including passports and medical records
25% of enterprises using AI will deploy AI agents by 2025 | ZDNET
2FA/MFA
This worrying new phishing attack is going after Microsoft 365 accounts | TechRadar
This New Microsoft 365 Attack Can Break Through Your 2FA: Here's How
Malware
North Korean Hacking Group Launches Undected Malwareless URL Phishing Attacks
Code found online exploits LogoFAIL to install Bootkitty Linux backdoor - Ars Technica
Venom Spider Spins Web of MaaS Malware
Russia's 'BlueAlpha' APT Hides in Cloudflare Tunnels
Hackers Leveraging Cloudflare Tunnels, DNS Fast-Flux to Hide GammaDrop Malware
New Windows Backdoor Security Warning For Bing, Dropbox, Google Users
More_eggs MaaS Expands Operations with RevC2 Backdoor and Venom Loader
Widespread RAT compromise via bogus emails, JavaScript payloads detailed | SC Media
SmokeLoader Malware Campaign Targets Companies in Taiwan - Infosecurity Magazine
ANEL and NOOPDOOR Backdoors Weaponized in New MirrorFace Campaign Against Japan
Security Bite: Threat actors are widely using AI to build Mac malware - 9to5Mac
'Horns&Hooves' Malware Campaign Hits Over 1,000 Victims
Mobile
8 Million Android Users Hit by SpyLoan Malware in Loan Apps on Google Play
SMEs put at risk by poor mobile security practices
New DroidBot Android malware targets 77 banking, crypto apps
Android's December 2024 Security Update Patches 14 Vulnerabilities - SecurityWeek
FBI and CISA say to use encrypted messengers as Chinese hackers attack networks | Cybernews
The FBI now says encryption is good for you – Computerworld
NSO Group's Pegasus Spyware Detected in New Mobile Devices
Business leaders among Pegasus spyware victims, says security firm | TechCrunch
Smartphone Security Warning—Make Changes Now Or Become A Victim
Many small businesses are falling well short when it comes to cyber security plans | TechRadar
Top 5 Mobile Security Risks for Enterprises - Zimperium
Trojan-as-a-Service Hits Euro Banks, Crypto Exchanges
This is why the FBI is warning iOS users not to text Android users and vice versa - PhoneArena
Banking apps can now require recent Android security updates
Denial of Service/DoS/DDoS
Misconfigured WAFs Heighten DoS, Breach Risks
How DDoS attacks are shaping esports security and risk management | Insurance Business America
Internet of Things – IoT
From Patchwork to Framework: Towards a Global IoT Security Paradigm - Infosecurity Magazine
Chinese LIDAR Dominance a Cyber Security Threat, Warns Think Tank - Infosecurity Magazine
Data Breaches/Leaks
Russian hacking software used to steal hundreds of MoD log-ins
760,000 Employee Records From Several Major Firms Leaked Online - SecurityWeek
Sadiq Khan admits some commuters may never be refunded after TfL cyber attack
Hundreds of UK Ministry of Defence passwords found circulating on the dark web | CSO Online
White FAANG Data Export Attack: A Gold Mine for PII Threats
63% of companies plan to pass data breach costs to customers | CSO Online
Deloitte Hacked - Brain Cipher Group Allegedly Stolen 1 TB of Data
Process over top-down enforcement: prevent data leaks
Lessons in cyber security from the Internet Archive Breaches | TechRadar
AI chatbot startup WotNot leaks 346,000 files, including passports and medical records
Israeli tech firm Silicom denies Iranian claims of Mossad and Unit 8200 links after c | Ctech
Controversial Andrew Tate ‘War Room’ Videos Leaked By Hackers
Organised Crime & Criminal Actors
INTERPOL Arrests 5,500 in Global Cyber Crime Crackdown, Seizes Over $400 Million
How laws strain to keep pace with AI advances and data theft | ZDNET
UK Justice System Failing Cyber Crime Victims, Cyber Helpline Finds - Infosecurity Magazine
Alleged Snowflake Hacker ‘Danger’ to the Public
Russia gives life sentence to Hydra dark web kingpin • The Register
Venom Spider Spins Web of MaaS Malware
Teenagers leading new wave of cyber crime - Help Net Security
Cyber criminals already using AI for most types of scams, FBI warns | Cybernews
German Police Shutter Country’s Largest Dark Web Market - Infosecurity Magazine
Europol Dismantles Criminal Messaging Service MATRIX in Major Global Takedown
Eurocops red pill the Matrix 'secure' criminal chat systems • The Register
Police seizes largest German online crime marketplace, arrests admin
Record-Breaking $2 Million Bounty Offered To Crypto.com Hackers
Scattered Spider Hacking Gang Arrests Mount with California Teen
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Hackers Stole $1.49 Billion in Cryptocurrency to Date in 2024 - SecurityWeek
How North Korean hackers stole billions in crypto while posing as VCs, IT workers – Firstpost
North Korea deploying fake IT workers and hackers to target UK firms, cryptocurrency,... - LBC
New DroidBot Android malware targets 77 banking, crypto apps
How North Korean Hackers Pilfered $16 Million From A Crypto Exchange Via LinkedIn
Record-Breaking $2 Million Bounty Offered To Crypto.com Hackers
Insider Risk and Insider Threats
65% of employees bypass cyber security policies, driven by hybrid work and flexible access
Inside threats: How can companies improve their cyber hygiene?
Insider Threats vs. Privacy: A Dilemma for IT Professionals
Process over top-down enforcement: prevent data leaks
Macy’s found a single employee hid up to $154 million worth of expenses | CNN Business
Insurance
Does Cyber Insurance Drive Up Ransom Demands?
Cyber insurance checklist: 12 must-have security features | SC Media
Why your cyber insurance may not cover everything: Finding and fixing blind spots | SC Media
Supply Chain and Third Parties
Report shows the threat of supply chain vulnerabilities from third-party products | TechRadar
Blue Yonder Confirms Reports of Recent Ransomware Attack | Console and Associates, P.C. - JDSupra
Hardening Links in Supply Chain Security | SC Media UK
Fear of cyber attack outweighs investment in security along the supply chain - The Loadstar
Cloud/SaaS
This worrying new phishing attack is going after Microsoft 365 accounts | TechRadar
This New Microsoft 365 Attack Can Break Through Your 2FA: Here's How
CyberRatings report exposes critical flaws in cloud-native firewalls | SC Media
New Rockstar 2FA phishing service targets Microsoft 365 accounts
5 things you should never back up to the cloud
New Windows Backdoor Security Warning For Bing, Dropbox, Google Users
7 PAM Best Practices to Secure Hybrid and Multi-Cloud Environments
Outages
Identity and Access Management
The New Cyber Frontier: Managing Risks in Distributed Teams - Infosecurity Magazine
7 PAM Best Practices to Secure Hybrid and Multi-Cloud Environments
Encryption
The Growing Quantum Threat to Enterprise Data: What Next?
FBI and CISA say to use encrypted messengers as Chinese hackers attack networks | Cybernews
The FBI now says encryption is good for you – Computerworld
This is why the FBI is warning iOS users not to text Android users and vice versa - PhoneArena
Linux and Open Source
70% of open-source components are poorly or no longer maintained - Help Net Security
Code found online exploits LogoFAIL to install Bootkitty Linux backdoor - Ars Technica
New Report Highlights Open Source Trends And Security Challenges
Passwords, Credential Stuffing & Brute Force Attacks
Hundreds of UK Ministry of Defence passwords found circulating on the dark web | CSO Online
North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks
Six password takeaways from the updated NIST cybersecurity framework
Microsoft's Vasu Jakkal on how gen AI is redefining cyber security | VentureBeat
Social Media
Tech Support Scams Exploit Google Ads to Target Users | Tripwire
How North Korean Hackers Pilfered $16 Million From A Crypto Exchange Via LinkedIn
Romania to recount votes as TikTok slammed for election role | Stars and Stripes
Meta says it has taken down about 20 covert influence operations in 2024 | Meta | The Guardian
Malvertising
Tech Support Scams Exploit Google Ads to Target Users | Tripwire
Regulations, Fines and Legislation
How laws strain to keep pace with AI advances and data theft | ZDNET
EC takes action as member states miss NIS2 directive deadline
NIS2 still a mystery to cyber security bosses, research shows - Data Centre & Network News
6 Considerations to Determine if a Cyber Incident Is Material | Troutman Pepper - JDSupra
DORA Demystified: Dispelling 5 Myths for ICT Service Providers | Morrison & Foerster LLP - JDSupra
New EU Regulation Establishes European 'Cyber Security Shield' - SecurityWeek
Cyber Security: Council of EU formally adopts Cybersecurity and Cyber Solidarity Act | Practical Law
Cyber security professionals call for AI regulations
Navigating the Changing Cyber Security Regulations Landscape
Employees suffering compliance and security fatigue | theHRD
Models, Frameworks and Standards
EC takes action as member states miss NIS2 directive deadline
NIS2 still a mystery to cyber security bosses, research shows - Data Centre & Network News
New NIST Guidance Offers Update on Gauging Cyber Performance
DORA Demystified: Dispelling 5 Myths for ICT Service Providers | Morrison & Foerster LLP - JDSupra
Six password takeaways from the updated NIST cybersecurity framework
Careers, Working in Cyber and Information Security
Human Intelligence is the Key to Combating the UK’s Cyber Skills Crisis | SC Media UK
Optimism About Cyber Workforce Advancements | AFCEA International
World Wide Work: Landing a Cyber Security Career Overseas
Law Enforcement Action and Take Downs
INTERPOL Arrests 5,500 in Global Cyber Crime Crackdown, Seizes Over $400 Million
Alleged Snowflake Hacker ‘Danger’ to the Public
Russian Hacker With $10 Million Bounty on His Head Reportedly Arrested - SecurityWeek
German Police Shutter Country’s Largest Dark Web Market - Infosecurity Magazine
Europol Dismantles Criminal Messaging Service MATRIX in Major Global Takedown
US arrests Scattered Spider suspect linked to telecom hacks
UK Justice System Failing Cyber Crime Victims, Cyber Helpline Finds - Infosecurity Magazine
Misinformation, Disinformation and Propaganda
Cyber Attacks Could Impact Romanian Presidential Race, Officials Claim - Infosecurity Magazine
German intelligence agency warns of 'foreign interference' in upcoming elections
Meta says it has taken down about 20 covert influence operations in 2024 | Meta | The Guardian
Romania to recount votes as TikTok slammed for election role | Stars and Stripes
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Cyberwarfare 2025: The rise of AI weapons, zero-days, and state-sponsored chaos
Cyber warfare rising across EU in bid to 'destablise' member states
NATO promises better strategy against cyber attacks and undersea cables – Euractiv
UK Underestimates Threat Of Cyber-Attacks, NCSC | Silicon UK
Nation State Actors
China
Joint Advisory Warns of PRC-Backed Cyber Espionage Targeting Telecom Networks
US government says Salt Typhoon is still in telecom networks | CyberScoop
Microsoft spots another China spy crew stealing US data • The Register
US org suffered four month intrusion by Chinese hackers
FBI and CISA say to use encrypted messengers as Chinese hackers attack networks | Cybernews
Government Guidance on Chinese Telco Hacking Highlights Threat to Cisco Devices - SecurityWeek
The FBI now says encryption is good for you – Computerworld
US shares tips to block hackers behind recent telecom breaches
T-Mobile CSO: Cyber spies' initial access method 'is novel' • The Register
US critical infrastructure, military at risk of Chinese LiDAR tech compromise | SC Media
Finland: Outage reported after fiber optic cable damaged – DW – 12/03/2024
Romania to recount votes as TikTok slammed for election role | Stars and Stripes
SmokeLoader Malware Campaign Targets Companies in Taiwan - Infosecurity Magazine
Russia
NATO promises better strategy against cyber attacks and undersea cables – Euractiv
‘Russia can turn the lights off’: how the UK is preparing for cyberwar | Cyberwar | The Guardian
Hackers Leveraging Cloudflare Tunnels, DNS Fast-Flux to Hide GammaDrop Malware
Germany’s cyber security and infrastructure under attack by Russia, chancellor says – POLITICO
Pro-Russian Hacktivist Group Claims 6600 Attacks Targeting Europe - Infosecurity Magazine
North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks
NCA Disrupts Multi-Billion Dollar Russian Money Laundering Network
She Was a Russian Socialite and Influencer. Cops Say She’s a Crypto Laundering Kingpin | WIRED
Finland: Outage reported after fiber optic cable damaged – DW – 12/03/2024
Russian programmer says FSB agents planted spyware on his Android phone | TechCrunch
Spy v Spy: Russian APT Turla Caught Stealing From Pakistani APT - SecurityWeek
Russian Hacker With $10 Million Bounty on His Head Reportedly Arrested - SecurityWeek
Ransomware suspect Wazawaka reportedly arrested by Russia | The Record from Recorded Future News
Russia gives life sentence to Hydra dark web kingpin • The Register
Putin and ransomware blamed for Stoli US bankruptcy filing • The Register
'Horns&Hooves' Malware Campaign Hits Over 1,000 Victims
Romania's election systems targeted in over 85,000 cyber attacks
Russian hacking software used to steal hundreds of MoD log-ins
Iran
Kash Patel, Trump's pick to lead FBI, hit with Iranian cyber attack, sources say - ABC News
North Korea
North Korean Hacking Group Launches Undected Malwareless URL Phishing Attacks
How North Korean hackers stole billions in crypto while posing as VCs, IT workers – Firstpost
North Korea deploying fake IT workers and hackers to target UK firms, cryptocurrency,... - LBC
How North Korean Hackers Pilfered $16 Million From A Crypto Exchange Via LinkedIn
North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks
Kimsuky Group Adopts New Phishing Tactics to Target Victims - Infosecurity Magazine
Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence
Pro-Russian Hacktivist Group Claims 6600 Attacks Targeting Europe - Infosecurity Magazine
Polish Central Banker Testifies in Pegasus Spyware Case – BNN Bloomberg
How widespread is mercenary spyware? More than you think - Help Net Security
Study shows potentially higher prevalence of spyware infections than previously thought | CyberScoop
NSO Group's Pegasus Spyware Detected in New Mobile Devices
Business leaders among Pegasus spyware victims, says security firm | TechCrunch
A New Phone Scanner That Detects Spyware Has Already Found 7 Pegasus Infections | WIRED
How a Russian man’s harrowing tale shows the physical dangers of spyware | CyberScoop
Tools and Controls
65% of office workers bypass cyber security to boost productivity - Help Net Security
Storm-1811 exploits RMM tools to drop Black Basta ransomware
5 reasons to double down on network security - Help Net Security
Misconfigured WAFs Heighten DoS, Breach Risks
CyberRatings report exposes critical flaws in cloud-native firewalls | SC Media
Incident Response Playbooks: Are You Prepared?
Why your cyber insurance may not cover everything: Finding and fixing blind spots | SC Media
7 PAM Best Practices to Secure Hybrid and Multi-Cloud Environments
Why Robust API Security is a Must for Your Business - Security Boulevard
Many small businesses are falling well short when it comes to cyber security plans | TechRadar
Human Intelligence is the Key to Combating the UK’s Cyber Skills Crisis | SC Media UK
Six password takeaways from the updated NIST cybersecurity framework
Does Cyber Insurance Drive Up Ransom Demands?
Insider Threats vs. Privacy: A Dilemma for IT Professionals
New NIST Guidance Offers Update on Gauging Cyber Performance
Shorter Lifespan Reduces Digital Certificate Vulns
How to talk to your board about tech debt | CIO
Modernizing incident response in the era of cloud and AI - TechTalks
Other News
Hackers Can Access Laptop Webcams Without Activating LED Indicator
Many small businesses are falling well short when it comes to cyber security plans | TechRadar
71% of US Adults Have Dangerous Online Security Habits This Year, CNET Survey Finds - CNET
Sadiq Khan admits some commuters may never be refunded after TfL cyber attack
Your Kids Are Probably Compromising Your Online Security | Next Avenue
As Device Dependency Grows, So Do The Risks
Nordics move to deepen cyber security cooperation | Computer Weekly
Re/insurers’ operations exposed to cyber threats, says S&P - Reinsurance News
The UK’s cyber security strategy is no longer fit for purpose
Christmas is Coming: Cyber Security Lessons from the Holidays - Security Boulevard
In the new space race, hackers are hitching a ride into orbit
SQL Injection Prevention: 6 Strategies - Security Boulevard
The Legal Landscape Of Privacy: Why Lawyers Must Keep Up With Change - Above the Law
Microsoft confirms the Windows 11 TPM security requirement isn't going anywhere
Why OT environments are vulnerable – and what to do about it | SC Media
Almost all top US retailers were hacked in 2024 | Chain Store Age
Data-rich universities are both targets and treasure troves | Times Higher Education (THE)
Vulnerability Management
Microsoft Warns 400 Million PC Owners—This Ends Your Windows Updates
70% of open-source components are poorly or no longer maintained - Help Net Security
Report shows the threat of supply chain vulnerabilities from third-party products | TechRadar
Want to Grow Vulnerability Management into Exposure Management? Start Here!
Vulnerabilities
Cisco ASA flaw CVE-2014-2120 is being exploited in the wild
Android's December 2024 Security Update Patches 14 Vulnerabilities - SecurityWeek
Bootloader Vulnerability Impacts Over 100 Cisco Switches - SecurityWeek
Critical Vulnerability Found in Zabbix Network Monitoring Tool - SecurityWeek
CyberRatings report exposes critical flaws in cloud-native firewalls | SC Media
Cisco Warns of Exploitation of Decade-Old ASA WebVPN Vulnerability
CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel
TP-Link Archer Zero-Day Vulnerability Let Attackers Inject Malicious Commands
Critical SailPoint IdentityIQ Vulnerability Exposes Files to Unauthorized Access
PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) - Help Net Security
CISA Warns of Zyxel Firewall Vulnerability Exploited in Attacks - SecurityWeek
CISA Warns of Active Exploitation of Flaws in Zyxel, ProjectSend, and CyberPanel
Japan warns of IO-Data zero-day router flaws exploited in attacks
Rather than fixing its old routers, D-Link is telling customers to upgrade
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.