Black Arrow Cyber Threat Intelligence Briefing 7 February 2025
Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Executive Summary
Black Arrow Cyber's review of threat intelligence identified further evidence of an alarming increase in cyber threats targeting financial institutions, insurers, and enterprises, and the consequences that can include financial ruin.
Destructive cyber attacks have risen by over 12%, often erasing evidence rather than merely disrupting operations. Ransomware attacks surged by 26% in 2024, while phishing attacks have grown by nearly 50% since 2021, with AI-driven threats becoming more sophisticated. Insider threats are also on the rise, with ransomware gangs recruiting employees to facilitate breaches. Business leaders need to be aware that over 60% of enterprise cyber incidents stem from previously identified but unresolved risks, highlighting the need for proactive risk management. These trends underscore the evolving threat landscape and the critical need for a cohesive security strategy that includes continuous monitoring, the timely remediation of vulnerabilities, and employee awareness programmes.
The financial sector faces dual challenges from AI and cyber crime, with insurers ranking cyber attacks as an immediate risk. The weaponisation of AI in cyber attacks is accelerating, enabling adaptive, multi-stage social engineering campaigns. Meanwhile, credential-stealing malware now accounts for 25% of all malware activity, making identity protection a top priority. Cyber security governance is evolving to address this, with CISOs increasingly influencing business strategy and board directors taking a more proactive role in oversight.
As cyber risks intensify, Black Arrow Cyber advises businesses to prioritise cyber resilience, integrate security into corporate strategy, and enhance threat detection to safeguard operations, reputation, and financial stability.
Top Cyber Stories of the Last Week
Destructive Attacks on Financial Institutions Surge
Over half (54%) of financial institutions faced destructive cyber attacks last year, marking a 12.5% rise from 2023, according to Contrast Security. These attacks often serve to erase evidence rather than purely disrupt services. Two-thirds (64%) of firms reported cyber incidents, with cloud environments and APIs identified as key attack vectors. Despite strong detection rates (94%), attackers still bypassed defences, with 46 major breaches per month evading web application firewalls. Customer account takeovers rose by 48%, while 43% suffered ‘island hopping’ attacks where attackers exploit trusted relationships between organisations. The report highlights the need for continuous monitoring and application defence to counter evolving threats.
AI, Cyber Crime Perceived as Top Insurance Risks
The latest report from law firm Kennedys identifies artificial intelligence (AI) adoption and cyber crime as major risks for insurers. While AI is seen as the highest long-term risk, cited by over 85% of respondents, its full impact is expected to emerge over the next three to five years. Meanwhile, cyber attacks present a more immediate threat, with 27% of European, Middle Eastern, and African partners ranking it as their top concern for 2025. AI is also being exploited in cyber crime, increasing insurers’ exposure to data breaches. The report warns that inadequate cyber security could lead to severe financial, legal, and reputational consequences.
Ransomware Victims Increased by 26% in 2024
Ransomware attacks surged by 26% in 2024, with nearly 5,300 reported victims, according to a new analysis. The number of active ransomware gangs also grew, with LockBit remaining the most prolific despite a 50% drop in its victims. RansomHub rapidly scaled operations to take second place, while the Play gang continued to focus on manufacturing, real estate, and technology. Seasonal trends showed peak activity in spring and autumn, with summer seeing a decline. The US remained the most targeted country, with over 1,700 victims, more than ten times the number seen in Canada or the UK.
Over 60% of Enterprise Cyber Security Incidents Relate to Known Risks
A new report from ZEST Security reveals that 62% of enterprise cyber security incidents stem from previously identified risks that remain unresolved. Security teams struggle with long remediation times, taking 10 times longer to fix vulnerabilities than attackers take to exploit them. The financial burden is significant, exceeding $2 million annually. Backlogs are a key issue, with 87% of organisations managing over 100 critical security tickets. While automation and effort-based prioritisation are gaining traction, stricter SLAs and regulatory pressure are expected to drive faster remediation to mitigate the growing risk of cloud security incidents.
CISOs Drive the Intersection between Cyber Maturity and Business Continuity
The role of the CISO is evolving beyond IT, with one in five now reporting directly to the CEO, according to Deloitte’s latest cyber survey. High-cyber-maturity organisations are embedding cyber security into business strategy, enhancing resilience and enabling business continuity. Budget allocations are shifting, with cyber spending increasingly integrated into digital transformation and IT investments, reflecting its cross-functional impact. As regulatory pressures grow, particularly with new SEC disclosure requirements in the US, CISOs are playing a key role in risk management and compliance. Organisations with mature cyber strategies recover faster from incidents, protecting revenue, reputation and operations in an increasingly interconnected digital landscape.
Cyber Criminals Entice Traitorous Insiders via Ransom Notes
Ransomware gangs are now targeting employees with financial incentives to betray their and other organisations, embedding recruitment messages within ransom notes. Threat groups, including Sarcoma and DoNex, have begun soliciting insider access, offering substantial rewards for login credentials, network access, and sensitive data of any organisation. Security researchers note this tactic is a recent development, with threat actors exploiting disgruntled staff to bypass defences. While such offers may seem lucrative, experts warn that cyber criminals operate with no accountability, making payment unlikely. The shift highlights the evolving sophistication of ransomware operations, reinforcing the need for robust insider threat detection and employee awareness programmes.
Phishing Up Almost 50% Since 2021 with AI Attacks on the Rise
Phishing attacks have surged by 49% since 2021, with AI-driven threats emerging as a growing concern, according to Hoxhunt’s latest report. AI-generated phishing emails, while currently under 5% of reported cases, have risen sharply in just six months. On average, organisations with 1,000 employees face 2,330 phishing attempts that bypass filters each year, leading to 466 malicious clicks. Attackers frequently impersonate Microsoft, Docusign, and HR departments to exploit urgency and curiosity. Encouragingly, phishing awareness training can reduce incidents by 86% in six months, significantly enhancing organisational resilience against social engineering threats.
The Cyber-Driven Domino Effect: How Financial and Security Crises Bankrupt Businesses
A recent case involving Stoli Group highlights how cyber incidents can push financially vulnerable businesses into bankruptcy. Following a severe ransomware attack that disrupted financial reporting, Stoli was unable to provide lenders with key data, contributing to an $84 million debt burden and its eventual collapse. This case underscores the growing risk, which is especially high for small and medium-sized businesses (SMBs) that often lack the resources to recover from cyber attacks. With nearly 60% of SMBs failing within six months of an attack, organisations must prioritise cyber security resilience to prevent financial and operational ruin.
Board Directors Are Taking the Lead on Cyber Security Oversight
Board directors are increasingly taking a proactive role in cyber security oversight, shifting responsibility from IT teams to a company-wide approach. BDO’s 2024 board survey found that 37% of directors are broadening accountability, while many are investing in incident response strategies and regulatory compliance. The US SEC’s enhanced disclosure rules are driving the need for clear cyber incident reporting. Boards are also prioritising expertise, with 27% seeking cyber security knowledge in 2025. Directors are dedicating 42 hours annually to education, while external assessments, benchmarking, and evolving response plans are strengthening resilience against emerging threats.
Credential-Stealing Malware Surges in 2024
Credential-stealing malware now represents 25% of all malware activity, marking a threefold surge in this type of threat. Picus Security’s annual cyber security report found that credential theft has, for the first time, entered the top 10 techniques in the MITRE ATT&CK framework. Analysis of over one million malware samples revealed that just 10 attack techniques accounted for 93% of all malicious actions. Attackers are increasingly using stealthy multi-stage operations to extract credentials and leveraging encrypted channels to evade detection. Security teams can mitigate risk by focusing on the most prevalent attack techniques and enforcing strong authentication practices.
How Agentic AI will be Weaponised for Social Engineering Attacks
AI-driven social engineering attacks are evolving rapidly, with cyber criminals leveraging agentic AI to create highly personalised, adaptive, and multi-stage phishing campaigns. These AI agents can autonomously gather data, refine attack strategies, and deploy deepfake audio and video to deceive employees. Unlike traditional phishing, these threats are dynamic, adjusting to real-time responses. As AI becomes more autonomous, organisations must enhance defences by deploying AI-powered security tools, investing in adaptive awareness training, and fostering a cyber-aware culture. With AI-driven attacks set to rise, proactive measures are essential to mitigate risks and safeguard against increasingly sophisticated social engineering threats.
LinkedIn Has Become a Prime Hunting Ground for Cyber Criminals
LinkedIn has become a key target for cyber criminals using fake job offers to conduct social engineering attacks. A recent Bitdefender report highlights tactics used by the Lazarus Group, a North Korean state-sponsored threat actor, to deploy malware via fraudulent recruitment messages. Attackers trick victims into running malicious code disguised as job evaluation documents, ultimately stealing cryptocurrency wallet data and establishing persistence on systems. The group has also targeted sensitive industries such as aviation and defence. Experts warn professionals to remain vigilant, verify job offers, and avoid running unverified code outside secure environments like virtual machines.
Sources:
https://www.infosecurity-magazine.com/news/destructive-attacks-banks-surge-13/
https://www.insurancejournal.com/news/national/2025/02/04/810573.htm
https://betanews.com/2025/01/31/ransomware-victims-increased-by-26-percent-in-2024/
https://www.darkreading.com/threat-intelligence/cybercriminals-traitorous-insiders-ransom-notes
https://informationsecuritybuzz.com/credential-stealing-malware-surges-in/
https://www.securityweek.com/how-agentic-ai-will-be-weaponized-for-social-engineering-attacks/
https://www.itpro.com/security/cyber-attacks/linkedin-social-engineering-attacks
Governance, Risk and Compliance
AI, Cyber Ccrime Perceived as Top Insurance Risks: Kennedys
CISO stature gains traction as global cyber risk escalates | CIO Dive
CISOs drive the intersection between cyber maturity and business continuity
21% of CISOs Have Been Pressured Not to Report a Compliance Issue
Cyber Monitoring Centre Introduces ‘Richter Scale’ for Cyber-Attacks - Infosecurity Magazine
It pays to know how your cyber security stacks up | CSO Online
Infosec pros struggle under growing compliance - Help Net Security
The Cyber-Driven Domino Effect: How Financial and Security Crises Bankrupt Businesses | MSSP Alert
Boardroom cyber expertise comes under scrutiny
Board Directors Are Taking the Lead on Cyber Security Oversight
Critical Questions For Boards: Are You Prepared For Ransomware?
Study warns on "head-in-the-sand" approach to cyber security
Why cyber hygiene should be a priority for every business in 2025 - Digital Journal
Why Cyber Security Is Everyone’s Responsibility
EMEA CISOs Plan 2025 Cloud Security Investment
Under Pressure: Why Companies Must Mitigate the Churn of Cyber Security Leaders - Security Boulevard
The CISO’s role in advancing innovation in cyber security | CSO Online
Over 60 percent of enterprise cyber security incidents relate to known risks
Security Teams Pay the Price: The Unfair Reality of Cyber Incidents - SecurityWeek
Overconfident execs are making their companies vulnerable to fraud - Help Net Security
Why Cyber Security Needs Probability — Not Predictions
Budgets and Awareness Up, Impersonation Attacks Still Prominent | SC Media UK
Threats
Ransomware, Extortion and Destructive Attacks
Ransomware victims increased by 26 percent in 2024
Ransomware Groups Weathered Raids, Profited in 2024
Ransomware and the Impact on Human Lives
Critical Questions For Boards: Are You Prepared For Ransomware?
Cyber Criminals Court Traitorous Insiders via Ransom Notes
How to combat exfiltration-based extortion attacks | TechRadar
Top 3 Ransomware Threats Active in 2025
New AI "agents" could hold people for ransom in 2025 | Malwarebytes
Destructive Attacks on Financial Institutions Surge 13% - Infosecurity Magazine
More destructive cyber attacks target financial institutions - Help Net Security
Ransomware recovery payments fell in 2024 • The Register
Ransomware Victims
Indian tech giant Tata Technologies hit by ransomware attack
Tata Technologies confirms ransomware attack, says investigation still ongoing | TechRadar
Wirral NHS cyberattack leads to missed cancer care targets • The Register
Meet the Hired Guns Who Make Sure School Cyberattacks Stay Hidden | WIRED
Data breach disclosed by Mizuno after BianLian claims | SC Media
Engineering group IMI latest UK firm to be hit by cyber attack
Phishing & Email Based Attacks
How Agentic AI will be Weaponized for Social Engineering Attacks - SecurityWeek
Phishing up almost 50 percent since 2021 with AI attacks on the rise
Sophisticated Phishing Attack Bypasses Microsoft ADFS MFA - Infosecurity Magazine
High-profile X Accounts Targeted in Phishing Campaign - Infosecurity Magazine
1-Click Phishing Campaign Targets High-Profile X Accounts
Cyberhaven: A Wake-Up Call for Consent Phishing Risks | Grip - Security Boulevard
Sophisticated Phishing Campaign Targets Ukraine’s Largest Bank - Infosecurity Magazine
Using the NIST Phish Scale Framework to Detect and Fight Phishing Attacks - Security Boulevard
Business Email Compromise (BEC)/Email Account Compromise (EAC)
US and Dutch Authorities Dismantle 39 Domains Linked to BEC Fraud Network
Wembley Multi-Academy Trust Scammed Out of £385,000
Other Social Engineering
How Agentic AI will be Weaponized for Social Engineering Attacks - SecurityWeek
Top 5 AI-Powered Social Engineering Attacks
North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS
How to Protect Yourself from the Growing Threat of Spam Calls and Robocalls
Artificial Intelligence
How Agentic AI will be Weaponized for Social Engineering Attacks - SecurityWeek
Top 5 AI-Powered Social Engineering Attacks
AI, Cyber Crime Perceived as Top Insurance Risks: Kennedys
Why employees smuggle AI into work - BBC News
AI jailbreaking techniques prove highly effective against DeepSeek | Computer Weekly
DeepSeek’s Flagship AI Model Under Fire for Security Vulnerabilities - Infosecurity Magazine
Texas Governor Orders Ban on DeepSeek, RedNote for Government Devices - SecurityWeek
UK Announces “World-First” AI Security Standard - Infosecurity Magazine
Protect your data as cyber criminals use AI to target Mac in 2025
Risk Matters: Cyber Risk and AI – The Changing Landscape
Video Cyber Security expert discovers DeepSeek using ‘digital fingerprinting technology’ - ABC News
Qualys Report Raises Red Flags In DeepSeek-RI Security
New AI "agents" could hold people for ransom in 2025 | Malwarebytes
How Are Threat Actors Using Adversarial GenAI?
Invisible Threats: The Rise of AI-Powered Steganography Attacks - Security Boulevard
AI Rise: Can We Still Trust What We See? - InfoRiskToday
You Could Get 5 Years In Prison For Possessing These AI Tools
Cyber Threat Defence Code of Practice Announced by UK Government | SC Media UK
Can AI & the Cyber Trust Mark Rebuild Endpoint Confidence?
Scotland at risk of major AI hack, expert warns
Charges mount in former ex-Googler's AI theft case • The Register
2FA/MFA
Sophisticated Phishing Attack Bypasses Microsoft ADFS MFA - Infosecurity Magazine
Malware
Credential-stealing Malware Surges In 2024
Macs targeted by almost two dozen newly emergent payloads last year | SC Media
Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware
Coyote Malware Expands Reach: Now Targets 1,030 Sites and 73 Financial Institutions
Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware
DaggerFly-Linked Linux Malware Targets Network Appliances - Infosecurity Magazine
Threefold Increase in Malware Targeting Credential Stores - Infosecurity Magazine
Mac Users Warned As “Fully Undetectable” Security Backdoor Confirmed
Surge in Infostealer Attacks Threatens EMEA Organisations - Infosecurity Magazine
AI Malware Dressed Up as DeepSeek Lurks in PyPi
Protect your data as cyber criminals use AI to target Mac in 2025
North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS
22 New Mac Malware Families Seen in 2024 - SecurityWeek
New Microsoft script updates Windows media with bootkit malware fixes
Lazarus APT targets crypto wallets using cross-platform JavaScript stealer
Microsoft says attackers use exposed ASP.NET keys to deploy malware
North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials
The RAT Pack Returns: ValleyRAT's Devious Delivery Methods
Chinese cyber spies use new SSH backdoor in network device hacks
SparkCat Malware Uses OCR to Extract Crypto Wallet Recovery Phrases from Images
Bots/Botnets
Akamai warns of active attacks from new Mirai variant | SC Media
Mobile
Screenshot-reading malware cracks iPhone security for the first time | Digital Trends
Malware With Screen Reading Code Found in iOS Apps for the First Time - MacRumors
Google Bans 158,000 Malicious Android App Developer Accounts in 2024
Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104
Security and Privacy on Your Android Phone: Features You Should Know About - CNET
Why rebooting your phone daily is your best defence against zero-click hackers | ZDNET
Gravy Analytics soaks up another sueball over data breach • The Register
Wiping your iPhone? Here's the easiest way to erase all personal data | ZDNET
Denial of Service/DoS/DDoS
Akamai warns of active attacks from new Mirai variant | SC Media
Internet of Things – IoT
Akamai warns of active attacks from new Mirai variant | SC Media
Can AI & the Cyber Trust Mark Rebuild Endpoint Confidence?
Data Breaches/Leaks
Credential Theft Becomes Cyber Criminals' Favourite Target
Gravy Analytics soaks up another sueball over data breach • The Register
OpenAI Data Breach: Threat Actor Allegedly Claims 20 Million Logins for Sale
Mizuno USA says hackers stayed in its network for two months
NorthBay Health Data Breach Impacts 569,000 Individuals - SecurityWeek
Globe Life data breach may impact an additional 850,000 clients
US healthcare provider data breach impacts 1 million patients
1 Million Impacted by Data Breach at Connecticut Healthcare Provider - SecurityWeek
Meet the Hired Guns Who Make Sure School Cyberattacks Stay Hidden | WIRED
Data breach disclosed by Mizuno after BianLian claims | SC Media
Data Purportedly Stolen From Trump Hotels In Cyberattack | MSSP Alert
Taliban deny cyber security breach, claim leaked documents were not confidential | Amu TV
Organised Crime & Criminal Actors
US and Dutch Authorities Dismantle 39 Domains Linked to BEC Fraud Network
DOJ: Over 17M Americans Impacted By Seized Cyber Crime Forums | MSSP Alert
From credit card fraud to zero-day exploits: Xe Group expanding cyber criminal efforts | CyberScoop
Crazy Evil gang runs over 10 highly specialized social media scams
Police dismantles HeartSender cyber crime marketplace network
2 Arrested in Takedown of Nulled, Cracked Hacking Forums - SecurityWeek
Two of the world's largest cyber crime forums knocked offline | ITPro
California man steals $50 million using fake investment sites, gets 7 years
US accuses Canadian math prodigy of $65M crypto scheme • The Register
Man Sentenced to 7 Years in Prison for Role in $50M Internet Scam | Tripwire
Charges mount in former ex-Googler's AI theft case • The Register
Thailand cuts power and internet to areas of Myanmar to disrupt scam gangs
Nigeria Touts Cyber Success as African Cyber Crime Rises
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
SparkCat Malware Uses OCR to Extract Crypto Wallet Recovery Phrases from Images
Even the US government can fall victim to cryptojacking | FedScoop
Crazy Evil Gang Targets Crypto with StealC, AMOS, and Angel Drainer Malware
US accuses Canadian math prodigy of $65M crypto scheme • The Register
Lazarus APT targets crypto wallets using cross-platform JavaScript stealer
Insider Risk and Insider Threats
Why employees smuggle AI into work - BBC News
Cyber Criminals Court Traitorous Insiders via Ransom Notes
Charges mount in former ex-Googler's AI theft case • The Register
What you can do to prevent workforce fraud - Help Net Security
How to Root Out Malicious Employees - Security Boulevard
Human error an overlooked cyber risk for SMEs
Insurance
AI, Cyber Crime Perceived as Top Insurance Risks: Kennedys
Cyber Monitoring Centre Introduces ‘Richter Scale’ for Cyber-Attacks - Infosecurity Magazine
UK’s Cyber Monitoring Centre begins incident classification work | Computer Weekly
Supply Chain and Third Parties
Over a dozen firms compromised in BeyondTrust breach | SC Media
Tata Technologies confirms ransomware attack, says investigation still ongoing | TechRadar
Cyberhaven: A Wake-Up Call for Consent Phishing Risks | Grip - Security Boulevard
How to create a third-party risk management policy | TechTarget
Cloud/SaaS
EMEA CISOs Plan 2025 Cloud Security Investment
Microsoft SharePoint Connector Flaw Could've Enabled Credential Theft Across Power Platform
Watch Out For These 8 Cloud Security Shifts in 2025
Here’s all the ways an abandoned cloud instance can cause security issues | CyberScoop
Only 3% of organisations have a dedicated budget for SaaS security - Help Net Security
Chinese 'Infrastructure Laundering' Abuses AWS, Microsoft Cloud
Abandoned AWS Cloud Storage: A Major Cyberattack Vector
Outages
Familiar failings as Barclays outage delays transactions | Today's Conveyancer
Encryption
Cyber Insights 2025: Quantum and the Threat to Encryption - SecurityWeek
If you're not working on quantum-safe encryption now, it's already too late | ZDNET
Linux and Open Source
DaggerFly-Linked Linux Malware Targets Network Appliances - Infosecurity Magazine
Linux Security: Scan Your Servers for Rootkits With Ease - The New Stack
Passwords, Credential Stuffing & Brute Force Attacks
Credential Theft Becomes Cyber Criminals' Favorite Target
Millions Of Password Manager Users On Red Alert—Act Now To Stay Safe
Threefold Increase in Malware Targeting Credential Stores - Infosecurity Magazine
Cyber Criminals Use Go Resty and Node Fetch in 13 Million Password Spraying Attempts
Stop saving your email login info in your password manager | PCWorld
Social Media
These Are the Accounts Most Targeted By Hackers: Here's How to Secure Them
High-profile X Accounts Targeted in Phishing Campaign - Infosecurity Magazine
1-Click Phishing Campaign Targets High-Profile X Accounts
Malvertising
Malvertising Scam Uses Fake Google Ads to Hijack Microsoft Advertising Accounts
Fraudulent Google ads seek to breach Microsoft advertisers’ credentials | SC Media
Regulations, Fines and Legislation
“Vámonos!” Declares DORA, But 43% Of UK Financial Services Say “No”
Infosec pros struggle under growing compliance - Help Net Security
UK Announces “World-First” AI Security Standard - Infosecurity Magazine
It's Time to Consolidate Cyber Security Regulations
Critical Questions For Boards: Are You Prepared For Ransomware?
Musk' DOGE leashed by court after digging up Treasury data • The Register
Protecting the US from hackers apparently isn't in Trump's budget
Ireland responds to EU infringement notice on cyber security directive | Business Post
21% of CISOs Have Been Pressured Not to Report a Compliance Issue
Recent US Executive Order Calls for Encrypting DNS - ISC
Trump’s anti-DEI efforts damage national security, former officials say - Nextgov/FCW
DORA Compliance Must be a Top Priority for US Financial Institutions - Security Boulevard
House Democrats demand answers over DOGE OPM server • The Register
Musk, DOGE Move into Treasury Systems Raises Security, Privacy Concerns | MSSP Alert
The biggest breach of US government data is under way | TechCrunch
Cyber Threat Defence Code of Practice Announced by UK Government | SC Media UK
Talks begin to move National Cyber Security Centre to Department of Justice
Can AI & the Cyber Trust Mark Rebuild Endpoint Confidence?
DeepSeek users could face million-dollar fine and prison time under new law | The Independent
USCG Final Rule on Cyber Security in Marine Transportation
Models, Frameworks and Standards
“Vámonos!” Declares DORA, But 43% Of UK Financial Services Say “No”
Ireland responds to EU infringement notice on cyber security directive | Business Post
DORA Compliance Must be a Top Priority for US Financial Institutions - Security Boulevard
Using the NIST Phish Scale Framework to Detect and Fight Phishing Attacks - Security Boulevard
Careers, Working in Cyber and Information Security
The cyber security skills gap reality: We need to face the challenge of emerging tech | CSO Online
Shaping The Next Generation Of Cyber Security Professionals
The Cyber Security Crisis: Companies Can’t Fill Roles, Workers Shut Out
Under Pressure: Why Companies Must Mitigate the Churn of Cyber Security Leaders - Security Boulevard
Government must address cyber security staffing shortage, NAO warns
Why Diversity Should not be Removed from Cyber in 2025 | SC Media UK
Public sector pay gap threatens UK cyber resilience
The hidden dangers of a toxic cyber security workplace - Help Net Security
Law Enforcement Action and Take Downs
Ransomware Groups Weathered Raids, Profited in 2024
US and Dutch Authorities Dismantle 39 Domains Linked to BEC Fraud Network
DOJ: Over 17M Americans Impacted By Seized Cyber Crime Forums | MSSP Alert
Police dismantles HeartSender cyber crime marketplace network
2 Arrested in Takedown of Nulled, Cracked Hacking Forums - SecurityWeek
California man steals $50 million using fake investment sites, gets 7 years
US accuses Canadian math prodigy of $65M crypto scheme • The Register
Man Sentenced to 7 Years in Prison for Role in $50M Internet Scam | Tripwire
Charges mount in former ex-Googler's AI theft case • The Register
Europol Cracks Down on Global Child Abuse Network “The Com” - Infosecurity Magazine
Thailand cuts power and internet to areas of Myanmar to disrupt scam gangs
Nigeria Touts Cyber Success as African Cyber Crime Rises
Misinformation, Disinformation and Propaganda
Mis/Disinformation: The Skew of Information and Its Impacts on You | AFCEA International
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Britain to boost cyber warfare capabilities
Exploring The Cyber Security Battlefield Of 2025
The Weaponization of Operational Technology
Nation State Actors
China
Video Cyber Security expert discovers DeepSeek using ‘digital fingerprinting technology’ - ABC News
Qualys Report Raises Red Flags In DeepSeek-RI Security
Chinese 'Infrastructure Laundering' Abuses AWS, Microsoft Cloud
Chinese cyber spies use new SSH backdoor in network device hacks
DeepSeek Jailbreak Reveals Its Entire System Prompt
AI jailbreaking techniques prove highly effective against DeepSeek | Computer Weekly
DeepSeek’s Safety Guardrails Failed Every Test Researchers Threw at Its AI Chatbot | WIRED
Texas Governor Orders Ban on DeepSeek, RedNote for Government Devices - SecurityWeek
Australia bans DeepSeek over security... - Mobile World Live
Taiwan Bans DeepSeek AI Over National Security Concerns, Citing Data Leakage Risks
Russia
Sophisticated Phishing Campaign Targets Ukraine’s Largest Bank - Infosecurity Magazine
British PM scrapped ‘dangerously obvious’ email after Russian hacking | Cybernews
7-Zip MotW bypass exploited in zero-day attacks against Ukraine
British PM Keir Starmer’s Personal Email Allegedly Hacked by Russian Operatives
North Korea
North Korean APT Kimsuky Uses forceCopy Malware to Steal Browser-Stored Credentials
North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS
Lazarus APT targets crypto wallets using cross-platform JavaScript stealer
Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence
WhatsApp claims that 100 journalists and activists were the targets of Israeli-made spyware
Meta Confirms Zero-Click WhatsApp Spyware Attack Targeting 90 Journalists, Activists
WhatsApp: Global spyware campaign conducted by Israeli firm | SC Media
Tools and Controls
Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware
Risk Matters: Cyber Risk and AI – The Changing Landscape
Enterprises invest heavily in AI-powered solutions - Help Net Security
EMEA CISOs Plan 2025 Cloud Security Investment
Watch Out For These 8 Cloud Security Shifts in 2025
Here’s all the ways an abandoned cloud instance can cause security issues | CyberScoop
Future of Cyber Security: Will XDR Absorb SIEM & SOAR? | Trend Micro (US)
How AI-driven SOC co-pilots will change security center operations
Only 3% of organisations have a dedicated budget for SaaS security - Help Net Security
The API security crisis and why businesses are at risk - Help Net Security
Beware cyber security tech that’s past its prime — 5 areas to check or retire | CSO Online
Recent US Executive Order Calls for Encrypting DNS - ISC
How to build an effective purple team playbook | TechTarget
Security Teams Pay the Price: The Unfair Reality of Cyber Incidents - SecurityWeek
One breach to rule them all: The security perils of digital consolidation | SC Media
Budgets and Awareness Up, Impersonation Attacks Still Prominent | SC Media UK
Why streamlining cyber security is essential for success - Verdict
How to create a third-party risk management policy | TechTarget
Is Your Antivirus Spying on You? Yes, and Some Are Worse Than Others
What does it mean to build in security from the ground up? • The Register
Why honeypots deserve a spot in your cyber security arsenal | CSO Online
Other News
Cyber Monitoring Centre Introduces ‘Richter Scale’ for Cyber-Attacks - Infosecurity Magazine
The Weaponisation of Operational Technology
Financial sector faces increased cyber security threats
Destructive Attacks on Financial Institutions Surge 13% - Infosecurity Magazine
DNSFilter's Annual Security Report Reveals Worrisome Spike in Malicious DNS Requests
How safe is coffee shop WiFi? | BCS
Build a vulnerability management program with internet exposure in mind | SC Media
One breach to rule them all: The security perils of digital consolidation | SC Media
Threat Actors Target Public-Facing Apps for Initial Access - Infosecurity Magazine
More destructive cyber attacks target financial institutions - Help Net Security
NCSC Issues Guidance to Protect UK Research and Innovation - Infosecurity Magazine
2024: The Year Data Security Took A Beating
NAO warns of severe cyber threat to the UK
Cyber security, government experts are aghast at security failures in DOGE takeover | CyberScoop
Introduce cyber security in schools, experts warn
Financial advisers neglecting cyber security at their own risk
Government must address cyber security staffing shortage, NAO warns
Booking.com’s CISO on Strengthening Security in Travel Sector - Infosecurity Magazine
Vulnerability Management
Navigating the Future: Key IT Vulnerability Management Trends
Transforming Vulnerability Management with Threat Intelligence: A Vision for MSSPs | MSSP Alert
768 CVEs Exploited in 2024, Reflecting a 20% Increase from 639 in 2023
Over 60 percent of enterprise cyber security incidents relate to known risks
Managing Software Risk in a World of Vulnerabilities
Infosec pros: We need CVSS, warts and all | CyberScoop
From credit card fraud to zero-day exploits: Xe Group expanding cyber criminal efforts | CyberScoop
Vulnerabilities
New Veeam Flaw Allows Arbitrary Code Execution via Man-in-the-Middle Attack
A worrying security flaw could have left Microsoft SharePoint users open to attack | TechRadar
Google Patches 47 Android Security Flaws, Including Actively Exploited CVE-2024-53104
Chrome 133, Firefox 135 Patch High-Severity Vulnerabilities - SecurityWeek
Google warns Android users of a kernel flaw under attack • The Register
Critical RCE bug in Microsoft Outlook now exploited in attacks
Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware
Zyxel won’t patch newly exploited flaws in end-of-life routers
Router maker Zyxel tells customers to replace vulnerable hardware exploited by hackers | TechCrunch
CISA Adds Four Actively Exploited Vulnerabilities to KEV Catalog, Urges Fixes by Feb 25
Hackers Exploiting A Six-Year-Old IIS Vulnerability To Gain Remote Access
Cisco Patches Critical ISE Vulnerabilities Enabling Root CmdExec and PrivEsc
AMD patches high severity security flaw affecting Zen chips | TechRadar
Microsoft Patches Critical Azure AI Face Security Bug | MSSP Alert
New Microsoft script updates Windows media with bootkit malware fixes
CISA orders agencies to patch Linux kernel bug exploited in attacks
Cisco Patches Critical Vulnerabilities in Enterprise Security Product - SecurityWeek
BeyondTrust Zero-Day Breach Exposed 17 SaaS Customers via Compromised API Key
7-Zip MotW bypass exploited in zero-day attacks against Ukraine
Netgear warns users to patch critical WiFi router vulnerabilities
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.