Black Arrow Cyber Threat Briefing 07 June 2024
Welcome to this week’s Black Arrow Cyber Threat Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Top Cyber Stories of the Last Week
Urgent Training Gap Exposed as a Quarter of Organisations Provide No Cyber Training to End-Users
A recent survey by Hornetsecurity highlights a concerning gap in IT security training among organisations, with 26% not providing any training to end-users. While 79% of organisations believe their training is moderately effective, 39% admit it fails to address recent AI-powered threats adequately. Notably, 31% of respondents found the training unengaging. The survey also revealed that 23% of organisations experienced a cyber security breach in the past year, leading 94% to implement additional controls. However, 52% of end-users often ignore identified threats, emphasising the need for ongoing, engaging, and adaptive training programmes.
Black Arrow supports organisations of all sizes in designing and delivering proportionate user education and awareness programmes, including in-person and online training as well as simulated phishing campaigns. Our programmes help secure employee engagement and build a cyber security culture to protect the organisation.
UK SMBs Unaware of True Cost of Cyber Attacks, 78% of SMBs Fear Cyber Attacks Could Shut Down Their Business
New research reveals that UK SMBs underestimate the financial impact of cyber attacks by nearly £85,000. SMBs that have not experienced an attack estimate losses at £39,633, while those that have suffered breaches report actual losses at £123,984.
A separate report by ConnectWise reveals that 94% of SMBs have experienced at least one cyber attack in the last year, up from 64% in 2019, highlighting a significant rise in cyber threats. The report shows that 76% of SMBs lack in-house cyber security skills, driving demand for externally sourced third party security experts. Additionally, 78% of SMBs fear a severe cyber attack could jeopardise their operations. The study found that 56% have faced a cyber attack so far this year, with 89% anticipating another within six months. 83% of SMBs plan to increase their cyber security budgets by an average of 19% over the next year to bolster defences.
Major Cyber Crime Networks Dismantled in US and Europe Deemed a Wake-Up Call for Businesses, Although Ransomware Rises Despite Law Enforcement Takedowns
The recent crackdown on cyber crime by the US and Europe underscores the critical need for robust cyber security measures for businesses. The US Department of Justice arrested Chinese national YunHe Wang, who allegedly compromised over 19 million devices, resulting in $5.9 billion in fraudulent claims. Europol simultaneously apprehended key figures in Armenia and Ukraine, dismantling ransomware networks extorting millions in cryptocurrency. Despite these efforts, a recent report from Mandiant reveals a 75% increase in ransomware activity in 2023, with nearly 1,400 victims across 110 countries.
Factors driving this resurgence include new ransomware entrants, partnerships between groups, and the use of remote management tools, which featured in 41% of intrusions. Established groups like ALPHV/BlackCat and LockBit were prominent, but the landscape also saw 50 new ransomware variants, with a trend towards updating existing families rather than creating new ones.
Businesses must adopt comprehensive security training, regular system updates, advanced threat detection, and incident response planning to mitigate these substantial threats.
Companies Need to Be Aware of Cyber Risks Related to Proliferation of IoT, or How the Smart TV in your Office Could Infect Your Whole Business with Malware
A recent report underscores the escalating cyber risks linked to the Internet of Things (IoT), especially for critical infrastructure. Vulnerable legacy IoT devices, often manually updated, pose significant security risks.
Additionally, there is now more malware specifically targeting IoT devices, such as the Pandoraspear malware, which targets smart TVs via free streaming sites accessed on smartphones. This malware turns TVs into part of a botnet for Distributed Denial of Service (DDoS) attacks. The botnet has compromised over 170,000 endpoints, with estimates suggesting it involves 1.3 million unique IP addresses.
These findings highlight the critical need for enhanced cyber security measures to safeguard against IoT threats, including changing default passwords, network isolation, encrypting data, and conducting regular software updates.
CISOs Are Facing a ‘Tsunami of Regulations’; Here’s Why It’s Crucial They Focus on Quantifying Cyber Risk
Recent discussions emphasise the challenges CISOs encounter when trying to quantify cyber risk in the face of an influx of new regulations such as NIS2 in Europe and SEC requirements in the US that are transforming the way security leaders handle risks. CISOs must translate diverse threats into simplified metrics to communicate effectively with boards. The importance of continuous assessment over annual checks to keep up with evolving vulnerabilities cannot be stressed enough. A mature approach involves visibility, prioritisation, communication, and quantification of risks. The focus should be on defending yourself against the attacker by maintaining credible controls, not on defending yourself against the regulator through a weak tick box exercise.
90% of Threats are Social Engineering
The Avast Q1 2024 Threat Report reveals that nearly 90% of threats were social engineering-based, with scams and phishing utilising deepfake technology and hijacked YouTube channels. Over 90% of mobile threats were scams, including adware and banker malware. YouTube was heavily exploited for phishing and crypto scams.
UK Businesses Faced with Month-Long Recoveries from Supply Chain Attacks
New research by BlackBerry shows that 38% of British organisations face month-long recovery times following software supply chain attacks. The survey, involving 200 IT decision-makers, found that 74% of UK IT leaders were notified of supply chain attacks or vulnerabilities in the past year. While regulatory requirements are encouraging proactive monitoring, a lack of technical knowledge and confidence to act on threats persists. Notably, only 22% of organisations perform real-time inventories of their software environment. The impacts of these attacks include financial loss (62%), data loss (59%), and reputational damage (57%).
Account Takeovers Outpace Ransomware as Top Security Concern
A recent survey by Abnormal Security highlights account takeover attacks as the primary threat to organisations. According to the 2024 State of Cloud Account Takeover Attacks Report, 83% of organisations experienced at least one such attack in the past year, with 77% of security leaders ranking them among their top four threats. Nearly half faced these attacks over five times annually, and 20% encountered more than ten incidents. Despite common defences like multi-factor authentication and strong password policies, 63% of respondents doubted MFA’s effectiveness. The survey emphasises the need for solutions offering cross-platform visibility and automated remediation to combat these pervasive threats effectively.
The Impact of Legacy Vulnerabilities in Today's Cyber Security Landscape
Research shows that the vulnerabilities most affecting small to medium sized businesses (SMBs) are older, known vulnerabilities rather than newer highly publicised zero-days. According to SonicWall’s data from January 2022 to March 2024, the top five network attacks included Log4j (43%) and Heartbleed (35%), both of which target vulnerabilities up to a decade old. Despite advancements in AI and novel threats, these older vulnerabilities remain significant risks due to their ease of exploitation and how widespread they continue to be. SMBs, especially in critical industries, are advised to utilise industry-leading tools and automated patches, ensuring robust cyber security measures against both old and new threats.
Nearly All FTSE 100 Companies Exposed to Third and Fourth-Party Breaches
A recent report by SecurityScorecard reveals that virtually all FTSE 100 companies had suppliers experiencing breaches in the past year. The UK Top 100 Companies: Cybersecurity Threat Report graded firms A-F based on factors predicting a security breach. While UK firms generally scored higher than their continental counterparts, 97% had breaches in their third-party ecosystem. This shows the increasing threat of supply chain attacks, with 97% also experiencing fourth-party breaches. Notably, the energy and basic materials sectors were the most secure, with only 12% and 16% reporting third-party breaches, respectively, while the communications sector had the lowest security posture.
Snowflake Denies Breach, Blames Data Theft on Poorly Secured Customer Accounts
Recent incidents involving cloud storage provider Snowflake highlights the risks associated with compromised credentials. A threat actor claimed to have breached Snowflake’s infrastructure, accessing data from Santander, Ticketmaster and others. However, Snowflake maintains that the theft resulted from stolen customer login details, not a vulnerability or misconfiguration in their system. Snowflake’s CISO clarified that a former employee's demo account was accessed, which was not protected by two-factor authentication (2FA). Santander confirmed a third-party database breach, and Ticketmaster identified unauthorised activity in a Snowflake-hosted database. Snowflake, alongside Crowdstrike and Mandiant, found no evidence implicating Snowflake's platform itself.
97 percent of Security Experts Worry about AI Security Related Threats and Incidents
A new report from Deep Instinct reveals that 97% of security professionals fear AI-generated security incidents, prompting 75% to alter their cyber security strategies over the past year, with 73% focusing more on prevention. The survey of 500 senior experts from large enterprises also shows a 61% rise in deepfake incidents, primarily targeting CEOs and C-suite members. Stress levels have increased for 66% of cyber security professionals due to these threats. Despite 41% relying on endpoint detection and response (EDR) solutions, only 31% plan to boost EDR investments, while 53% feel board pressure to adopt preventative tools against AI threats. This report highlights the need for predictive prevention to enhance resilience.
85% of Managed Service and Security Providers Face “Significant” Challenges Maintaining Security Compliance for Clients
Recent reports by Apptega and Sophos reveals that 85% of managed service providers (MSPs) face significant challenges in maintaining compliance for customers due to resource, expertise, and technology gaps. The MSP Perspectives 2024 survey reveals that MSPs struggle to keep pace with evolving threats and industry trends, with 91% of ransomware attacks occurring outside business hours.
Cyber Attack Causes Critical Incident in London Hospitals with Operations Cancelled and Emergency Patients Diverted
Major hospitals in London declared a critical incident earlier in the week after a cyber attack led to operations being cancelled and emergency patients being diverted elsewhere. It applies to hospitals partnered with Synnovis, a provider of pathology services which suffered a ransomware attack linked to Russian threat actors. King’s College Hospital, Guy’s and St Thomas’, the Royal Brompton and the Evelina London Children’s Hospital, as well as primary care services, were among those affected.
The incident has had a "major impact" on the delivery of services, especially blood transfusions and test results. Some procedures were cancelled or were redirected to other NHS providers as the hospitals tried to establish what work can be carried out safely.
Sources:
https://www.commsbusiness.co.uk/content/news/uk-smes-unaware-of-the-true-cost-of-cyberattacks
https://www.helpnetsecurity.com/2024/06/06/smbs-cyberattack-frequency/
https://www.infosecurity-magazine.com/news/ransomware-rise-2023-mandiant/
https://www.insurancejournal.com/news/international/2024/06/06/778306.htm
https://www.helpnetsecurity.com/2024/06/06/social-engineering-threats-video/
https://www.infosecurity-magazine.com/news/uk-businesses-recoveries-supply/
https://www.infosecurity-magazine.com/news/ato-outpace-ransomware-top/
https://www.techradar.com/pro/the-impact-of-legacy-vulnerabilities-in-todays-cybersecurity-landscape
https://www.infosecurity-magazine.com/news/ftse-100-exposed-third-fourth/
https://www.helpnetsecurity.com/2024/06/01/snowflake-breach-data-theft/
https://betanews.com/2024/06/03/97-percent-of-organizations-worried-about-ai-security-threats/
https://www.businesswire.com/news/home/20240605033270/en
https://www.bbc.co.uk/news/articles/c288n8rkpvno
https://securityaffairs.com/164142/cyber-crime/ransomware-attack-synnovis-london-hospitals.html
Governance, Risk and Compliance
78% of SMBs fear cyber attacks could shut down their business - Help Net Security
26% of organisations lack any form of IT security training - Help Net Security
Cyber attacks on financial services firms hit 20m people in 2023 - CIR Magazine
Small Firms Need to Stretch Security Budgets - Infosecurity Magazine (infosecurity-magazine.com)
Microsoft: weak cyber defences set to hit economic growth (cityam.com)
How to Prove Security Effectiveness with a Cyber Security Board Report - Security Boulevard
Skills shortages exposing MSPs to security risks | Microscope (computerweekly.com)
Is your workplace ‘cyber savvy’? (siliconrepublic.com)
Governance Essentials for Businesses in the AI Era | News | GRC World Forums
49% of organisations feel somewhat prepared to handle a breach | Security Magazine
Mastering Cyber Risk Quantification Methods: A Strategic Approach - Security Boulevard
Deciding cyber security spend: how much is enough? | Propertymark
Effective Incident Response: A Cyber Security Playbook for Executives - Security Boulevard
1/3 of CISOs in the UK ignore NCSC cyber security guidance (verdict.co.uk)
4 communication mistakes to avoid during a data breach - PR Daily
80 percent of organisations not ready for CISA rules on security practices (betanews.com)
Threats
Ransomware, Extortion and Destructive Attacks
RansomHub extortion gang linked to now-defunct Knight ransomware (bleepingcomputer.com)
RansomHub Actors Exploit ZeroLogon Vuln in Recent Ransomware Attacks (darkreading.com)
FBI recovers 7,000 LockBit keys, urges ransomware victims to reach out (bleepingcomputer.com)
Security industry has ransomware-as-a-service model wrong, says expert | SC Media (scmagazine.com)
'Fog' Ransomware Rolls in to Target Education, Recreation Sectors (darkreading.com)
New Gitloker attacks wipe GitHub repos in extortion scheme (bleepingcomputer.com)
Cyber insurance isn't the answer for ransom payments - Help Net Security
Linux version of TargetCompany ransomware focuses on VMware ESXi (bleepingcomputer.com)
What is ransomware? 7 things you must know before it's too late | PCWorld
Ransomware Victims
MediSecure in administration just weeks after confirming large cyber attack - ABC News
A ransomware attack on Synnovis impacted several London hospitals (securityaffairs.com)
Consulting Firm Greylock Hit With Ransomware Attack Class Action (bloomberglaw.com)
RansomHub gang claims the hack of Frontier Communications (securityaffairs.com)
Christie's avoids leak of stolen data, is sold instead • The Register
FBI recovers 7,000 LockBit keys, urges ransomware victims to reach out (bleepingcomputer.com)
Ransomware ravaged schools and cities in May | TechTarget
What If The Scathing UnitedHealth Cyber Rebuke Was Yours? (forbes.com)
Hack of UK Hospitals Highlights Growing Threat (itprotoday.com)
UK School Forced to Close Following Cyber Attack - Infosecurity Magazine (infosecurity-magazine.com)
Ransomware Gang Leaks Data From Australian Mining Company - Security Week
Phishing & Email Based Attacks
90% of threats are social engineering - Help Net Security
AI Will Increase the Quantity—and Quality—of Phishing Scams - Schneier on Security
New V3B phishing kit targets customers of 54 European banks (bleepingcomputer.com)
AI vs. human deceit: Unravelling the new age of phishing tactics (securityintelligence.com)
Microsoft: The brand attackers love to imitate | CSO Online
AI fuels rise in attacks from ‘unsophisticated threat actors,’ federal cyber leaders say | FedScoop
Why your inbox is still so bad at blocking malware and spam - 9to5Mac
The Art of Hooking the Phish: Educating Users Without Scaring Them (thefastmode.com)
BEC
90% of threats are social engineering - Help Net Security
US Authorities Attempting to Recover $5.3 Million Stolen in BEC Scam - Security Week
Other Social Engineering
Have you answered a spam call by accident? Your next move is extremely important
Artificial Intelligence
AI Will Increase the Quantity—and Quality—of Phishing Scams - Schneier on Security
AI vs. human deceit: Unravelling the new age of phishing tactics (securityintelligence.com)
97% of security experts worry about AI-related security incidents | Security Magazine
Coinbase's top cyber exec warns deepfake threat is growing | Fortune Crypto
Five AI-based threats security pros need to understand | SC Media (scmagazine.com)
AI fuels rise in attacks from ‘unsophisticated threat actors,’ federal cyber leaders say | FedScoop
Forrester report highlights 2024 IAM trends & AI impact (securitybrief.co.nz)
ChatGPT privacy tips: Two important ways to limit the data you share with OpenAI | ZDNET
AI Company Hugging Face Detects Unauthorized Access to Its Spaces Platform (thehackernews.com)
2FA/MFA
Snowflake’s Lack of MFA Control Leaves Companies Vulnerable, Experts Say (informationweek.com)
What is MFA bombing? Apple users were targeted using this phishing technique (securitybrief.co.nz)
Security keys unlock nothing but inconvenience (techmonitor.ai)
Malware
FlyingYeti APT Serves Up Cookbox Malware Using WinRAR (darkreading.com)
Russian Hackers Target Europe with HeadLace Malware and Credential Harvesting (thehackernews.com)
Europol identifies 8 cyber criminals tied to malware loader botnets (bleepingcomputer.com)
Europol's Hunt Begins for Emotet Malware Mastermind (darkreading.com)
Beware: Fake Browser Updates Deliver BitRAT and Lumma Stealer Malware (thehackernews.com)
DarkGate Malware Replaces AutoIt with AutoHotkey in Latest Cyber Attacks (thehackernews.com)
Ukrainian Systems Hit by Cobalt Strike Via a Malicious Excel File (darkreading.com)
Russian Power Companies, IT Firms, and Govt Agencies Hit by Decoy Dog Trojan (thehackernews.com)
Comms Business - Malware targeting endpoints on the rise, finds report
Non-mobile malware statistics, Q1 2024 | Securelist
Stealthier DarkGate malware campaign emerges | SC Media (scmagazine.com)
Hackers Exploit Legitimate Packer Software to Spread Malware Undetected (thehackernews.com)
Mobile
The NSA advises you to turn your phone off and back on once a week - here's why | ZDNET
37 Vulnerabilities Patched in Android - Security Week
361 million account credentials leaked on Telegram: Are yours among them? - Help Net Security
Android malware and unwanted software statistics for Q1 2024 | Securelist
Denial of Service/DoS/DDOS
Conflicts Drive DDoS Attacks Surge in EMEA - Infosecurity Magazine (infosecurity-magazine.com)
Internet of Things – IoT
Companies Need to Be Aware of Cyber Risks Related to Proliferation of IoT (insurancejournal.com)
That smart TV in your office could be infecting your whole business with malware | TechRadar
Over 600,000 SOHO routers were destroyed by Chalubo malware in 72 hours (securityaffairs.com)
Data Breaches/Leaks
The Ticketmaster Data Breach May Be Just the Beginning | WIRED
Ticketmaster confirms massive breach after stolen data for sale online (bleepingcomputer.com)
Snowflake denies breach, blames data theft on poorly secured customer accounts - Help Net Security
Snowflake account hacks linked to Santander, Ticketmaster breaches (bleepingcomputer.com)
Snowflake’s Lack of MFA Control Leaves Companies Vulnerable, Experts Say (informationweek.com)
The Snowflake Attack May Be Turning Into One of the Largest Data Breaches Ever | WIRED
The Billericay School pupils have details exposed in cyber attack - BBC News
Crooks threaten to leak 2.9B records of personal info • The Register
Threat actor considers leaking 3B records from background check firm | SC Media (scmagazine.com)
Secrets Exposed in Hugging Face Hack - Security Week
Google's hidden logs detail thousands of privacy breaches - CyberGuy
Blackbaud Class Action Lawsuit Denied by Federal Court | MSSP Alert
Club Penguin fans breached Disney Confluence server, stole 2.5GB of data (bleepingcomputer.com)
Check-in terminals used by thousands of hotels leak guest info (bleepingcomputer.com)
Debt Collector Data Breach Exposes Data on 3 Million+ Americans | PCMag
Nearly 400,000 affected by data breach at eye care management services company (therecord.media)
Over 2.5 billion free Android VPN users at risk of data leaks | TechRadar
Advance Auto Parts stolen data for sale after Snowflake attack (bleepingcomputer.com)
Organised Crime & Criminal Actors
International Cyber Crime Ringleaders Arrested In Armenia, Ukraine – Eurasia Review
Authorities Ramp Up Efforts to Capture the Mastermind Behind Emotet (thehackernews.com)
4 cuffed following probe into holiday scheme for cyber crooks • The Register
Security industry has ransomware-as-a-service model wrong, says expert | SC Media (scmagazine.com)
Why Hackers Love Logs - Security Week
Police dismantle pirated TV streaming network that made $5.7 million (bleepingcomputer.com)
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Hackers exploit Chrome plugin to steal millions from Binance accounts (cointelegraph.com)
Microsoft India’s X account hijacked in Roaring Kitty crypto scam (bleepingcomputer.com)
Commando Cat: A Novel Cryptojacking Attack Abusing Docker Remote API Servers | Trend Micro (US)
Insider Risk and Insider Threats
4 Tips For Strengthening Data Security Through The Human Firewall (forbes.com)
Insurance
Cyber insurance isn't the answer for ransom payments - Help Net Security
The top three cyber policy gaps - Insurance News | InsuranceNewsNet
Supply Chain and Third Parties
Third-party vendors pose serious cyber security threat to national security - Help Net Security
London NHS hospitals revert to paper records after cyber attack | NHS | The Guardian
Third-party software supply chain threats continue to plague CISOs | CSO Online
Ticketmaster Breach Showcases SaaS Data Security Risks (darkreading.com)
Basic cyber security can protect from rising supply chain attacks | TechRadar
Advance Auto Parts stolen data for sale after Snowflake attack (bleepingcomputer.com)
Cloud/SaaS
Snowflake denies breach, blames data theft on poorly secured customer accounts - Help Net Security
Snowflake account hacks linked to Santander, Ticketmaster breaches (bleepingcomputer.com)
Snowflake Recommends Customers Take Steps to Prevent Unauthorized Access | CISA
2024-State-of-Multicloud-Security-Risk-Report.pdf (microsoft.com)
Shadow IT and Zombie Accounts: Sabotaging Your SaaS Security - Security Boulevard
Azure Service Tags tagged as security risk, Microsoft disagrees (bleepingcomputer.com)
Identity and Access Management
The Top Trends Shaping Identity And Access Management I... | Forrester
Why (and how) threat actors target your Active Directory (bleepingcomputer.com)
Encryption
WhatsApp encryption isn't the problem, metadata is | TechRadar
Using entangled particles to create unbreakable encryption (phys.org)
Linux and Open Source
CISA warns of actively exploited Linux privilege elevation flaw (bleepingcomputer.com)
Passwords, Credential Stuffing & Brute Force Attacks
Russian Hackers Target Europe with HeadLace Malware and Credential Harvesting (thehackernews.com)
Understanding Credential Phishing - Security Boulevard
Should Employee Password Management Be Mandatory? (forbes.com)
361 million account credentials leaked on Telegram: Are yours among them? - Help Net Security
Prevent Account Takeover with Better Password Security (thehackernews.com)
Security keys unlock nothing but inconvenience (techmonitor.ai)
Social Media
Microsoft India’s X account hijacked in Roaring Kitty crypto scam (bleepingcomputer.com)
TikTok fixes zero-day bug used to hijack high-profile accounts (bleepingcomputer.com)
Donald Trump Joins TikTok, App He Tried to Ban as President (variety.com)
Malvertising
Google Chrome’s plan to limit ad blocking extensions kicks off next week | Ars Technica
Training, Education and Awareness
26% of organisations lack any form of IT security training - Help Net Security
Is your workplace ‘cyber savvy’? (siliconrepublic.com)
4 Tips For Strengthening Data Security Through The Human Firewall (forbes.com)
The Art of Hooking the Phish: Educating Users Without Scaring Them (thefastmode.com)
Regulations, Fines and Legislation
Here’s what a US surveillance law means for European data privacy | Euronews
80 percent of organisations not ready for CISA rules on security practices (betanews.com)
Data Protection
Here’s what a US surveillance law means for European data privacy | Euronews
Careers, Working in Cyber and Information Security
Narrowing the Stubborn Cyber Security Worker Gap - Security Boulevard
What is a typical day like as an SOC analyst? (siliconrepublic.com)
Law Enforcement Action and Take Downs
Europol identifies 8 cyber criminals tied to malware loader botnets (bleepingcomputer.com)
Authorities Ramp Up Efforts to Capture the Mastermind Behind Emotet (thehackernews.com)
4 cuffed following probe into holiday scheme for cyber crooks • The Register
Police dismantle pirated TV streaming network that made $5.7 million (bleepingcomputer.com)
Misinformation, Disinformation and Propaganda
Poland Suspects Russia Behind False PAP Story on Mobilization (bloomberglaw.com)
Information Warfare: The Future Is Here | Proceedings - June 2024 Vol. 150/6/1,456 (usni.org)
Microsoft Security is warning of Russian misinformation campaigns during the 2024 Olympics - Neowin
Fake Tom Cruise warns of violence at Paris Olympics in pro-Russian info op | CyberScoop
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Information Warfare: The Future Is Here | Proceedings - June 2024 Vol. 150/6/1,456 (usni.org)
Conflicts Drive DDoS Attacks Surge in EMEA - Infosecurity Magazine (infosecurity-magazine.com)
Cyber Attacks and the Risk of Real War: A NATO Perspective - Defence News | The Financial Express
Nation State Actors
China
China outsourcing its cyber attacks to hackers-for-hire - Asia Times
Donald Trump Joins TikTok, App He Tried to Ban as President (variety.com)
Russia
Russian Hackers Target Europe with HeadLace Malware and Credential Harvesting (thehackernews.com)
Europe subjected to multi-phase APT28 cyberespionage attacks | SC Media (scmagazine.com)
Poland Suspects Russia Behind False PAP Story on Mobilization (bloomberglaw.com)
FlyingYeti APT Serves Up Cookbox Malware Using WinRAR (darkreading.com)
Ukrainian Systems Hit by Cobalt Strike Via a Malicious Excel File (darkreading.com)
Pro-Russia group claims responsibility for cyber attacks on first day of EU elections | Euronews
Poland sees ‘Russian cyber attack’ behind fake military draft report – Euractiv
Russia jams Elon Musk’s Starlink sats in Ukraine for the first time (interestingengineering.com)
Microsoft Security is warning of Russian misinformation campaigns during the 2024 Olympics - Neowin
Fake Tom Cruise warns of violence at Paris Olympics in pro-Russian info op | CyberScoop
Poland launches investigation into Russian, Belarusian political influence (voanews.com)
Polish government will spend more than $ 3 billion on cyber security - BiznesAlert EN
Russian Power Companies, IT Firms, and Govt Agencies Hit by Decoy Dog Trojan (thehackernews.com)
Russian hackers claim cyber attack on Spanish defence company | Reuters
Iran
North Korea
A US Company Enabled a North Korean Scam That Raised Money for WMDs | WIRED
Tools and Controls
26% of organisations lack any form of IT security training - Help Net Security
How to Prove Security Effectiveness with a Cyber Security Board Report - Security Boulevard
Mastering Cyber Risk Quantification Methods: A Strategic Approach - Security Boulevard
Should Employee Password Management Be Mandatory? (forbes.com)
Security challenges mount as companies handle thousands of APIs - Help Net Security
Comms Business - Malware targeting endpoints on the rise, finds report
Why Hackers Love Logs - Security Week
Security experts call for unity again... - Mobile World Live
The Top Trends Shaping Identity And Access Management I... | Forrester
Lawyers Ask Forensics Investigators for Help Outside Cyber Security (darkreading.com)
Why (and how) threat actors target your Active Directory (bleepingcomputer.com)
4 Tips For Strengthening Data Security Through The Human Firewall (forbes.com)
The Art of Hooking the Phish: Educating Users Without Scaring Them (thefastmode.com)
Deciding cyber security spend: how much is enough? | Propertymark
Effective Incident Response: A Cyber Security Playbook for Executives - Security Boulevard
4 communication mistakes to avoid during a data breach - PR Daily
Reports Published in the Last Week
The Top Trends Shaping Identity And Access Management I... | Forrester
2024-State-of-Multicloud-Security-Risk-Report.pdf (microsoft.com)
Other News
Cyber attacks on financial services firms hit 20m people in 2023 - CIR Magazine
National infrastructure cyber attacks ‘have increased dramatically’ (power-technology.com)
What Cyber Security Memes Reveal About the Industry (itprotoday.com)
What Could Possibly Go Wrong?: New Study Examines Aftermath of Cyber Attacks | HealthLeaders Media
Security experts call for unity again... - Mobile World Live
Achieving Cyber Security in Finance Through Collaborative Efforts (finextra.com)
Lawyers Ask Forensics Investigators for Help Outside Cyber Security (darkreading.com)
Apple refused to pay bug bounty to Russian cyber security firm Kaspersky Lab (therecord.media)
A Major Industrial Cyber Security Threat: Living off the Land Attacks - Security Boulevard
Germany: Major hack targets center-right CDU party – DW – 06/01/2024
Public sector security debt is becoming a pervasive issue | ITPro
New Military Program Aids Cyber Defences in Latin America and the Caribbean | AFCEA International
Moldova Cracks Down On Interpol Evasion Scheme With Help From France, US, Britain (rferl.org)
Vulnerability Management
The impact of legacy vulnerabilities in today's cyber security landscape | TechRadar
NIST turns to IT consultants to help clear NVD backlog • The Register
Vulnerabilities
Exploitation of Recent Check Point VPN Zero-Day Soars - Security Week
CISA warns of actively exploited Linux privilege elevation flaw (bleepingcomputer.com)
Critical Apache Log4j2 flaw still threatens global finance - Security Affairs
FlyingYeti APT Serves Up Cookbox Malware Using WinRAR (darkreading.com)
High-risk Atlassian Confluence RCE fixed, PoC available (CVE-2024-21683) - Help Net Security
Researcher Uncovers Flaws in Cox Modems, Potentially Impacting Millions (thehackernews.com)
37 Vulnerabilities Patched in Android - Security Week
PoC Exploit Released for macOS Root Access Vulnerability (cybersecuritynews.com)
Cisco addressed Webex flaws used to compromise German government meetings (securityaffairs.com)
RansomHub Actors Exploit ZeroLogon Vuln in Recent Ransomware Attacks (darkreading.com)
CISA says 'patch now' to 7-year-old Oracle WebLogic bug • The Register
Azure Service Tags tagged as security risk, Microsoft disagrees (bleepingcomputer.com)
Critical Progress Telerik vulnerability under attack | TechTarget
TikTok fixes zero-day bug used to hijack high-profile accounts (bleepingcomputer.com)
Zyxel Releases Patches for Firmware Vulnerabilities in EoL NAS Models (thehackernews.com)
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
As usual, contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.