Black Arrow Cyber Threat Intelligence Briefing 10 January 2025

Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.

Exec Summary

Cyber security remains a critical priority for organisations in 2025, with evolving threats demanding stronger leadership, governance, and proactive resilience measures. Phishing click rates surged by 190% in 2024, with cloud applications as primary targets and a shift in attack vectors from email to search engines and malicious ads. Meanwhile, ransomware inflicted $133.5 million in payouts, and insider threats posed complex risks, exacerbated by generative AI-enabled scams. Addressing these challenges requires a combination of advanced defences like zero trust architectures, improved governance frameworks, and clarity in communication to bridge knowledge gaps at the board level.

Governance is under heightened scrutiny as systemic risks grow. Only 26% of Europe’s top companies earned high ratings for cyber security resilience, while regulatory pressures, such as the EU’s DORA, underline the urgency for improved third-party risk management and operational resilience. Boards must prioritise expertise, particularly in AI, as gaps persist despite incremental progress. Leaders should integrate risk management across infrastructures to address geopolitical cyber warfare threats, emphasising supply chain security and AI-driven defences.

To sustain resilience, organisations must embed adaptability, automate responses, and foster cross-departmental collaboration. Strategic investments in skilled talent, incident readiness, and emerging technologies will help to ensure businesses not only survive but thrive amidst escalating cyber threats.


Top Cyber Stories of the Last Week

Phishing Click Rates Triple in 2024

Phishing click rates surged by 190% in 2024, with over eight in 1,000 users clicking phishing links monthly, according to Netskope. Cloud applications were the top targets (27%), primarily aiming to compromise accounts for illicit resale, of which Microsoft was the most targeted brand (42% of clicks), followed by banking (17%) and telco (13%) sectors. A shift was noted in phishing link locations from email-based attacks to search engines using SEO poisoning and malicious ads. Meanwhile, workplace adoption of GenAI apps rose to 94%, with organisations implementing controls such as app blocking (73%) and data loss prevention (45%).

What Boards Need to Know on Digital and Cyber Security Governance In 2025

In 2025, boardroom oversight of digital and cyber security will face increased scrutiny and expectations as systemic risks continue to grow. In 2024, cyber incidents cost UnitedHealth Group $2.5 billion and drove a 40% stock price drop at Crowdstrike, underlining the escalating consequences of poor governance. While 25% of S&P 500 directors now have cyber security expertise, up from 12% in 2020, gaps remain: 79% of boards report limited or no AI experience. Regulatory pressure, such as the European Central Bank (ECB) mandatory cyber expertise for bank boards, and frameworks like NIST CSF 2.0, signal the shift towards systemic reforms in boardroom governance.

Only 26% of Europe’s Top Companies Earn a High Rating for Cyber Security

A report by SecurityScorecard reveals that only 26% of Europe’s top 100 companies earn an A rating for cyber security resilience, with organisations rated A being 13.8 times less likely to experience a breach than those rated F. 98% of European companies faced third-party breaches in the past year, and 18% reported direct breaches, exposing gaps in internal defences. The energy sector lags significantly, with 75% of companies rated C or lower, while Scandinavian firms lead with only 20% scoring below B. As the EU’s DORA deadline looms, prioritising third-party risk management is critical for strengthening operational resilience.

Breach Readiness: Elevating Your Security Posture in a Constantly Evolving Threat Landscape

Organisations must now recognise that breaches are highly prevalent in today’s threat landscape, driven by increasingly sophisticated cyber attacks. Traditional perimeter-based defences, while essential, are no longer sufficient on their own. To mitigate the impact of inevitable breaches, adopting a zero trust approach and embedding microsegmentation can limit attackers’ movement within a network, reducing harm and operational disruption. While implementing such strategies demands cross-departmental collaboration and mindset shifts, gradual adoption can ease operational impacts. By becoming ‘breach ready’, organisations can maintain resilience, protect their reputation, and safeguard business continuity even in the face of persistent threats.

Ransomware Shock: $133 Million Paid, 195 Million Records Compromised

Ransomware continues to pose a significant threat to organisations globally, with a 2024 report revealing over 1,200 confirmed attacks and more than 195 million records compromised. Ransom payments reached $133.5 million, with an average payout of $9.5 million. Key sectors affected include business, healthcare, and government, while education saw a slight decline in incidents. Despite early signs of decreasing activity, ransomware attacks surged towards the end of the year, and experts warn of continued large-scale disruptions and data breaches in 2025. The lack of mandatory reporting in many regions further obscures the true scale of the threat.

Operational Incident Reporting: UK Financial Regulators Propose New Rules

UK financial regulators, including the FCA and PRA, are consulting on new operational incident reporting rules to strengthen operational resilience across the financial sector. The proposals aim to clarify when and how firms must report incidents such as IT outages or cyber attacks, focusing on consumer harm, market integrity, and safety risks. Firms would need to submit initial, intermediate, and final reports for each incident. Additionally, material third-party arrangements would require annual updates. These changes align with international standards like the EU’s DORA, and regulators may pursue enforcement for non-compliance. The consultation closes in March 2025.

Insider Threat: Tackling the Complex Challenges of the Enemy Within

Insider threats represent a growing challenge for organisations, with risks ranging from financial fraud and intellectual property theft to national security breaches. High-profile cases demonstrate how malicious insiders, such as bribed employees or malcontent staff, exploit weak detection systems. Sophisticated hiring scams, including the use of false identities, are increasingly enabled by generative AI. Prevention efforts include robust background checks, network anomaly detection, and sentiment analysis, but these methods are not foolproof. As technology evolves, organisations must balance effective detection with legal and ethical considerations to mitigate these complex and evolving risks.

The Big Question: Are Businesses Now in the Front Line for Cyber Warfare?

Recent reports highlight a growing shift towards cyber warfare, with businesses increasingly on the frontline of nation-state cyber attacks. The evolving threat landscape is driven by geopolitical tensions, with critical infrastructure, supply chains, and even civilian services becoming primary targets. Experts warn of a rise in AI-driven cyber weapons capable of bypassing defences and amplifying the scale of attacks. Organisations face heightened risks as ransomware evolves into a political weapon and the proliferation of IoT devices creates new vulnerabilities. A unified approach to security, integrating risk management across infrastructures, is essential to address the escalating threats in 2025.

How Cyber Security Jargon Creates Barriers and Wastes Resources

The cyber security industry, growing at 20% year-on-year, faces a critical communication challenge. Over-reliance on jargon and acronyms hinders understanding and creates barriers, particularly at the board level. Complex terms often obscure what tools do, limiting funding and leaving organisations vulnerable to cyber attacks. A shift toward clear, actionable language, focusing on securing source code, runtime applications, cloud environments, and supply chains, can break down silos and improve integration into development processes. By fostering clarity and inclusivity, organisations can better align security strategies with business priorities, ensuring both protection and efficiency.

Scammers Exploit Microsoft 365 to Target PayPal Users

Fortinet has identified a phishing attack exploiting PayPal's money request feature, leveraging Microsoft 365's Sender Rewrite Scheme (SRS) to bypass email authentication and deceive recipients. The scam involves legitimate-looking payment requests, making them hard to distinguish from genuine communications. Victims who follow the provided link risk granting scammers access to their PayPal accounts. Fortinet highlights the importance of employee education, robust data loss prevention (DLP) rules, and advanced AI-driven detection tools to identify unusual patterns, such as group messaging anomalies, and mitigate these increasingly sophisticated threats. Organisations must prioritise vigilance and proactive defences to combat such risks.

Five Ways to Make Cyber Security Resilience More Than Just a Buzzword

Organisations must shift from reactive approaches to a sustainable cyber security strategy to build true resilience. This means not just addressing immediate threats but embedding adaptability into core systems, enabling defences to evolve with emerging risks. Key measures include automating responses for agility, implementing zero trust architectures, and continuously improving through learning and self-healing mechanisms. By prioritising proactive preparation and fostering a culture of shared responsibility, businesses can move beyond survival to thrive amidst uncertainty, ensuring their defences are robust, adaptable, and future proof.

Meet the Chinese ‘Typhoon’ Hackers Preparing for War

Chinese state-sponsored hacking groups, labelled collectively as the "Typhoon" family, have emerged as a significant cyber security threat to the West, targeting critical infrastructure sectors like water, energy, and transportation. These groups, including Volt Typhoon, Flax Typhoon, and Salt Typhoon, have engaged in deep infiltration to prepare for potential disruptive cyber attacks. Notable incidents include the dismantling of botnets used to mask malicious activities, with over 100 intrusions identified by early 2025. Recent breaches by Salt Typhoon targeted telecoms, exposing sensitive communications data, including law enforcement surveillance systems, underscoring the escalating strategic risks posed by these operations.

The Cyber Security Priorities For 2025: What Leaders Should Focus On

A recent analysis highlights the evolving cyber security priorities for 2025, emphasising the critical role of leadership in driving resilience. As cyber threats become increasingly sophisticated, AI-driven attacks and supply chain vulnerabilities are top concerns, alongside stricter data privacy regulations. Leaders are encouraged to adopt zero trust principles, invest in skilled talent, and align security strategies with business objectives. Preparing for quantum computing’s impact on encryption is also vital. Practical steps include regular incident response testing, vendor risk assessments, and fostering a security-first culture. Effective leadership can turn robust cyber security into a competitive advantage.

Sources:

https://www.infosecurity-magazine.com/news/phishing-click-rates-triple/

https://www.forbes.com/sites/bobzukis/2025/01/09/what-boards-need-to-know-on-digital-and-cybersecurity-governance-in-2025/

https://www.helpnetsecurity.com/2025/01/06/european-companies-cybersecurity-rating/

https://securityboulevard.com/2025/01/breach-readiness-elevating-your-security-posture-in-a-constantly-evolving-threat-landscape/

https://www.forbes.com/sites/daveywinder/2025/01/09/ransomware-shock-133-million-paid-195-million-records-compromised/

https://www.jdsupra.com/legalnews/operational-incident-reporting-uk-2347989/

https://www.securityweek.com/insider-threat-tackling-the-complex-challenges-of-the-enemy-within/

https://www.emergingrisks.co.uk/the-big-question-are-businesses-now-in-the-front-line-for-cyberwarfare/

https://www.techradar.com/pro/how-cybersecurity-jargon-creates-barriers-and-wastes-resources

https://www.infosecurity-magazine.com/news/scammers-exploit-microsoft365/

https://www.scworld.com/perspective/five-ways-to-make-cybersecurity-resilience-more-than-just-a-buzzword

https://techcrunch.com/2025/01/06/meet-the-chinese-typhoon-hackers-preparing-for-war/

https://www.forbes.com/sites/andrewhayeurope/2025/01/06/the-cybersecurity-priorities-for-2025-what-leaders-should-focus-on/  



Threats

Ransomware, Extortion and Destructive Attacks

Ransomware Shock—$133 Million Paid, 195 Million Records Compromised

Ransomware attacks against critical infrastructure exceed 2K in a decade | SC Media

From $22M in Ransom to +100M Stolen Records: 2025's All-Star SaaS Threat Actors to Watch

Important Preventative Strategies For Avoiding And Recovering From Ransomware Threats

Space Bears Ransomware: What You Need To Know | Tripwire

Ransomware attacks on education declined in 2024, report shows | StateScoop

How to Protect Against Ransomware: Everything You Need to Know

Ransomware Victims

New York Hospital Says Ransomware Attack Data Breach Impacts 670,000 - SecurityWeek

Atos confirms third-party breach but rejects direct Space Bears compromise | SC Media

PowerSchool Reportedly Pays Ransom to Prevent Student Data Leak - Infosecurity Magazine

IT Giant Atos Responds to Ransomware Group's Data Theft Claims - SecurityWeek

Hackers release files stolen in cyberattack on Rhode Island benefits system | StateScoop

Dental Practice Pays State in Alleged Data Breach 'Cover Up'

American Addiction Centers Hit with PHI Breach Class Action | Robinson+Cole Data Privacy + Security Insider - JDSupra

Almost 8500 People Affected By Casio Data Leak

Ransomware Targeting Infrastructure Hits Telecom Namibia

Phishing & Email Based Attacks

Phishing Click Rates Triple in 2024 - Infosecurity Magazine

The top target for phishing campaigns - Help Net Security

iPhones more affected than Android smartphones by a certain kind of cyber attack - NotebookCheck.net News

Meet PhishWP – The New WordPress Plugin That’s Turning Legit Sites into Phishing Traps - Security Boulevard

Russian hackers turn trusted online stores into phishing pages | CSO Online

Fortinet warns of sophisticated phishing campaign exploiting Microsoft 365 domains - SiliconANGLE

Scammers Exploit Microsoft 365 to Target PayPal Users - Infosecurity Magazine

Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections

How to protect yourself from phishing attacks in Chrome and Firefox | ZDNET

Other Social Engineering

Fake Government Officials Use Remote Access Tools for Card Fraud - Infosecurity Magazine

Artificial Intelligence

Report: AI and security governance remain top priorities for 2025 - SD Times

Google Chrome AI extensions deliver info-stealing malware in broad attack | Malwarebytes

Cloud, AI, and cybersecurity converge on fintech landscape | SC Media

A NATO-backed startup says agentic malware could be here as soon as 2027

New AI Challenges Will Test CISOs & Their Teams in 2025

UK Government to Ban Creation of Explicit Deepfakes - Infosecurity Magazine

Deepfake advancements pose growing cyber security risks

How will the evolution of AI change its security? | TechRadar

Trolley Problem, Safety Versus Security of Generative AI - SecurityWeek

Why an “all gas, no brakes” approach for AI use won't work - Help Net Security

Innovation, Automation, And The Cyber Security Challenges Ahead

Malware

Google Chrome AI extensions deliver info-stealing malware in broad attack | Malwarebytes

A NATO-backed startup says agentic malware could be here as soon as 2027

Over 4,000 backdoors hijacked by registering expired domains

New Banshee Malware Targeting MacOS Users Remained Undetected For Months

Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections

PLAYFULGHOST Delivered via Phishing and SEO Poisoning in Trojanized VPN Apps

A Windows filetype update may have complicated cyber threat detection efforts | TechRadar

New Infostealer Campaign Uses Discord Videogame Lure - Infosecurity Magazine

Wallet Drainer Malware Used to Steal $500 Million in Cryptocurrency in 2024 - SecurityWeek

When Is A RAT, Not A RAT?

Researchers Expose NonEuclid RAT Using UAC Bypass and AMSI Evasion Techniques

Google warns of legit VPN apps being used to infect devices with malware | TechRadar

Top 5 Malware Threats to Prepare Against in 2025

Fake Government Officials Use Remote Access Tools for Card Fraud - Infosecurity Magazine

Advanced evasion techniques leveraged by novel NonEuclid RAT | SC Media

Bots/Botnets

US Sanctions Chinese Cybersecurity Firm for Global Botnet Attacks - Infosecurity Magazine

New Mirai Botnet Exploits Zero-Days in Routers and Smart Devices - Infosecurity Magazine

Gayfemboy Botnet targets Four-Faith router vulnerability

Mobile

FireScam Malware Campaign Highlights Rising Threat To Mobile Users

iPhones more affected than Android smartphones by a certain kind of cyberattack - NotebookCheck.net News

Candy Crush, Tinder, MyFitnessPal: See the Thousands of Apps Hijacked to Spy on Your Location

Millions of Vinted, Spotify and Tinder users' data could be compromised in global hack

Porn Ban—New Threat For iPhone, iPad, Android Users

Data Privacy: Your Carrier Knows a Lot About You. Here's How to Take Back Control - CNET

Android patches several vulnerabilities in first security update of 2025 | CyberScoop

This iOS 18 feature shares your photos with Apple for analysis. Should you be worried? | ZDNET

Android Under Attack—Users Warned As FireScam Threat Evades Detection

Apple rolls out mystery update with 'important bug fixes' for iPhones and iPads | ZDNET

First Android Update of 2025 Patches Critical Code Execution Vulnerabilities - SecurityWeek

Denial of Service/DoS/DDoS

Japanese Businesses Hit By a Surge In DDoS Attacks

Internet of Things – IoT

IoT's Regulatory Reckoning Is Overdue

Buying a smart home device? Look for this new cybersecurity seal - here's why | ZDNET

White House launches cybersecurity label program for consumers | CyberScoop

New Mirai Botnet Exploits Zero-Days in Routers and Smart Devices - Infosecurity Magazine

Gayfemboy Botnet targets Four-Faith router vulnerability

How vulnerable Ecovacs robot vacuums are being hacked | Kaspersky official blog

Tesla data helped police in Las Vegas. It highlights privacy concerns | AP News

Data Breaches/Leaks

Candy Crush, Tinder, MyFitnessPal: See the Thousands of Apps Hijacked to Spy on Your Location

Millions of Vinted, Spotify and Tinder users' data could be compromised in global hack

Atos confirms third-party breach but rejects direct Space Bears compromise | SC Media

PowerSchool Reportedly Pays Ransom to Prevent Student Data Leak - Infosecurity Magazine

The real cost of data breaches for businesses - Help Net Security

CISA says Treasury was the only US agency breached via BeyondTrust - Help Net Security

UN's aviation agency confirms attack on recruitment database • The Register

Largest US addiction treatment provider notifies patients of data breach

How to empower employees to prevent data leaks | Professional Security Magazine

Washington Attorney General Sues T-Mobile Over 2021 Data Breach - SecurityWeek

Dental group lied through teeth about data breach, fined $350,000 | Malwarebytes

UN aviation agency 'actively investigating' cyber criminal’s claimed data breach | The Record from Recorded Future News

Hackers Claim Massive Breach of Location Data Giant, Threaten to Leak Data

American Addiction Centers Hit with PHI Breach Class Action | Robinson+Cole Data Privacy + Security Insider - JDSupra

Medical billing firm Medusind discloses breach affecting 360,000 people

Excelsior Orthopaedics Data Breach Impacts 357,000 People - SecurityWeek

Mortgage Cos. Fined $20M Over Cybersecurity Breach - Law360

Almost 8500 People Affected By Casio Data Leak

Organised Crime & Criminal Actors

Malicious hackers have their own shadow IT problem | CyberScoop

Web3 Attacks Result in $2.3Bn in Cryptocurrency Losses - Infosecurity Magazine

Torturing hackers in prison: surviving as an act of protest | Cybernews

CISOs’ Top Cyber Security Threats 2025: Scattered Spider, Deepfakes, and More - Security Boulevard

Cyber Criminals Don't Care About National Cyber Policy

From $22M in Ransom to +100M Stolen Records: 2025's All-Star SaaS Threat Actors to Watch

Hacker Sentenced After Stealing Unreleased Coldplay Tracks

Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain

Cryptocurrency wallet drainers stole $494 million in 2024

Wallet Drainer Malware Used to Steal $500 Million in Cryptocurrency in 2024 - SecurityWeek

Insider Risk and Insider Threats

Insider Threat: Tackling the Complex Challenges of the Enemy Within - SecurityWeek

83% of organizations reported insider attacks in 2024

Internal threats in the cloud | Professional Security Magazine

How to empower employees to prevent data leaks | Professional Security Magazine

How can organizations mitigate the security risks caused by human error?

Supply Chain and Third Parties

Widespread cyberattack targets Google Chrome extensions, compromises 2.6 million devices | TechSpot

Chrome Compromises Highlight Software Supply Challenges

OpenAI Blames Cloud Provider For ChatGPT Outage

Atos confirms third-party breach but rejects direct Space Bears compromise | SC Media

CISA says Treasury was the only US agency breached via BeyondTrust - Help Net Security

Cloud/SaaS

Cloud, AI, and cyber security converge on fintech landscape | SC Media

Internal threats in the cloud | Professional Security Magazine

OpenAI Blames Cloud Provider For ChatGPT Outage

From $22M in Ransom to +100M Stolen Records: 2025's All-Star SaaS Threat Actors to Watch

Fortinet warns of sophisticated phishing campaign exploiting Microsoft 365 domains - SiliconANGLE

Scammers Exploit Microsoft 365 to Target PayPal Users - Infosecurity Magazine

MSSPs Have a Role in Stopping Cloud Attacks Using Stolen Credentials | MSSP Alert

Unconventional Cyber Attacks Aim for PayPal Account Takeover

Hacker Sentenced After Stealing Unreleased Coldplay Tracks

Outages

OpenAI Blames Cloud Provider For ChatGPT Outage

Proton Mail still down as Proton recovers from worldwide outage

CrowdStrike bounces back after triggering largest IT outage in history

Identity and Access Management

Identity Security to Become a Focus in 2025, Experts Say | MSSP Alert

The Benefits of Implementing Least Privilege Access - Security Boulevard

Encryption

Around 3.3M POP3 and IMAP mail servers lack TLS encryption

Millions of email users at risk — passwords could be exposed to hackers, experts warn | Tom's Guide

Making the most of cryptography, now and in the future - Help Net Security

How to password protect a USB stick in less than 5 minutes - Which? News

Encryption backdoor debate 'done and dusted' • The Register

Mixed Messages: The Salt Typhoon Encryption Debacle | Benesch - JDSupra

How to encrypt any email - in Outlook, Gmail, and other popular services | ZDNET

Linux and Open Source

Open source worldwide: Critical maintenance gaps exposed - Help Net Security

Passwords, Credential Stuffing & Brute Force Attacks

Router reality check: 86% of default passwords have never been changed

MSSPs Have a Role in Stopping Cloud Attacks Using Stolen Credentials | MSSP Alert

Almost half Gen Z and Millennials have had their social media passwords hacked

Critical ‘Rising Risk’ Attack Alert—Change Your Router Password Now

Social Media

Meta ditches fact checking for community notes - just like on X | ZDNET

TikTok Ban Thrusts Apple (AAPL), Google Into US-China Geopolitical Fray - Bloomberg

E.U. Commission Fined for Transferring User Data to Meta in Violation of Privacy Laws

Almost half Gen Z and Millennials have had their social media passwords hacked

New Infostealer Campaign Uses Discord Videogame Lure - Infosecurity Magazine

Mark Zuckerberg Says Meta Fact-Checkers Were the Problem. Fact-Checkers Rule That False. - The New York Times

UK universities join retreat from Elon Musk's X, citing misinformation on platform | Reuters

EU Commission urged to act over Elon Musk’s ‘interference’ in elections | European Union | The Guardian

Meta exempted top advertisers from standard content moderation process

Meta Now Lets Users Say Gay and Trans People Have ‘Mental Illness’ | WIRED

Training, Education and Awareness

How to empower employees to prevent data leaks | Professional Security Magazine

8 Tips for Fortifying Your Cyber Defenses With a Human Firewall

Regulations, Fines and Legislation

New HIPAA Security Rules Pull No Punches

Cyber security law updates in the UK and the EU | Technology Law Dispatch

Operational Incident Reporting: UK Financial Regulators Propose New Rules | A&O Shearman - JDSupra

IoT's Regulatory Reckoning Is Overdue

Proposed Updates to HIPAA Security Rule Would Require Entities to Adopt Enhanced Cybersecurity Measures | Fisher Phillips - JDSupra

White House launches cyber security label program for consumers | CyberScoop

UK Government to Ban Creation of Explicit Deepfakes - Infosecurity Magazine

A Year in Privacy and Security: Privacy Violations, Large-Scale Data Breaches, and Big Fines and Settlements | Robinson+Cole Data Privacy + Security Insider - JDSupra

Cyber criminals Don't Care About National Cyber Policy

Dental group lied through teeth about data breach, fined $350,000 | Malwarebytes

Dental Practice Pays State in Alleged Data Breach 'Cover Up'

Mortgage Cos. Fined $20M Over Cyber Security Breach - Law360

US has ‘a lot of work to do’ on network defences, departing cyber czar says - Defense One

Models, Frameworks and Standards

New HIPAA Security Rules Pull No Punches

Proposed Updates to HIPAA Security Rule Would Require Entities to Adopt Enhanced Cybersecurity Measures | Fisher Phillips - JDSupra

E.U. Commission Fined for Transferring User Data to Meta in Violation of Privacy Laws

The ongoing evolution of the CIS Critical Security Controls - Help Net Security

The NIS2 Directive in Germany: Looking Ahead | Hogan Lovells - JDSupra

Data Protection

Huge Changes Predicted For The Data Privacy Landscape

Careers, Working in Cyber and Information Security

It’s Time Businesses Address The UK’s Cybersecurity Talent Shortage

Helping Veterans Transition to Civilian Life: How Employers Can Tap into the Cybersecurity Talent Pool - ClearanceJobs

Law Enforcement Action and Take Downs

Sharing of Telegram User Data Surged After CEO Arrest

Hacker Sentenced After Stealing Unreleased Coldplay Tracks

Misinformation, Disinformation and Propaganda

Meta ditches fact checking for community notes - just like on X | ZDNET

Mark Zuckerberg Says Meta Fact-Checkers Were the Problem. Fact-Checkers Rule That False. - The New York Times

UK universities join retreat from Elon Musk's X, citing misinformation on platform | Reuters

EU Commission urged to act over Elon Musk’s ‘interference’ in elections | European Union | The Guardian

Meta exempted top advertisers from standard content moderation process

Meta Now Lets Users Say Gay and Trans People Have ‘Mental Illness’ | WIRED


Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity

Cyber Warfare and Cyber Espionage

Historical Warfare’s Parallels with Cyber Warfare - Australian Cyber Security Magazine

Preparing for Cybergeddon - defenceWeb

The Big Question: Are businesses now in the front line for cyberwarfare? - Emerging Risks Media Ltd

Shadows Of Power: Navigating The Complexities Of Global Security – Analysis – Eurasia Review

Nation State Actors

China

Meet the Chinese 'Typhoon' hackers preparing for war | TechCrunch

How Chinese Hackers Graduated From Clumsy Corporate Thieves to Military Weapons - WSJ

China cyber threats: What businesses can do to protect themselves | ITPro

Chinese hackers ran amok in US telecom network for 18 months -- got info on over 1 million people: report

China Protests US Sanctions for Its Alleged Role in Hacking, Complains of Foreign Hacker Attacks - SecurityWeek

UK cyber experts on red alert after Salt Typhoon attacks on US telcos | ITPro

China’s escalating cyber attacks highlight Biden, Trump differences - Defense One

Hackers Terrify US Intelligence After Infiltrating Guam - Bloomberg

After China's Salt Typhoon, the reconstruction starts now • The Register

U.S. uncovers hacking campaign targeting Guam's critical infrastructure — suspected Chinese Volt Typhoon hacks could disrupt the defense of Taiwan | Tom's Hardware

FCC chief urges auction to fund 'Rip and Replace' program • The Register

Japanese police claim China ran five-year cyberattack • The Register

Mandiant links Ivanti zero-day exploitation to Chinese hackers | TechTarget

46 Japanese entities hit by cyberattacks since year-end - Japan Today

US-China: A Cyberwar With Internet Agents – OpEd – Eurasia Review

Taiwan claims China-linked ship damaged submarine cable • The Register

Taiwan raises alarm over increasing Chinese cyberattacks | Taiwan News | Jan. 5, 2025 15:31

TikTok Ban Thrusts Apple (AAPL), Google Into US-China Geopolitical Fray - Bloomberg

Mixed Messages: The Salt Typhoon Encryption Debacle | Benesch - JDSupra

China hits Lockheed Martin, Raytheon and Boeing with export ban after US arms sales to Taiwan | The Independent

The US just added Tencent — which backs US startups — to its list of 'Chinese military' companies | TechCrunch

Chinese APT Exploits Versa Networks Zero-Day Flaw | Decipher

Russia

WordPress phishing plugin drives online shopping fraud | SC Media

Russian hackers turn trusted online stores into phishing pages | CSO Online

Banshee: The Stealer That "Stole Code" From MacOS XProtect - Check Point Research

Cyber attacks on Ukraine in 2024: a 70% increase

Russian internet provider confirms its network was ‘destroyed’ following attack claimed by Ukrainian hackers | The Record from Recorded Future News

'Russia's Google' Yandex ordered to hide maps of oil refineries after Ukrainian attacks

Hackers claim to have breached Russia’s real estate database, Moscow denies

Ukrainian hackers take credit for hacking Russian ISP that wiped out servers and caused internet outages | TechCrunch


Tools and Controls

Rethinking Incident Response: How Organizations Can Avoid Budget Overruns and Delays  - Security Boulevard

Breach Readiness: Elevating Your Security Posture in a Constantly Evolving Threat Landscape  - Security Boulevard

Why Small Business Can't Rely Solely on AI to Combat Threats

Around 3.3M POP3 and IMAP mail servers lack TLS encryption

Confidently Secure: Leveraging PAM for Enhanced Protections - Security Boulevard

How to empower employees to prevent data leaks | Professional Security Magazine

Neglected Domains Used in Malspam to Evade SPF and DMARC Security Protections

90 Percent of Business Leaders Lack Faith in AI-driven Cyber Security Solutions, Arelion Report Reveals

Identity Security to Become a Focus in 2025, Experts Say | MSSP Alert

From Silos to Synergy: Transforming Threat Intelligence Sharing in 2025 - SecurityWeek

Top 6 Ways To Back Your Business Up With Cyber Threat Intelligence

Innovation, Automation, And The Cyber Security Challenges Ahead

The Benefits of Implementing Least Privilege Access - Security Boulevard

Cybersecurity in 2025: Agentic AI to change enterprise security and business operations in year ahead | SC Media

Best of 2024: If You are Reachable, You Are Breachable, and Firewalls & VPNs are the Front Door  - Security Boulevard

Google warns of legit VPN apps being used to infect devices with malware | TechRadar

Why Traditional Fraud Scores Are No Longer Enough for Modern Threats - Security Boulevard

8 Tips for Fortifying Your Cyber Defenses With a Human Firewall

How CISOs can make smarter risk decisions - Help Net Security



Vulnerability Management

Millions of Windows 10 PCs face security disaster as Microsoft ends support

Key Cyber Initiatives from CISA: KEV Catalog, CPGs, and PRNI | CISA

Vulnerabilities

Security pros baited by fake Windows LDAP exploits • The Register

Thousands of Buggy BeyondTrust Systems Remain Exposed

Tenable Disables Nessus Agents Over Faulty Updates - SecurityWeek

Mandiant links Ivanti zero-day exploitation to Chinese hackers | TechTarget

Android patches several vulnerabilities in first security update of 2025 | CyberScoop

Mitel MiCollab, Oracle WebLogic Server vulnerabilities exploited by attackers - Help Net Security

Chrome 131, Firefox 134 Updates Patch High-Severity Vulnerabilities - SecurityWeek

Surprise Google Chrome 131 Update For Windows, Mac, Linux, Android

Hackers are exploiting a new Ivanti VPN security bug to hack into company networks | TechCrunch

Another top WordPress plugin found carrying critical security flaws | TechRadar

First Android Update of 2025 Patches Critical Code Execution Vulnerabilities - SecurityWeek

WordPress Popular Posts Plugin Vulnerability Affects 100k+ Sites

Popular open source vulnerability scanner Nuclei forced to patch worrying security flaw | TechRadar

Dell, HPE, MediaTek Patch Vulnerabilities in Their Products - SecurityWeek

SonicWall urges admins to patch exploitable SSLVPN bug immediately

Palo Alto Networks Patches High-Severity Vulnerability in Retired Migration Tool - SecurityWeek

Apple rolls out mystery update with 'important bug fixes' for iPhones and iPads | ZDNET

UK Internet Domain Registry Nominet Suffers Cyber Attack - ISPreview UK

Gayfemboy Botnet targets Four-Faith router vulnerability

Chinese APT Exploits Versa Networks Zero-Day Flaw | Decipher


Sector Specific

Industry specific threat intelligence reports are available.

Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.

·       Automotive

·       Construction

·       Critical National Infrastructure (CNI)

·       Defence & Space

·       Education & Academia

·       Energy & Utilities

·       Estate Agencies

·       Financial Services

·       FinTech

·       Food & Agriculture

·       Gaming & Gambling

·       Government & Public Sector (including Law Enforcement)

·       Health/Medical/Pharma

·       Hotels & Hospitality

·       Insurance

·       Legal

·       Manufacturing

·       Maritime & Shipping

·       Oil, Gas & Mining

·       OT, ICS, IIoT, SCADA & Cyber-Physical Systems

·       Retail & eCommerce

·       Small and Medium Sized Businesses (SMBs)

·       Startups

·       Telecoms

·       Third Sector & Charities

·       Transport & Aviation

·       Web3

Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.

Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.

You can also follow us on Facebook, Twitter and LinkedIn.

Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.

Previous
Previous

Black Arrow Cyber Advisory 15 January 2025 – Microsoft, Adobe, Cisco, Ivanti, Fortinet, GitHub, SAP, SonicWall, Zyxel, Google Chrome and Zoom Security Updates - updated

Next
Next

Black Arrow Cyber Threat Intelligence Briefing 03 January 2025