Black Arrow Cyber Threat Briefing 11 October 2024
Welcome to this week’s Black Arrow Cyber Threat Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Top Cyber Stories of the Last Week
Your IT Systems Are Being Attacked. Are You Prepared?
Recent cyber attacks are becoming more frequent and sophisticated, emphasising the need for executive-level engagement in cyber security. Yet many organisations remain unprepared, with CEOs often delegating responsibility to IT departments. A survey revealed that while increasing AI use is expected to lead to more breaches, four in five security officers plan to use AI for defence. Experts advise that CEOs should actively participate in cyber security planning, ask critical questions like 'What are we doing? Is it enough? How do we know?', and regularly review measures to avoid significant business disruptions and regulatory penalties.
Board-CISO Mismatch on Cyber Responsibility, NCSC Research Finds
The UK's National Cyber Security Centre (NCSC) has found that 80% of board members and security leaders are uncertain about who holds responsibility for cyber security in their organisations. This confusion stems from CISOs believing accountability lies with the board, while board members think it rests with CISOs. The NCSC's research highlighted that many board members lack in-depth cyber knowledge, leading to gaps in oversight. In response, the NCSC has published new guidance to help CISOs effectively communicate with boards, aiming to bridge this gap and reduce cyber risk across organisations.
Mounting Phishing Attacks Enabled by AI, Deepfakes
A recent report has found that phishing attacks increased by 28% between the first and second quarters of 2024. Of the phishing kits used, 75% leveraged artificial intelligence and 82% incorporated deepfake capabilities. 44% of the attacks between April and June exploited compromised email accounts, with 8% originating from supply chain accounts. Hyperlinks were identified as the most common attack payload, followed by attachments. The report highlighted that attackers' use of AI in phishing toolkits lowers the barrier to entry for cyber attacks. It emphasised the need for organisations to adopt advanced AI defences without introducing new vulnerabilities by using AI unnecessarily.
AI is Most Serious Threat to Orgs, According to Security Professionals
Keeper Security has found that AI-driven cyber threats are now the most serious concern for organisations, with 51% of security leaders identifying them as such. Despite 81% of organisations implementing AI usage policies and 77% of leaders being familiar with AI security best practices, 35% feel least prepared to combat AI-powered attacks compared to other cyber threats. The survey also highlighted that 84% of IT and security leaders find AI-powered tools have made phishing and smishing attacks harder to detect. Organisations are prioritising data encryption, employee training, and advanced threat detection systems to counter these evolving threats.
MI5 Chief Warns of Cyber Threats to the UK
MI5 has warned that cyber threats from Russia, China, and Iran are a growing concern for the UK. Director General Ken McCallum highlighted that these nations are heavily investing in human intelligence and advanced cyber operations targeting government information, technology, and democratic institutions. Despite expelling over 750 Russian diplomats since early 2022—the majority being spies—cyber espionage activities have intensified. MI5 and the National Cyber Security Centre anticipate increased cyber attacks on Western cyber defences, particularly from Russian state actors. McCallum also emphasised the distinct threat posed by China, urging a comprehensive response to build resilience.
Walking the Tightrope Between Innovation and Risk
A recent analysis revealed that early engagement with CISOs in innovation projects leads to proactive security measures, building trust and ensuring innovation and security can coexist. Interestingly, organisations using older operational systems were shielded from recent security incidents, highlighting the inevitable trade-off between innovation and risk. The report suggests reframing the conversation to 'secure innovation' and emphasises fostering a security-first culture where employees are the first line of defence. Additionally, it stresses the importance of ensuring third-party vendors are secure, as a single compromised user could trigger a company-wide incident.
Ransomware Severity Up 68% in First Half of 2024
Cyber Insurer Coalition has found that while cyber insurance claims frequency decreased slightly in the first half of 2024, ransomware severity surged by 68%, with average losses per incident reaching $353,000. Businesses with over $100 million in revenue saw a 140% increase in claims severity, averaging losses of $307,000. Ransomware, though accounting for 18% of claims, heavily drove overall severity. The report also highlighted that 40% of policyholders paid ransom demands. Additionally, organisations using outdated technologies were 2.5 times more likely to experience a claim, underscoring the need for updated security measures.
31 New Ransomware Groups in 12 Months
There has been a 30% increase in active ransomware groups over the past year, with 31 new ransomware groups identified in the last twelve months. Despite intensified law enforcement efforts, the ransomware landscape has become more fragmented. LockBit remained the most active group, accounting for 17% of victims but down 8% from the previous year due to law enforcement operations. The cyber criminal group Play doubled its victim count to become the second most active, while newcomer RansomHub accounted for 7%.
Lack of Cyber Risk Quantification Leaves Companies Financially Exposed: PwC Report
PwC's latest report reveals a significant gap in how organisations quantify cyber risks financially. Despite 89% of executives agreeing on the importance of measuring cyber risk for investment prioritisation, only 15% effectively do so. This disconnect leaves many companies financially vulnerable, with only 21% allocating cyber budgets to top risks. While 77% of executives expect cyber security budgets to increase next year, without proper quantification, funds may not address the most pressing threats. The report highlights that over half of executives see cyber security as a differentiator influencing customer trust and brand loyalty, yet a lack of effective measurement persists.
Software Supply Chain Weaknesses are Increasingly Putting Businesses at Risk
BlackBerry reports that software supply chain weaknesses are increasingly putting businesses at risk of cyber attacks, with 51% of UK IT leaders receiving notifications of attacks or vulnerabilities in the past year. Despite this, 58% trust their suppliers' cyber security policies are comparable or stronger than their own, yet less than half requested compliance confirmations. Additionally, 51% found unknown participants in their software supply chain. The consequences are significant: 71% suffered financial loss, 67% faced data and reputational damage, and 42% took over a week to recover from such attacks.
UK Businesses Cite Economic Risks and Cyber Crime as Top 2024 Concerns: Marsh McLennan
Marsh McLennan has found that economic risks and financial challenges are the top concern for UK businesses over the next 12 months, with 43% of leaders citing these issues. Cyber threats take the number two spot, where the sharp rise in attacks is seen as a growing concern, jumping from 20% in 2023 to 39% in 2024. The report highlights that business leaders plan to prioritise strengthening cyber security measures, including assessing supply chain risks and customer relationships.
Cloud Security Risks Surge as 38% of Firms Face Exposures
Cloud security risks are surging, with 38% of organisations globally facing critical exposures from a combination of security gaps. These security concerns intensify due to the "toxic cloud triad" of publicly exposed, critically vulnerable, and highly privileged cloud workloads, leaving firms vulnerable to cyber attacks resulting in disruptions, system takeovers, and data breaches. Despite the average cost of a data breach in 2024 nearing $5 million, many organisations have misconfigurations and excessive permissions; 84% possess unused or long-standing access keys; and 74% have publicly exposed storage.
Insider Threat Damage Balloons as Visibility Gaps Widen
Recent research indicates that insider threats have led to a sharp increase in cyber attacks, with 83% of organisations experiencing such incidents in 2024, up from 60% the previous year. The growing complexity of IT systems and the adoption of technologies like AI and cloud services are creating visibility gaps and escalating risks. Nearly half of the organisations reported more frequent insider attacks, with remediation costs ranging from $100,000 to $2 million per incident. Additionally, 45% take a week or longer to recover, underscoring the need for improved policies, staff training, and advanced incident-response solutions.
Sources:
https://www.darkreading.com/cyberattacks-data-breaches/it-systems-being-attacked-prepared
https://www.infosecurity-magazine.com/news/boardciso-mismatch-on-cyber/
https://www.msspalert.com/brief/mounting-phishing-attacks-enabled-by-ai-deepfakes
https://www.inforisktoday.com/mi5-chief-warns-cyberthreats-to-uk-a-26483
https://www.darkreading.com/vulnerabilities-threats/walking-tightrope-innovation-risk
https://www.infosecurity-magazine.com/news/new-ransomware-groups-emerge-2024/
https://www.infosecurity-magazine.com/news/cloud-security-risks-surge-38/
Governance, Risk and Compliance
Board-CISO Mismatch on Cyber Responsibility - Infosecurity Magazine (infosecurity-magazine.com)
Walking the Tightrope Between Innovation & Risk (darkreading.com)
Warning over cyber security gap in the HR sector | theHRD (thehrdirector.com)
Your IT Systems Are Being Attacked. Are You Prepared? (darkreading.com)
US CISO Compensation on the Rise, Report Finds | MSSP Alert
45% of cyber security leaders are stressed about budget restraints | Security Magazine
The three qualities modern CISOs must have today to succeed | SC Media (scworld.com)
CISO Paychecks: Worth the Growing Security Headaches? (darkreading.com)
From IT to Boardroom: NIS2 Reshapes Cyber Security Roles (databreachtoday.co.uk)
Organisations are taking action towards cyber resilience: PwC - Reinsurance News
Cyber risk advice for boards | Professional Security Magazine
How the increasing demand for cyber insurance is changing the role of the CISO | CSO Online
Chief risk storyteller: How CISOs are developing yet another skill | CSO Online
Ex-Uber CISO Requests New, 'Fair' Trial (darkreading.com)
Cultivating a security-first mindset: Key leadership actions - Help Net Security
What is OPSEC (operations security)? | Definition from TechTarget
Widening talent pool in cyber with on-demand contractors - Help Net Security
Cyber Accountability Building • Stimson Center
Facts and Stats about Cyber Security and Compliance - Security Boulevard
Many C-suite execs have lost confidence in IT, including CIOs | CIO
Threats
Ransomware, Extortion and Destructive Attacks
Why evolving cyber threats mean small businesses are ransomware targets – Computerworld
Secureworks: Ransomware takedowns didn’t put off cyber criminals | Computer Weekly
Guidance for ransomware incidents | Professional Security Magazine
Ransomware double-extortion group listings peaked in 2024, report finds | SC Media (scworld.com)
Criminals Are Testing Their Ransomware in Africa (darkreading.com)
Homeland Security Blocked 500+ Ransomware Attacks Since 2021 (pymnts.com)
US agency warns against crypto-hungry Trinity ransomware (cointelegraph.com)
Hackers Exploiting Veeam RCE Vulnerability to Deploy Ransomware (cybersecuritynews.com)
Ransomware Victims
Study: 92% of Healthcare Firms Hit by Cyber Attacks This Year (inforisktoday.com)
American Water shut down some of its systems following a cyber attack (securityaffairs.com)
Casio reports IT systems failure after weekend network breach (bleepingcomputer.com)
Credit monitoring and supply chain risk company hacked | CyberScoop
Medical Group Pays $240K Fine for 3 Ransomware Attacks (govinfosecurity.com)
MoneyGram: No evidence ransomware is behind recent cyber attack (bleepingcomputer.com)
Cyber expert suggests American Water cyber incident was a ransomware attack | ITPro
Phishing & Email Based Attacks
Mounting Phishing Attacks Enabled by AI, Deepfakes | MSSP Alert
Commodity and Bulk Phishing Attacks See Huge Rise | SC Media UK (scmagazineuk.com)
Microsoft: Creative Abuse of Cloud Files Bolsters BEC Attacks (darkreading.com)
Cyber crooks abuse stolen SharePoint, OneDrive, and Dropbox accounts for phishing | Cybernews
Mamba 2FA Cyber Crime Kit Strikes Microsoft Users (darkreading.com)
9 types of phishing attacks and how to identify them | CSO Online
Microsoft 365 accounts targeted by dangerous new phishing scam | TechRadar
62% of observed finance domains involved in phishing attacks | Security Magazine
Scarlett Johansson tops McAfee 2024 Celebrity Hacker Hotlist (betanews.com)
Despite Online Threats, Users Aren’t Changing Behavior (darkreading.com)
Today’s “Good Enough MFA” Should Be Phishing-Resistant - Security Boulevard
OpenAI says Chinese gang tried to phish its staff • The Register
Hurricane Helene exploited in FEMA scams, phishing | SC Media (scworld.com)
Business Email Compromise (BEC)/Email Account Compromise (EAC)
Microsoft: Creative Abuse of Cloud Files Bolsters BEC Attacks (darkreading.com)
Cyber crooks abuse stolen SharePoint, OneDrive, and Dropbox accounts for phishing | Cybernews
9 types of phishing attacks and how to identify them | CSO Online
Other Social Engineering
9 types of phishing attacks and how to identify them | CSO Online
To Deliver Malware, Attackers Use the Phone | Intel 471
Despite Online Threats, Users Aren’t Changing Behavior (darkreading.com)
Scarlett Johansson tops McAfee 2024 Celebrity Hacker Hotlist (betanews.com)
Hurricane Helene exploited in FEMA scams, phishing | SC Media (scworld.com)
Attackers Using VSCode to Remotely Compromise Systems | MSSP Alert
Artificial Intelligence
42.5% of fraud attempts are now driven by AI - TechCentral.ie
AI anxiety afflicts 90% of consumers and businesses - see what worries them most | ZDNET
AI Most Serious Threat to Orgs, According to Security Professionals - IT Security Guru
Mounting Phishing Attacks Enabled by AI, Deepfakes | MSSP Alert
Three key strategies for organisations to protect themselves from deepfakes - IT Security Guru
OpenAI details how threat actors are abusing ChatGPT | TechTarget
Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse (404media.co)
Risk Strategies Drawn From the EU AI Act (darkreading.com)
2FA/MFA
Today’s “Good Enough MFA” Should Be Phishing-Resistant - Security Boulevard
Why are we still talking about cyber security basics after all these years? - Security Boulevard
Malware
How Malware is Evolving: Sandbox Evasion and Brand Impersonation - Security Boulevard
Ukrainian pleads guilty to operating Raccoon Stealer malware (bleepingcomputer.com)
Malicious Chrome Add-ons Evade Google's Updated Security (darkreading.com)
To Deliver Malware, Attackers Use the Phone | Intel 471
Two never-before-seen tools, from same group, infect air-gapped devices - Ars Technica
The “Mongolian Skimmer” Uses Unicode To Conceal Its Malicious Intent (informationsecuritybuzz.com)
Malicious packages in open-source repositories are surging | CyberScoop
Crypto-stealing malware campaign infects 28,000 people (bleepingcomputer.com)
How macOS malware works and how to secure your Mac
Attackers Using VSCode to Remotely Compromise Systems | MSSP Alert
Bots/Botnets
New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries (thehackernews.com)
Vulnerable APIs and Bot Attacks Costing Businesses Up to $186 Billion Annually (thehackernews.com)
Websites are losing the fight against bot attacks - Help Net Security
Unseen Threats: 95% of Advanced Bots Escape Detection on Websites | HackerNoon
Why Web Application Firewalls Are an Indispensable Part of the Security Stack (thefastmode.com)
Gorilla Botnet Launches Over 300,000 DDoS Attacks (informationsecuritybuzz.com)
Mobile
Apple iOS 18.0.1 and iPadOS 18.0.1 fix media session and passwords bugs (securityaffairs.com)
This Trojan disguises as Google Chrome or NordVPN to wipe out your accounts | Cybernews
Android 16 could let you lock your phone down even tighter with new security features | TechRadar
Google officially kicks Kaspersky antivirus software app off the Play Store | TechRadar
Google brings better bricking to Androids, to curtail crims • The Register
3 iPhone settings I changed to thwart thieves - and what to do if your phone is stolen | ZDNET
Don’t use iPhone Mirroring at work, experts warn • The Register
Denial of Service/DoS/DDoS
Cloudflare Thwarts Largest-Ever 3.8 Tbps DDoS Attack Targeting Global Sectors (thehackernews.com)
New Gorilla Botnet Launches Over 300,000 DDoS Attacks Across 100 Countries (thehackernews.com)
DDoS attacks are on the rise, and are increasingly politically-motivated | TechRadar
Internet of Things – IoT
How smart TVs spy on you and harvest data • The Register
You Need a Separate Network To Protect Yourself From Your Smart Devices (howtogeek.com)
New EU law touts strict cyber security requirements for all connected and IoT devices | Cybernews
14,000 medical devices are online, unsecured and vulnerable | CyberScoop
Data Breaches/Leaks
National Public Data files for bankruptcy after info leak • The Register
90% of Successful Attacks Result in Leaked Data (darkreading.com)
MoneyGram says hackers stole customers' personal information and transaction data | TechCrunch
Internet Archive hacked, data breach impacts 31 million users (bleepingcomputer.com)
Marriott settles for $52M after years-long breaches • The Register
Comcast confirms 237K affected in feisty breach notification • The Register
ADT discloses second breach in 2 months, hacked via stolen credentials (bleepingcomputer.com)
MoneyGram Breach: Social Security Numbers, Bank Account Details Looted (pcmag.com)
FCC Fines T-Mobile $31.5 Million After Carrier Was Hacked 8 Times In 5 Years | Techdirt
Major breach exposes every Dutch police officer: state-sponsored actor suspected | Cybernews
Leaked documents reveal British military’s secret assistance to Israeli army | Al Bawaba
Data loss incidents impact patient care - Help Net Security
Organised Crime & Criminal Actors
British man arrested over hack-to-trade scheme using email password resets | ITPro
Cyber crime and harm - POST (parliament.uk)
Man pleads guilty to stealing over $37M worth of cryptocurrency (securityaffairs.com)
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Lego's website was hacked to promote a crypto scam (engadget.com)
Crypto-stealing malware campaign infects 28,000 people (bleepingcomputer.com)
Man pleads guilty to stealing over $37M worth of cryptocurrency (securityaffairs.com)
FBI created a crypto token so it could watch it being abused • The Register
US agency warns against crypto-hungry Trinity ransomware (cointelegraph.com)
Insider Risk and Insider Threats
Insider Threat Damage Balloons as Visibility Gaps Widen (darkreading.com)
Despite Online Threats, Users Aren’t Changing Behaviour (darkreading.com)
Insurance
Severity of Ransomware Attacks Rose 68% in First Half of 2024, Report Shows (claimsjournal.com)
Cyber insurance demand to rise as new threats emerge, says Bloomberg Intelligence - Reinsurance News
How the increasing demand for cyber insurance is changing the role of the CISO | CSO Online
Supply Chain and Third Parties
Software supply chain weaknesses are increasingly putting businesses at risk | TechRadar
The CrowdStrike bug and the risk of cascading failures - SiliconANGLE
What The SolarWinds Case Means For CISOs And Corporate Cyber Security (forbes.com)
Credit monitoring and supply chain risk company hacked | CyberScoop
Cloud/SaaS
Microsoft: Creative Abuse of Cloud Files Bolsters BEC Attacks (darkreading.com)
Cyber crooks abuse stolen SharePoint, OneDrive, and Dropbox accounts for phishing | Cybernews
Mamba 2FA Cyber Crime Kit Strikes Microsoft Users (darkreading.com)
Cloud Security Challenges in the Modern Era - Compare the Cloud
Hackers still prefer credentials-based techniques in cloud attacks | SC Media (scworld.com)
Microsoft 365 accounts targeted by dangerous new phishing scam | TechRadar
Social Media Accounts: The Weak Link in Organisational SaaS Security (thehackernews.com)
Outages
The CrowdStrike bug and the risk of cascading failures - SiliconANGLE
What The SolarWinds Case Means For CISOs And Corporate Cyber Security (forbes.com)
MoneyGram: No evidence ransomware is behind recent cyber attack (bleepingcomputer.com)
Encryption
Chinese hack shows why Apple is right about security backdoors (9to5mac.com)
The Wiretap: China Has Infiltrated Police Wiretap Systems (forbes.com)
The 30-year-old internet backdoor law that came back to bite | TechCrunch
Massive US security breach highlights danger of weakening encryption | Proton
Linux and Open Source
CUPS could be abused to launch massive DDoS attack • The Register
Malicious packages in open-source repositories are surging | CyberScoop
Passwords, Credential Stuffing & Brute Force Attacks
There was a 12% increase in brute force cyber attack techniques in 2024 | Security Magazine
This Popular Security Method Doesn't Actually Stop Hackers (makeuseof.com)
Hackers still prefer credentials-based techniques in cloud attacks | SC Media (scworld.com)
Password Basics: Why Mastering Fundamentals Is Crucial (informationsecuritybuzz.com)
Why are we still talking about cyber security basics after all these years? - Security Boulevard
ADT discloses second breach in 2 months, hacked via stolen credentials (bleepingcomputer.com)
Social Media
EU Court Limits Meta's Use of Personal Facebook Data for Targeted Ads (thehackernews.com)
Social Media Accounts: The Weak Link in Organisational SaaS Security (thehackernews.com)
The Social Media Moral Panic Is All About Confusing Risks & Harms | Techdirt
Training, Education and Awareness
Cyber security Is Serious — but It Doesn't Have to Be Boring (darkreading.com)
Regulations, Fines and Legislation
From IT to Boardroom: NIS2 Reshapes Cyber Security Roles (databreachtoday.co.uk)
Marriott settles for $52M after years-long breaches • The Register
Cyber Security and Resilience Bill Update (techuk.org)
UK’s cyber incident reporting law to move forward in 2025 | Computer Weekly
Influential resource on international cyber law updated for 2024 (techxplore.com)
New EU law touts strict cyber security requirements for all connected and IoT devices | Cybernews
How to secure your business before new Cyber Security and Resilience Bill (businesscloud.co.uk)
NIS2 & DORA: Staying ahead of the curve | TechRadar
Risk managers call for EU cyber consistency (emergingrisks.co.uk)
EU retaliates against Russian ‘hybrid warfare’ with new regulations (brusselssignal.eu)
FCC Fines T-Mobile $31.5 Million After Carrier Was Hacked 8 Times In 5 Years | Techdirt
Balancing legal frameworks and enterprise security governance - Help Net Security
Risk Strategies Drawn From the EU AI Act (darkreading.com)
Medical Group Pays $240K Fine for 3 Ransomware Attacks (govinfosecurity.com)
Models, Frameworks and Standards
Meet the shared responsibility model with new CIS resources - Help Net Security
From IT to Boardroom: NIS2 Reshapes Cyber Security Roles (databreachtoday.co.uk)
NIS2 & DORA: Staying ahead of the curve | TechRadar
NIS2 & DORA: Staying ahead of the curve | TechRadar
DORA regulation's nuts and bolts - Help Net Security
Data Protection
Careers, Working in Cyber and Information Security
US CISO Compensation on the Rise, Report Finds | MSSP Alert
Banishing Burnout: Data Security Hangs in Balance in Cyber Wellbeing Crisis - IT Security Guru
CISO Paychecks: Worth the Growing Security Headaches? (darkreading.com)
Widening talent pool in cyber with on-demand contractors - Help Net Security
Imposter syndrome in cyber security | Pen Test Partners
Cyber security careers - BBC News
Career Spotlight: The Growing Demand for OT Security Experts (databreachtoday.co.uk)
6 Simple Steps to Eliminate SOC Analyst Burnout (thehackernews.com)
UK Cyber Team seeks future security professionals | Computer Weekly
Law Enforcement Action and Take Downs
British man arrested over hack-to-trade scheme using email password resets | ITPro
Ukrainian pleads guilty to operating Raccoon Stealer malware (bleepingcomputer.com)
Dutch cops reveal takedown of 'largest dark web market' • The Register
Homeland Security Blocked 500+ Ransomware Attacks Since 2021 (pymnts.com)
UK to Continue Disruptive Actions Targeting Cyber Crime (databreachtoday.co.uk)
Man pleads guilty to stealing over $37M worth of cryptocurrency (securityaffairs.com)
FBI created a crypto token so it could watch it being abused • The Register
Misinformation, Disinformation and Propaganda
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
MI5 Chief Warns of Cyber Threats to the UK - InfoRiskToday
DDoS attacks are on the rise, and are increasingly politically-motivated | TechRadar
Nation State Actors
China
MI5 Chief Warns of Cyber Threats to the UK - InfoRiskToday
The 30-year-old internet backdoor law that came back to bite | TechCrunch
Massive US security breach highlights danger of weakening encryption | Proton
Chinese cyber spies reportedly breached Verizon, AT&T • The Register
Illegal donations: how does dark money get into UK politics? | TBIJ (thebureauinvestigates.com)
OpenAI says it has disrupted 20-plus foreign influence networks in past year | CyberScoop
OpenAI says Chinese gang tried to phish its staff • The Register
Russia
MI5 Chief Warns of Cyber Threats to the UK - InfoRiskToday
DOJ seizes 41 Russian-controlled domains in cyber-espionage crackdown | CSO Online
European govt air-gapped systems breached using custom malware (bleepingcomputer.com)
NCSC issues fresh alert over wave of Cozy Bear activity | Computer Weekly
Microsoft: ‘relentless’ Russia-sponsored hacking group has been disrupted - Security - CRN Australia
Russia and Iran want ‘sustained mayhem’ in UK, MI5 warns
Major breach exposes every Dutch police officer: state-sponsored actor suspected | Cybernews
EU retaliates against Russian ‘hybrid warfare’ with new regulations (brusselssignal.eu)
US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity servers (bleepingcomputer.com)
Illegal donations: how does dark money get into UK politics? | TBIJ (thebureauinvestigates.com)
Google officially kicks Kaspersky antivirus software app off the Play Store | TechRadar
Pro-Russian cyber attacks hit Belgium for fourth consecutive day (belganewsagency.eu)
Kaspersky says it's closing down its UK office and laying off dozens | TechCrunch
Pro-Ukrainian Hackers Strike Russian State TV on Putin's Birthday (thehackernews.com)
Cyber Attack Group 'Awaken Likho' Targets Russian Government with Advanced Tools (thehackernews.com)
Iran
MI5 Chief Warns of Cyber Threats to the UK - InfoRiskToday
Russia and Iran want ‘sustained mayhem’ in UK, MI5 warns
Illegal donations: how does dark money get into UK politics? | TBIJ (thebureauinvestigates.com)
Earth Simnavaz Levies Advanced Cyber Attacks Against UAE and Gulf Regions | Trend Micro (US)
North Korea
North Korean Hackers Attacking US Organisations With Unique Hacking Tools (cybersecuritynews.com)
Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence
DDoS attacks are on the rise, and are increasingly politically-motivated | TechRadar
Leaked documents reveal British military’s secret assistance to Israeli army | Al Bawaba
What is spyware? And how do you protect yourself from it? | TechRadar
Tools and Controls
MSSP Market News: Survey Shows 62% of SOC Alerts are Ignored | MSSP Alert
How to protect data centres as Critical National Infrastructure (networkingplus.co.uk)
Cyber insurance demand to rise as new threats emerge, says Bloomberg Intelligence - Reinsurance News
45% of cyber security leaders are stressed about budget restraints | Security Magazine
Organisations are taking action towards cyber resilience: PwC - Reinsurance News
How the increasing demand for cyber insurance is changing the role of the CISO | CSO Online
Hackers Exploiting DNS Tunneling Service To Bypass Network Firewalls (cybersecuritynews.com)
Strengthening Cyber Security with NDR and EDR integration - SiliconANGLE
Setting Up Your Network Security? Avoid These 4 Mistakes (techrepublic.com)
Cyber security professionals are turning to AI as more lose control of detection tools | ZDNET
SOC teams are frustrated with their security tools - Help Net Security
Why Web Application Firewalls Are an Indispensable Part of the Security Stack (thefastmode.com)
Cyber security leaders still shaky about post-attack recovery, reports show | Healthcare IT News
How to Get Going with CTEM When You Don't Know Where to Start (thehackernews.com)
Cyber Security Is Serious — but It Doesn't Have to Be Boring (darkreading.com)
Other News
Study: 92% of Healthcare Firms Hit by Cyber Attacks This Year (inforisktoday.com)
Five percent of all Adobe Commerce and Magento stores hacked, researchers say | Cybernews
NCSC celebrates eight years as Horne blows in | Computer Weekly
Cyber security in an age of terror
Almost half of UK higher education institutions experience a cyber attack every week | TechRadar
London Fire Brigade block almost 340,000 cyber attacks (verdict.co.uk)
Healthcare's Grim Cyber Prognosis Requires Security Booster (darkreading.com)
Kaspersky says it's closing down its UK office and laying off dozens | TechCrunch
Building Cyber Resilience in SMBs With Limited Resources (darkreading.com)
Middle East, Turkey See Cyber Threats Rise (darkreading.com)
Modern payment systems: An effective way to reduce your attack surface | ITPro
Illegal donations: how does dark money get into UK politics? | TBIJ (thebureauinvestigates.com)
Cyber security tips for barristers, solicitors and legal... - NCSC.GOV.UK
Government launches cyber standard for local authorities | Computer Weekly
Reasons why MSPs are the future | Microscope (computerweekly.com)
Vulnerability Management
Vulnerabilities
Microsoft: Windows 11 22H2 Home and Pro reached end of servicing (bleepingcomputer.com)
CISA says critical Fortinet RCE flaw now exploited in attacks (bleepingcomputer.com)
Hackers Exploiting Veeam RCE Vulnerability to Deploy Ransomware (cybersecuritynews.com)
Five percent of all Adobe Commerce and Magento stores hacked, researchers say | Cybernews
UK telcos including BT at risk from DrayTek router vulnerabilities | Computer Weekly
Critical Apache Avro SDK RCE flaw impacts Java applications (securityaffairs.com)
PoC Exploit Released for Microsoft Office 0-day Flaw - CVE-2024-38200 (cybersecuritynews.com)
Single HTTP Request Can Exploit 6M WordPress Sites (darkreading.com)
Okta Classic customers told to check logs for sign-on bypass | SC Media (scworld.com)
Adobe Releases Security Updates for Multiple Products | CISA
Three new Ivanti CSA zero-day actively exploited in attacks (securityaffairs.com)
US, UK warn of Russian APT29 hackers targeting Zimbra, TeamCity servers (bleepingcomputer.com)
VMware NSX Vulnerabilities Allow Hackers To Execute Arbitrary Commands (cybersecuritynews.com)
Researchers discover 14 new DrayTek vulnerabilities | Security Magazine
WordPress LiteSpeed Cache plugin flaw could allow site takeover (securityaffairs.com)
Still running Windows 11 22H2? No more security fixes from Microsoft for you! (betanews.com)
Exploit code for critical GitLab auth bypass flaw released (CVE-2024-45409) - Help Net Security
Firefox Zero-Day Under Attack: Update Your Browser Immediately (thehackernews.com)
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.