Black Arrow Cyber Threat Briefing 16 August 2024
Welcome to this week’s Black Arrow Cyber Threat Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Top Cyber Stories of the Last Week
Business and Tech Consolidation Opens Doors for Cyber Criminals
A recent analysis highlights the rising cyber risks associated with increasing M&A activity, which grew by 36% in Q1 2024, and the consolidation of technology services where industries rely on single suppliers for critical platforms. These trends have significantly expanded potential points of failure for cyber attacks. High-profile incidents, such as the BlackCat group's attack on Change Healthcare, demonstrate the severe downstream impacts of breaches, including significant business interruptions and revenue loss. The report urges businesses to reassess their approach to cyber risk, emphasising the importance of resilience across interconnected systems and their extended supply chains.
High-Risk Cloud Exposures Surge Due to Rapid Service Growth
A recent report by Palo Alto Networks' Unit 42 reveals that organisations are introducing over 300 new digital services each month, contributing to nearly 32% of high or critical cloud exposures. The report highlights the complexity of the cyber security landscape, with 73% of high-risk exposures stemming from IT and networking infrastructure, business operations applications, and remote access services. Over 23% of these exposures involve critical IT and security infrastructure, leaving essential systems vulnerable to attacks. This rapid expansion of services makes it increasingly difficult for organisations to maintain a secure IT asset inventory, heightening the risk of exploitation.
69% of UK Small Businesses Currently Use Weak Passwords to Access Important Documents
A recent study by highlights concerning cyber security practices among UK small businesses, revealing that 69% use weak passwords for accessing crucial documents and internal platforms. The research, which analysed hundreds of small to mid-sized organisations, found that 47% lacked up-to-date anti-virus software, and 15% had no firewall protection against cyber attacks. Additionally, nearly half (48%) of these businesses do not offer cyber security awareness training to their employees, leaving them vulnerable to potential risks when using technology. These findings underscore significant gaps in basic cyber security measures within the sector.
DDoS Attacks Surge 46% in First Half of 2024
The first half of 2024 has seen a significant rise in Distributed Denial of Service (DDoS) attacks, with a 46% increase compared to the same period last year, reaching 445,000 attacks in Q2 2024.
A DDoS attack is like a digital traffic jam that blocks access to a website or online service. Imagine if thousands of people tried to enter a shop all at once, overwhelming the doors so no one could get in. In a DDoS attack, many computers, often controlled by hackers, flood a website with so much fake traffic that it can't handle the load. This makes the website slow down or even crash, preventing real users from accessing it. The goal of these attacks is usually to disrupt services, cause financial loss, or damage a company's reputation.
The increase in attack volumes and power underscores the growing threat posed by DDoS attacks, where even comparatively mild 300 Gbps attack can render an unprotected server unavailable, leading to reputational damage and loss of customers.
Six Ransomware Gangs Behind Over 50% of 2024 Attacks
A recent report by Palo Alto Networks' Unit 42 reveals that the ransomware landscape for 2024 is dominated by just six gangs. LockBit 3.0 remains the most active ransomware group in 2024, despite a law enforcement takedown six months ago. LockBit 3.0 accounted for 325 victims in the first half of 2024, leading the list of 53 ransomware groups tracked. The Play gang follows in second place with 155 victims, up from fourth place last year. Newcomer 8base ranked third with 119 victims, followed by Akira, BlackBasta and Medusa. Overall, Unit 42 observed a 4.3% year-over-year increase in ransomware activity, with 1,762 posts on leak sites in H1 2024.
Why Attacks Against Critical National Infrastructure are Such a Threat and How Governments are Responding
A recent analysis underscores the escalating threat posed by state-sponsored cyber attacks against critical national infrastructure (CNI), which includes vital systems such as energy grids, telecommunications networks, and water infrastructure. Notably, UK and US authorities have identified pro-Russian hacktivists targeting small-scale industrial control systems (ICS) in North America and Europe, leveraging techniques that pose physical risks to vulnerable and misconfigured operational technology (OT) environments. Historical precedents, such as the 2021 Colonial Pipeline ransomware attack and the breach of a Florida water treatment plant, illustrate the severe consequences of such incursions, which can cause physical damage and impact lives on a significant scale. The inherent vulnerabilities of outdated legacy systems, particularly in sectors like energy, exacerbate these risks, highlighting the urgent need for enhanced defence strategies and international cooperation.
Social Engineering Attacks Continue to Evolve, Here’s How to Keep Up
Social engineering attacks continue to evolve, having advanced significantly since the early days of phishing. Traditional tactics have been replaced by more sophisticated methods, such as Business Email Compromise (BEC), which surged by over 100% last year, causing losses exceeding $2.9 billion. Additionally, the rise of AI-generated attacks has further complicated detection, with 80% of organisations reporting exposure to such threats. Add to the list QR code phishing, vishing (voice phishing), baiting, pretexting, romance scams, deepfakes, etc., there is a clear need for adaptive security strategies focused on human behaviour, alongside more personalised and timely cyber security awareness training to combat these increasingly complex attacks.
How Phishing Attacks Adapt Quickly to Capitalise on Current Events
Egress reveals that 94% of businesses were impacted by phishing attacks in 2023, marking a 40% increase from the previous year. The surge in phishing is largely attributed to the rise of generative AI, which has simplified the creation of convincing malicious content, including deepfake videos. Additionally, Phishing as a Service (PhaaS) has enabled even unskilled attackers to launch sophisticated phishing campaigns with ease. These developments have made phishing more agile, allowing threat actors to quickly exploit unexpected events for high-impact attacks, significantly heightening the threat landscape.
MacOS is Increasingly Targeted by Threat Actors
A recent analysis highlights the growing interest of cyber threat actors in targeting macOS devices, challenging the long-held perception of Apple computers as more secure than Windows. While Windows holds a dominant market share of about 72%, with Apple at 15%, the increasing use of macOS in organisations, particularly in the SME sector, where Apple's share is 22.4%, has made it a more attractive target. From January 2023 to July 2024, over 40 threat actors were observed focusing on macOS, with 21 active in 2024 alone, indicating a rising trend in macOS-targeted malware. Despite Apple’s robust security measures, vulnerabilities continue to be exploited as macOS usage grows.
There’s a New Ransomware Gang on the Block, and it’s Exploiting the Human Element
A recent analysis by the Sophos X-Ops Incident Response team has identified a new ransomware threat actor, "Mad Liberator". The group only emerged in mid-July and is becoming known for targeting users of the remote-access application Anydesk. Unlike traditional ransomware gangs, Mad Liberator primarily focuses on data exfiltration, occasionally using encryption and double extortion tactics. The group has already targeted at least eight victims across various sectors and countries, pressuring them by posting stolen data on a leak site when ransoms are not paid. The methods used by Mad Liberator to gain initial access remain unclear, adding to the mystery surrounding this emerging threat.
What is Threat Intelligence?
A recent analysis highlights the growing importance of threat intelligence in cyber security strategies, as organisations face increasingly sophisticated and large-scale cyber threats. Threat intelligence involves collecting, analysing, and disseminating information on past, current, and potential future threats, drawing from sources like the dark web and industry-specific data. This intelligence enables proactive defence by allowing organisations to anticipate and mitigate attacks, optimise resources, and make informed decisions. It also supports compliance with cyber security regulations. The report categorises threat intelligence into strategic, tactical, operational, and technical types, each providing unique insights crucial for developing effective defence mechanisms.
New Cyber Security Laws ‘Could Double’ Number of Reported Breaches
A recent analysis by the Compliance Institute predicts a significant increase in reported data breaches and cyber crime incidents when the EU Digital Operational Resilience Act (DORA) takes effect in January. The new regulations will impose stricter standards on financial institutions across Europe, focusing on their ability to protect, detect, contain, and recover from ICT-related incidents. With DORA’s enhanced reporting obligations and detection requirements, the volume of reported incidents is expected to at least double, highlighting the urgent need for organisations to enhance their resilience and compliance efforts.
Why MFA Alone is not Enough: The Crucial Role of Security Awareness Training
A recent analysis highlights the increasing sophistication of phishing campaigns, with credential phishing accounting for 91% of active threats in 2023, a 67% rise from 2022. The effectiveness of these attacks is exacerbated in environments lacking Multi-Factor Authentication (MFA), as seen in the Change Healthcare breach, where stolen credentials compromised sensitive health data. While MFA and unique passwords are vital, they alone are insufficient; kits that enable attackers to bypass MFA, like Tycoon 2FA, illustrate that even these measures can be circumvented. The report underscores the importance of comprehensive cyber security strategies, including robust password management and ongoing security awareness training to empower employees as the first line of defence.
Sources:
https://www.helpnetsecurity.com/2024/08/16/technology-consolidation-risks/
https://www.infosecurity-magazine.com/news/high-risk-cloud-exposures-palo/
https://thehackernews.com/2024/08/ddos-attacks-surge-46-in-first-half-of.html
https://www.theregister.com/2024/08/13/lockbit_ransomware_stats/
https://thehackernews.com/2024/08/how-phishing-attacks-adapt-quickly-to.html
https://intel471.com/blog/macos-is-increasingly-targeted-by-threat-actors
https://cybernews.com/security/mad-liberator-new-ransomware-gang-exploiting-human-element/
https://securityboulevard.com/2024/08/what-is-threat-intelligence-3/
Governance, Risk and Compliance
What is Threat Intelligence? - Security Boulevard
Cyber Security's Real Challenge Is Communication, Not Just Technology (darkreading.com)
Effective Communication Is Key to Successful Cyber Security (govinfosecurity.com)
Flashpoint CEO: Cyber, physical security threats converging | TechTarget
How CIOs, CTOs, and CISOs view cyber risks differently - Help Net Security
AI governance and clear roadmap lacking across enterprise adoption | ZDNET
How leading CISOs build business-critical cyber cultures | CIO
It’s time to bring cyber into the boardroom - Anthony Quinn (scotsman.com)
How Outdated Security Measures Can Devastate Your Organisation - Security Boulevard
Threats
Ransomware, Extortion and Destructive Attacks
74% of ransomware victims were attacked multiple times in a year - Help Net Security
Six ransomware gangs behind over 50% of 2024 attacks • The Register
There’s a new ransomware gang on the block, and it’s exploiting the human element | Cybernews
STAC6451 Hackers Attacking Microsoft SQL Servers to Compromise Organisations (cybersecuritynews.com)
Infiltrating ransomware gangs on the dark web - CBS News
Ransomware Group BlackSuit Upgrades Capabilities | Silicon UK
FBI claims success in taking down another major ransomware group | TechRadar
‘Elite’ ransomware pioneer suspect charged after 9-year hunt • The Register
Black Basta-Linked Attackers Target Users with SystemBC Malware (thehackernews.com)
Unlearning the RaaS Model: How ransomware attacks are evolving | TechRadar
Ransomware Attacks on Industrial Firms Surged in Q2 2024 - SecurityWeek
Cyber crime group disables EDR software to launch RansomHub ransomware | SC Media (scmagazine.com)
July ransomware attacks slam public sector organisations | TechTarget
New Double-Extortion Ransomware Attacking Linux Machines (cybersecuritynews.com)
'Radar' ransomware group taken down by FBI - Tech Monitor
Suspected head of Reveton, Ransom Cartel RaaS groups arrested - Help Net Security
Ransomware Victims
Enzo Biochem penalized $4.5M over 2023 ransomware theft • The Register
The Washington Times newspaper claimed by Rhysida ransomware cartel | Cybernews
Swiss-based Schlatter says IT network affected by cyberattack - CNA (channelnewsasia.com)
Phishing & Email Based Attacks
Email Security Risk Remains Alarmingly High (informationsecuritybuzz.com)
Russia launching more sophisticated phishing attacks, new report finds | Russia | The Guardian
How Phishing Attacks Adapt Quickly to Capitalize on Current Events (thehackernews.com)
Why Business Email Compromise Scams Target B2B Relationships (pymnts.com)
Unlocking the Front Door: Phishing Emails Remain a Top Cyber Threat Despite MFA - SecurityWeek
How to spot phishing in the age of AI - IT Security Guru
Russians team up with young, English-speaking hackers for cyberattacks | 60 Minutes - CBS News
Scammers dupe chemical company into wiring $60 million - Help Net Security
Email Breach Report 2024: Vulnerable Names And Providers Exposed (informationsecuritybuzz.com)
Social engineering attacks continue to evolve – here’s how to keep up | SC Media (scmagazine.com)
Russia FSB cyber snoops linked to massive phishing campaign • The Register
Phishing via file-sharing services jumps 350%, warns Abnormal Security (techmonitor.ai)
Google raps APT42 for high-profile spear-phishing attacks • The Register
There's more than 25 ways to bypass a Secure Web Gateway • The Register
Russian hacking campaign targets rights groups, media, former US ambassador | CyberScoop
Beware of Phishing Campaign that Impersonates Google Safety Centre (cybersecuritynews.com)
Apple Intelligence is “a boomer dad” that reportedly prioritizes phishing emails | Cybernews
BEC
Why Business Email Compromise Scams Target B2B Relationships (pymnts.com)
Scammers dupe chemical company into wiring $60 million - Help Net Security
Chemical company Orion loses $60 million in business email compromise scam (therecord.media)
Other Social Engineering
There’s a new ransomware gang on the block, and it’s exploiting the human element | Cybernews
A new extortion crew, Mad Liberator, emerges on the scene • The Register
USPS Text Scammers Duped His Wife, So He Hacked Their Operation | WIRED
Social engineering attacks continue to evolve – here’s how to keep up | SC Media (scmagazine.com)
Artificial Intelligence
How to spot phishing in the age of AI - IT Security Guru
Why a 'Swiss cheese' approach is needed to combat deepfakes [Q&A] (betanews.com)
Microsoft Copilot Flaws Could Lead to Targeted Cyber Attacks (petri.com)
Cyber Security: The Impact Of AI On Today’s Businesses - Minutehack
Rogue AI is the Future of Cyber Threats | Trend Micro (US)
AI governance and clear roadmap lacking across enterprise adoption | ZDNET
X faces GDPR complaints for unauthorized use of data for AI training (bleepingcomputer.com)
Apple Intelligence is “a boomer dad” that reportedly prioritizes phishing emails | Cybernews
A world-first law in Europe is targeting artificial intelligence. Other countries can learn from it
Grok gets an impressive upgrade - and unchecked AI image generation apparently | ZDNET
74% of IT professionals worry AI tools will replace them - Help Net Security
Grammarly's new tool aims to detect AI-generated text. Here's how it works | ZDNET
2FA/MFA
Unlocking the Front Door: Phishing Emails Remain a Top Cyber Threat Despite MFA - SecurityWeek
Why MFA alone isn’t enough: The crucial role of security awareness training | TechRadar
Malware
Flaw in AMD Chips Can Be Exploited to Plant Malware That Survives OS Reinstalls | PCMag
Malware force-installs Chrome extensions on 300,000 browsers, patches DLLs (bleepingcomputer.com)
Black Basta-Linked Attackers Target Users with SystemBC Malware (thehackernews.com)
Malware Loaders Dominate Cyber Security Threats In 2024 (informationsecuritybuzz.com)
Mobile
How to Remove an Android Virus - Tech Advisor
Nearly All Google Pixel Phones Exposed by Unpatched Flaw in Hidden Android App | WIRED
Denial of Service/DoS/DDOS
DDoS attack volume rises, peak power reaches 1.7 Tbps - Help Net Security
DDoS Attacks Surge 46% in First Half of 2024, Gcore Report Reveals (thehackernews.com)
Internet of Things – IoT
Are Brain-Computer Interfaces at Risk of Mass Cyberattacks? | HackerNoon
Your Gym Locker May Be Hackable | WIRED
How Hackers Extracted the ‘Keys to the Kingdom’ to Clone HID Keycards | WIRED
Sonos Speaker Flaws Could Have Let Remote Hackers Eavesdrop on Users (thehackernews.com)
Ecovacs home robots can be hacked to spy on their owners, researchers say | TechCrunch
Data Breaches/Leaks
One of the worst data breaches in history just got worse | Digital Trends
Cyber attacks 2024: The biggest attacks of the first half of 2024 - Security Boulevard
Trump Campaign Blames Iranian Hack on Docs Leaked to Media (databreachtoday.co.uk)
Thousands of Corporate Secrets Were Left Exposed. This Guy Found Them All | WIRED
Almost 50 PII categories impacted in data breach at East Valley Institute of Technology | Cybernews
Hackers leak 2.7 billion data records with Social Security numbers (bleepingcomputer.com)
Kakao Pay shared over 40M users' data with China’s Alipay • The Register
Organised Crime & Criminal Actors
Cyber criminal Duo Attracts FBI Notice by Spending Big & Living Large (darkreading.com)
Russian Sentenced To 40 Months For Selling Stolen Data On Dark Web (informationsecuritybuzz.com)
Cyber threat actors evolve tactics - CIR Magazine
Megaupload Founder Kim Dotcom Gets Extradition to US, Claims 'I'm Not Leaving' | PCMag
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
43% of Meta ads based on UK prime minister are crypto scams (protos.com)
Insurance
Cyber insurance costs ease, but for how much longer? - Raconteur
Evolving threat landscape influencing cyber insurance market | TechTarget
Federal Cyber Insurance Policy for Cataclysmic Cyber Events Imminent | MSSP Alert
Supply Chain and Third Parties
Delta And Frontier Airlines Want Tech Companies To Pay Up For Losses (forbes.com)
The role of employee awareness in preventing supply chain attacks | TechRadar
X faces GDPR complaints for unauthorized use of data for AI training (bleepingcomputer.com)
Cloud/SaaS
Phishing via file-sharing services jumps 350%, warns Abnormal Security (techmonitor.ai)
Unfixed Microsoft Entra ID Authentication Bypass Threatens Hybrid IDs (darkreading.com)
Major GitHub repos leak access tokens putting code and clouds at risk | CSO Online
Outages
Delta And Frontier Airlines Want Tech Companies To Pay Up For Losses (forbes.com)
Encryption
NIST's Post-Quantum Cryptography Standards Are Here - IEEE Spectrum
Linux and Open Source
18-year-old browser bug still allows access to internal networks – Computerworld
Zero trust: How the ‘Jia Tan’ hack complicated open-source software | CyberScoop
New Double-Extortion Ransomware Attacking Linux Machines (cybersecuritynews.com)
Passwords, Credential Stuffing & Brute Force Attacks
Why MFA alone isn’t enough: The crucial role of security awareness training | TechRadar
Social Media
Fake X content warnings on Ukraine war, earthquakes used as clickbait (bleepingcomputer.com)
43% of Meta ads based on UK prime minister are crypto scams (protos.com)
Labour MPs begin quitting X over ‘hate and disinformation’ | X | The Guardian
Grok gets an impressive upgrade - and unchecked AI image generation apparently | ZDNET
Malvertising
43% of Meta ads based on UK prime minister are crypto scams (protos.com)
Training, Education and Awareness
Why MFA alone isn’t enough: The crucial role of security awareness training | TechRadar
The role of employee awareness in preventing supply chain attacks | TechRadar
Regulations, Fines and Legislation
New cyber security laws ‘could double’ number of reported breaches – The Irish Times
UN Approves Cyber Crime Treaty Despite Major Tech, Privacy Concerns (darkreading.com)
How Can Organisations Navigate SEC's Cyber Materiality Disclosures? (darkreading.com)
How to implement NIS2, Christoph Werkmeister, Hanna Hoffmann, Julia Utzerath (freshfields.com)
Enzo Biochem penalized $4.5M over 2023 ransomware theft • The Register
X faces GDPR complaints for unauthorized use of data for AI training (bleepingcomputer.com)
A world-first law in Europe is targeting artificial intelligence. Other countries can learn from it
Cyber Security In Healthcare: Regulation, Incentives Patient Safety (informationsecuritybuzz.com)
Models, Frameworks and Standards
NIST Releases First 3 Finalized Post-Quantum Encryption Standards | NIST
How to implement NIS2, Christoph Werkmeister, Hanna Hoffmann, Julia Utzerath (freshfields.com)
How UK firms can get ready for the implementation of NIS2 | Computer Weekly
X faces GDPR complaints for unauthorized use of data for AI training (bleepingcomputer.com)
Data Protection
X faces GDPR complaints for unauthorized use of data for AI training (bleepingcomputer.com)
Careers, Working in Cyber and Information Security
It's Time to Promote Security Talent From Within (darkreading.com)
Calls for lighter visa restrictions mount as UK tech faces talent shortfall | ITPro
Law Enforcement Action and Take Downs
FBI claims success in taking down another major ransomware group | TechRadar
‘Elite’ ransomware pioneer suspect charged after 9-year hunt • The Register
Cyber Criminal Duo Attracts FBI Notice by Spending Big & Living Large (darkreading.com)
Russian Sentenced To 40 Months For Selling Stolen Data On Dark Web (informationsecuritybuzz.com)
'Radar' ransomware group taken down by FBI - Tech Monitor
Suspected head of Reveton, Ransom Cartel RaaS groups arrested - Help Net Security
Misinformation, Disinformation and Propaganda
Multiple Iran groups step up US election influence efforts • The Register
Microsoft Report Exposes Iranian Cyber Warfare Targeting U.S. Election (fdd.org)
Tackling Disinformation Online With The Use Of Proper Tools (informationsecuritybuzz.com)
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Japan will launch DARPA-esque research institute for cyber warfare | Cybernews
Nation State Actors
Trump Leak Likely a Harbinger of More Interference to Come (databreachtoday.co.uk)
China
China-Backed Earth Baku Expands Cyber Attacks to Europe, Middle East, and Africa (thehackernews.com)
APT41 Spinoff Expands Chinese Actor's Scope Beyond Asia (darkreading.com)
Chinese hacking groups target Russian government, IT firms (bleepingcomputer.com)
Expanded attacks by Earth Baku detailed | SC Media (scmagazine.com)
China-linked cyber-spies infect Russian govt, IT sector • The Register
Russia
Russia launching more sophisticated phishing attacks, new report finds | Russia | The Guardian
Russians team up with young, English-speaking hackers for cyberattacks | 60 Minutes - CBS News
Russian cyber spies stole data and emails from UK government systems (securityaffairs.com)
Chinese hacking groups target Russian government, IT firms (bleepingcomputer.com)
Russia FSB cyber snoops linked to massive phishing campaign • The Register
Russian hacking campaign targets rights groups, media, former US ambassador | CyberScoop
Russian-Linked Hackers Target Eastern European NGOs and Media (thehackernews.com)
How the Kaspersky ban affects you and how to protect your data | Proton
Russia blocks Signal for 'violating' anti-terrorism laws (bleepingcomputer.com)
Russian Sentenced To 40 Months For Selling Stolen Data On Dark Web (informationsecuritybuzz.com)
Iran
Multiple Iran groups step up US election influence efforts • The Register
Microsoft Report Exposes Iranian Cyber Warfare Targeting U.S. Election (fdd.org)
Trump campaign said senior staffer hacked by Iran-backed APT | SC Media (scmagazine.com)
Google raps APT42 for high-profile spear-phishing attacks • The Register
Iran increases phishing attempts on U.S., Israeli targets | CyberScoop
North Korea
Beyond espionage – how the Lazarus Group is reshaping cyber security threats (securitybrief.co.nz)
North Korea stole technical data about key ROK military spy planes: Ruling party | NK News
South Korea says DPRK hackers stole spy plane technical data (bleepingcomputer.com)
Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence
Greece leaves spy services unchecked on Predator hacks – POLITICO
Tools and Controls
Why MFA alone isn’t enough: The crucial role of security awareness training | TechRadar
Unlocking the Front Door: Phishing Emails Remain a Top Cyber Threat Despite MFA - SecurityWeek
What is Threat Intelligence? - Security Boulevard
The role of employee awareness in preventing supply chain attacks | TechRadar
The Importance Of APIs/API Security In Financial Services (informationsecuritybuzz.com)
35% of exposed API keys still active, posing major security risks - Help Net Security
EDR testing: How to validate EDR tools | TechTarget
Cyber crime group disables EDR software to launch RansomHub ransomware | SC Media (scmagazine.com)
Taming Identity Sprawl With A Least Privilege Approach (informationsecuritybuzz.com)
Effective Communication Is Key to Successful Cyber Security (govinfosecurity.com)
A deep dive into multi-stage attacks and the need for complete visibility | TechRadar
Three ways a cyber-resilient approach can keep your data safe | TechRadar
Flashpoint CEO: Cyber, physical security threats converging | TechTarget
The 5 Different Types of Firewalls Explained (techtarget.com)
Evolving threat landscape influencing cyber insurance market | TechTarget
There's more than 25 ways to bypass a Secure Web Gateway • The Register
AI In Cyber Security: Can We Trust It? | MSSP Alert
How to select an MDR security service | TechTarget
Student raised security concerns in Mobile Guardian MDM weeks before cyberattack | TechCrunch
Federal Cyber Insurance Policy for Cataclysmic Cyber Events Imminent | MSSP Alert
Cyber Security: The Impact Of AI On Today’s Businesses - Minutehack
Apple Intelligence is “a boomer dad” that reportedly prioritizes phishing emails | Cybernews
AI/ML's Role in Cyber Security: Balancing Innovation, Safety (inforisktoday.com)
Other News
We are gradually becoming inured to technological messes – The Irish Times
Aware of what tech debt costs them, CIOs still can’t make it an IT priority | CIO
Why attacks against critical national infrastructure (CNI) are such a threat | ITPro
Three ways a cyber-resilient approach can keep your data safe | TechRadar
Flashpoint CEO: Cyber, physical security threats converging | TechTarget
Britain moves to tamper down cyber security row | SC Media (scmagazine.com)
The impact of cyber crime on modern businesses in Europe - Emerging Europe (emerging-europe.com)
Global Aviation Cyber Risk Landscape 2024 (airtrafficmanagement.net)
Media and entertainment firms are being hit with more cyberattacks than ever | TechRadar
What the Delta-Crowdstrike lawsuit may mean for IT contracts | TechTarget
Delta vs. CrowdStrike: The duties vendors owe to customers - or do they? - Help Net Security
How the Kaspersky ban affects you and how to protect your data | Proton
Cyber Security In Healthcare: Regulation, Incentives Patient Safety (informationsecuritybuzz.com)
US considers breaking up Google after illegal monopoly ruling, reports say | Google | The Guardian
Vulnerability Management
Tackling Vulnerabilities & Errors Head-on for Proactive Security (darkreading.com)
Easterly: Cyber security is a software quality problem | CyberScoop
A Lesson From the CrowdStrike Incident (darkreading.com)
Zero trust: How the ‘Jia Tan’ hack complicated open-source software | CyberScoop
Lessons learned from CrowdStrike's automation errors | TechTarget
Vulnerabilities
Microsoft August 2024 Patch Tuesday fixes 9 zero-days, 6 exploited (bleepingcomputer.com)
Microsoft discloses Office zero-day, still working on a patch (bleepingcomputer.com)
Microsoft Office Apps Provide a New Path for Hackers (howtogeek.com)
0-Click Outlook Vulnerability Triggred RCE When Email is Opened (cybersecuritynews.com)
Fortinet, Zoom Patch Multiple Vulnerabilities - SecurityWeek
18-year-old browser bug still allows access to internal networks – Computerworld
Researchers Uncover 10 Flaws in Google's File Transfer Tool Quick Share (thehackernews.com)
Open Source Firewall pfsense Vulnerable to Remote Code Execution Attacks (cybersecuritynews.com)
Microsoft Copilot Flaws Could Lead to Targeted Cyberattacks (petri.com)
Worried about the Windows BitLocker recovery bug? 6 things you need to know | ZDNET
Former Microsoft security architect showcases 15 different ways to break Copilot | Windows Central
Adobe Calls Attention to Massive Batch of Code Execution Flaws - SecurityWeek
Chipmaker Patch Tuesday: Intel, AMD Address Over 110 Vulnerabilities - SecurityWeek
SolarWinds addressed a critical RCE in all Web Help Desk versions (securityaffairs.com)
Attacks Leveraging Windows SmartScreen Bypass Flaw Deployed Since March | MSSP Alert
Palo Alto Networks Patches Unauthenticated Command Execution Flaw in Cortex XSOAR - SecurityWeek
FreeBSD Releases Urgent Patch for High-Severity OpenSSH Vulnerability (thehackernews.com)
Ivanti warns of critical vTM auth bypass with public exploit (bleepingcomputer.com)
SAP Patches Critical Vulnerabilities in BusinessObjects, Build Apps - SecurityWeek
Post-Exploitation Technique After Hacking Ivanti, Fortigate VPN Servers (cybersecuritynews.com)
GitHub Vulnerability 'ArtiPACKED' Exposes Repositories to Potential Takeover (thehackernews.com)
Microsoft Reveals Four OpenVPN Flaws Leading to Potential RCE and LPE (thehackernews.com)
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
As usual, contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.