Black Arrow Cyber Threat Briefing 16 June 2023
Welcome to this week’s Black Arrow Cyber Threat Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Top Cyber Stories of the Last Week
Hacker Gang Clop Deploys Extortion Tactics Against Global Companies
The Russian-speaking gang of hackers that compromised UK groups such as British Airways and the BBC has claimed it has siphoned off sensitive data from more institutions including US-based investment firms, European manufacturers and US universities. Eight other companies this week made it onto Clop’s list on the dark web. That adds to the news last week that UK groups, including Walgreens-owned Boots, informed employees that their data had been compromised. The issue also targeted customers of Zellis, a UK-based payroll provider that about half of the companies on the FTSE 100 use.
The hacking group is pushing for contact with the companies on the list, according to a post on Clop’s dark web site, as the gang demands a ransom that cyber security experts and negotiators said could be as much as several million dollars.
https://www.ft.com/content/c1db9c5c-cdf1-48bc-8e6b-2c2444b66dc9
Social Engineering Drives BEC Losses to $50B Globally
Business email compromise (BEC) continues to evolve on the back of sophisticated targeting and social engineering, costing businesses worldwide more than $50 billion in the last 10 years - a figure that reflected a growth in business losses to BEC of 17% year-over-year in 2022, according to the FBI.
Security professionals attribute BEC's continued dominance in the cyber threat landscape to several reasons. A key one is that attackers have become increasingly savvy in how to socially-engineer messages so that they appear authentic to users, which is the key to being successful at this scam. And with the increase in availability of artificial intelligence, the continued success of BEC means these attacks are here to stay. Organisations will be forced to respond with even stronger security measures, security experts say.
https://www.darkreading.com/threat-intelligence/social-engineering-drives-bec-losses-to-50b-globally
Creating A Cyber Conscious Culture—It Must Be Driven from the Top
Businesses are facing more frequent and sophisticated cyber threats and they must continuously learn new ways to protect their revenues, reputation and maintain regulatory compliance. With hybrid and remote working blurring traditional security perimeters and expanding the attack surface, the high volumes of sensitive information held by organisations are at increased risk of cyber attacks.
The increase had led to cyber elevating to the board level; after all the board is responsible for cyber security. It doesn’t stop there however, as everyone in an organisation has responsibility for upholding cyber security. The board must aim to create a cyber-conscious culture, where users are aware of their role in cyber security. One important way such a culture can be achieved is through providing regular education and training to all users.
Artificial Intelligence is Coming to Windows: Are Your Security Policy Settings Ready?
What’s in your Windows security policy? Do you review your settings on an annual basis or more often? Do you provide education and training regarding the topics in the policy? Does it get revised when the impact of an incident showcases that an internal policy violation led to the root cause of the issue? And, importantly, do you have a security policy that includes your firm’s overall policies around the increasing race towards artificial intelligence, which is seemingly in nearly every application released these days?
From word processing documents to the upcoming enhancements to Windows 11, which will include AI prompting in the Explorer platform, organisations should review how they want their employees to treat customer data or other confidential information when using AI platforms. Many will want to build limits and guidelines into their security plans that specify what is allowed to be entered into platforms and websites that may store or share the information online. However, confidential information should not be included in any application that doesn’t have clearly defined protections around the handling of such data. The bottom line is that AI is coming to your network and your desktop sooner than you think. Build your policies now and review your processes to determine if you are ready for it today.
Cyber Crooks Targeting Employees, Organisations Fight Back with Training Programs
Cyber criminals are increasingly targeting an organisation’s employees, figuring to trick an untrained staffer to click on a malicious link that starts a malware attack, Fortinet said in a newly released study of security awareness and training.
More than 80% of organisations faced malware, phishing and password attacks last year, which were mainly targeted at users. This underscores that employees can be an organisation’s weakest point or one of its most powerful defences.
Fortinet’s research revealed that more than 90% of the survey’s respondents believe that increased employee cyber security awareness would help decrease the occurrence of cyber attacks. As organisations face increasing cyber risks, employees serving as an organisation’s first line of defence in protecting their organisation from cyber crime becomes of paramount importance.
Massive Phishing Campaign Uses 6,000 Sites to Impersonate 100 Brands
A widespread brand impersonation campaign targeting over a hundred popular apparel, footwear, and clothing brands has been underway since June 2022, tricking people into entering their account credentials and financial information on fake websites. The brands impersonated by the phony sites include Nike, Puma, Asics, Vans, Adidas, Columbia, Superdry, Converse, Casio, Timberland, Salomon, Crocs, Sketchers, The North Face and others.
A recent report found the campaign relies on at least 3,000 domains and roughly 6,000 sites, including inactive ones. The campaign had a significant activity spike between January and February 2023, adding 300 new fake sites monthly. The domain names follow a pattern of using the brand name together with a city or country, followed by a generic TLD such as ".com." Additionally, any details entered on the checkout pages, most notably the credit card details, may be stored by the website operators and resold to cyber criminals.
Over One in Ten Brits are Willing to Engage in ‘Illegal or Illicit’ Online Behaviour
A recent study found that 11% of Brits were tempted to engage in ‘illegal or illicit online behaviour’ in order to help manage the fallout from the cost of living crisis. This statistic becomes even more concerning when focused on younger people, with almost a quarter of 25–35 year old respondents (23%) willing to consider illegal or illicit online activity. Of those willing to engage in this kind of behaviour, 56% suggested it was because they are desperate and struggling to get by, and need to find alternative means of supporting their families.
Nearly half (47%) of UK business leaders believe their organisation has been at a greater risk of attack since the start of the cost-of-living crisis. Against this backdrop, many SME business leaders are understandably worried about the impact on employees. Of those who think their organisation is more exposed to attack, 38% believe it’s due to malicious insiders and 35% to overworked and distracted staff making mistakes. Organisations not doing so already, should look to incorporate insider threat into their security plans. Insider threat should focus on areas such as regular education and monitoring and detection.
The report found that 44% of respondents have also noticed an uptick in online scams hitting their inboxes since the cost of living crisis began in late 2021/early 2022. Another worrying finding is that this uptick is proving devastatingly effective for scammers: over one in ten (13%) of UK respondents have already been scammed since the cost of living crisis began. This rises to a quarter (26%) of respondents in the 18-25 age range, reflecting a hyper-online lifestyle and culture that scammers can work to exploit effectively.
https://www.infosecurity-magazine.com/news/costofliving-crisis-drives-insider/
Microsoft Office 365 Phishing Reveals Signs of Much Larger BEC Campaign
Recently, Microsoft discovered multi-stage adversary-in-the-middle (AitM) phishing and business email compromise (BEC) attacks against banking and financial services organisations. The attackers are successfully phishing employees’ accounts with fake Office 365 domains. This allows them to bypass authentication, exfiltrate data and send further phishing emails against other employees and several targeted external organisations. In some cases, threat actors have registered their own device to the employee’s account, to evade MFA defences and achieve persistent access.
https://securityaffairs.com/147327/hacking/aitm-bec-attacks.html
https://thehackernews.com/2023/06/adversary-in-middle-attack-campaign.html
Europol Warns of Metaverse and AI Terror Threat
New and emerging technologies like conversational AI, deepfakes and the metaverse could be utilised by terrorists and extremists to radicalise and recruit converts to their cause, Europol has warned. The report stated that the online environment lowers the bar for entering the world of terrorism and extremism, broadens the range of people that can become exposed to radicalisation and increases the unpredictability of terrorism and extremism.
Europol also pointed to the potential use of deepfakes, augmented reality and conversational AI to enhance the efficiency of terrorist propaganda. Both these technologies and internet of things (IoT) tools can also be deployed in more practical tasks such as the remote operation of vehicles and weapons used in attacks or setting up virtual training camps. Digital currencies are also playing a role in helping to finance such groups while maintaining the anonymity of those contributing the funding, Europol said.
https://www.infosecurity-magazine.com/news/europol-warns-metaverse-and-ai/
What is AI, and is it Dangerous?
Recently, we saw the release of the first piece of EU regulation on AI. This comes after a significant rise in the usage of tools such as ChatGPT. Such tools allow for even those with limited technical ability to perform sophisticated actions. In fact, usage has risen 44% over the last three months alone, according to a report.
Rather worryingly, there is a lack of governance on the usage of AI, and this extends to how AI is used within your own organisation. Whilst the usage can greatly improve actions performed within an organisation, the report found that 6% of employees using AI had pasted sensitive company data into an AI tool. Would your organisation know if this happened, and how damaging could it be to your organisation if this data was to be leaked? Continuous monitoring, risk analysis and real-time governance can help aid an organisation in having an overview of the usage of AI.
https://www.bbc.co.uk/news/technology-65855333
https://thehackernews.com/2023/06/new-research-6-of-employees-paste.html
Cyber Liability Insurance Vs. Data Breach Insurance: What's the Difference?
With an ever-increasing number of cyber security threats and attacks, companies are becoming motivated to protect their businesses and customer data both technically and financially. Finding the right insurance has become a key part of the security equation.
Companies looking to protect themselves have most likely heard the terms “cyber liability insurance” and “data breach insurance.” Put simply, cyber liability insurance refers to coverage for third-party claims asserted against a company stemming from a network security event or data breach. Data breach insurance, on the other hand, refers to coverage for first-party losses incurred by the insured organisation that has suffered a loss of data.
Exploring the Dark Web: Hitmen for Hire and the Realities of Online Activities
The dark web makes up a significant portion of the internet. Access can be gained through special browser, TOR, also known as the onion Router. The service bounces around IP addresses, constantly changing to protect the anonymity of the user.
This dark web contains an array of activities and sites, which include hitmen for hire, drugs for sale, and stolen credit card databases amongst others. Sometimes these aren’t real however, and are actually a trap to steal money from users on the basis that these users are unlikely to report it to law enforcement when the victim was trying to break the law in the first place. What we do know however, is that the dark web contains a plethora of information, and this could include data from your organisation.
Governance, Risk and Compliance
Creating A Cyber-Conscious Culture—It Must Be Driven From The Top (forbes.com)
Most businesses vulnerable to attacks on the cyber battlefield - The Globe and Mail
10 Important Security Tasks You Shouldn't Skip (darkreading.com)
Enhancing security team capabilities in tough economic times - Help Net Security
Ignoring digital transformation is more dangerous than a recession - Help Net Security
Ransomware Insurance: Security Strategies to Obtain Coverage (trendmicro.com)
Lax security measures, sophisticated hackers reason for rise in cyber breaches (ewn.co.za)
Cyber Crooks Targeting Employees, Organisations Fight Back with Training Programs - MSSP Alert
Cyber liability insurance vs. data breach insurance: What's the difference? | CSO Online
Red teaming can be the ground truth for CISOs and execs - Help Net Security
Threats
Ransomware, Extortion and Destructive Attacks
CL0P Ransomware Gang Hits Multiple Governments, Businesses in Wide-Scale Attack - MSSP Alert
How Continuous Monitoring and Threat Intel Can Help Prevent Ransomware (darkreading.com)
Researchers Report First Instance of Automated SaaS Ransomware Extortion (darkreading.com)
Why Critical Infrastructure Remains a Ransomware Target (darkreading.com)
Ransomware Insurance: Security Strategies to Obtain Coverage (trendmicro.com)
CISA: LockBit ransomware extorted $91 million in 1,700 US attacks (bleepingcomputer.com)
Microsoft links data wiping attacks to new Russian GRU hacking group (bleepingcomputer.com)
To Fight Cyber Extortion and Ransomware, Shift Left (trendmicro.com)
Ransomware Hackers and Scammers Utilizing Cloud Mining to Launder Cryptocurrency (thehackernews.com)
Russian ransomware hacker extorted tens of millions, says DOJ (cnbc.com)
Ransomware Victims
Ofcom, Minnesota Dept of Ed among latest MOVEit victims • The Register
Confidential data downloaded from UK regulator Ofcom in cyber attack (therecord.media)
Oil and gas giant Shell confirms it was impacted by Clop ransomware attacks (therecord.media)TfL warns 13,000 staff that it was raided by Russian hackers (telegraph.co.uk)
Russian hackers steal data on thousands of Ulez drivers (telegraph.co.uk)
An Illinois hospital links closure to ransomware attack (nbcnews.com)
US energy department, other agencies hit in global hacking spree | Reuters
iTWire - Financial services firm FIIG hit by cyber attack, ALPHV claims credit
Xplain data breach also impacted national Swiss railway FSS - Security Affairs
Rhysida ransomware leaks documents stolen from Chilean Army (bleepingcomputer.com)
Phishing & Email Based Attacks
Microsoft Office 365 AitM phishing reveals signs of much larger BEC campaign | CSO Online
Adversary-in-the-Middle Attack Campaign Hits Dozens of Global Organisations (thehackernews.com)
Log4J exploits may rise further as Microsoft continues war on phishing | ITPro
Popular Apparel, Clothing Brands Being Used in Massive Phishing Scam (darkreading.com)
Massive phishing campaign uses 6,000 sites to impersonate 100 brands (bleepingcomputer.com)
BEC – Business Email Compromise
Microsoft warns of multi-stage AiTM phishing and BEC attacks - Security Affairs
Analysis: Social Engineering Drives BEC Losses to $50B Globally (darkreading.com)
Other Social Engineering; Smishing, Vishing, etc
Artificial Intelligence
New Research: 6% of Employees Paste Sensitive Data into GenAI tools as ChatGPT (thehackernews.com)
Artificial intelligence is coming to Windows: Are your security policy settings ready? | CSO Online
Europol Warns of Metaverse and AI Terror Threat - Infosecurity Magazine (infosecurity-magazine.com)
How Europe is Leading the World in the Push to Regulate AI - SecurityWeek
AI is moving too fast to regulate, security minister warns (telegraph.co.uk)
AI to render humans 'second most intelligent creations' | ITWeb
LLM meets Malware: Starting the Era of Autonomous Threat - Security Affairs
What is AI, is it dangerous and what jobs are at risk? - BBC News
Calculations Suggest It'll Be Impossible to Control a Super-Intelligent AI : ScienceAlert
2FA/MFA
Multi-Factor Authentication Usage Nearly Doubles Since 2020, New Okta Report Finds - MSSP Alert
Small organisations outpace large enterprises in MFA adoption - Help Net Security
Malware
New SPECTRALVIPER Backdoor Targeting Vietnamese Public Companies (thehackernews.com)
New Loader Delivering Spyware via Image Steals Cryptocurrency Info (darkreading.com)
Pirated Windows 10 ISOs install clipper malware via EFI partitions (bleepingcomputer.com)
Chinese hackers use DNS-over-HTTPS for Linux malware communication (bleepingcomputer.com)
Fake zero-day PoC exploits on GitHub push Windows, Linux malware (bleepingcomputer.com)
LLM meets Malware: Starting the Era of Autonomous Threat - Security Affairs
New ‘Shampoo’ Chromeloader malware pushed via fake warez sites (bleepingcomputer.com)
Russian hackers use PowerShell USB malware to drop backdoors (bleepingcomputer.com)
Fake Security Researcher Accounts Pushing Malware Disguised as Zero-Day Exploits - SecurityWeek
Vidar Malware Using New Tactics to Evade Detection and Anonymize Activities (thehackernews.com)
Mobile
Denial of Service/DoS/DDOS
Microsoft’s Azure portal down following new claims of DDoS attacks (bleepingcomputer.com)
DOS Attacks Dominate, but System Intrusions Cause Most Pain (darkreading.com)
Swiss government warns of ongoing DDoS attacks, data leak (bleepingcomputer.com)
IoT Botnet DDoS Attacks Threaten Global Telecom Networks, Nokia (hackread.com)
10 Different Types of DDoS Attacks and How to Prevent Them (geekflare.com)
Exclusive: Inside FXStreet's DDoS Attack (financemagnates.com)
Internet of Things – IoT
IoT Botnet DDoS Attacks Threaten Global Telecom Networks, Nokia (hackread.com)
How secure is your vehicle with digital key technology? - Help Net Security
Flipper Zero “Smoking” A Smart Meter Is A Bad Look For Hardware Hackers | Hackaday
Data Breaches/Leaks
Another huge US medical data breach confirmed after Fortra mass-hack | TechCrunch
New Research: 6% of Employees Paste Sensitive Data into GenAI tools as ChatGPT (thehackernews.com)
Top 10 cyber security findings from Verizon's 2023 data breach report | VentureBeat
Xplain data breach also impacted national Swiss railway FSS - Security Affairs
Examining the long-term effects of data privacy violations - Help Net Security
A Massive Vaccine Database Leak Exposes IDs of Millions of Indians | WIRED
Swiss Fear Government Data Stolen in Cyber attack - SecurityWeek
Ofcom, Minnesota Dept of Ed among latest MOVEit victims • The Register
Have I Been Pwned warns of new Zacks data breach impacting 8 million (bleepingcomputer.com)
Organised Crime & Criminal Actors
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Hackers steal $3 million by impersonating crypto news journalists (bleepingcomputer.com)
Beware: 1,000+ Fake Cryptocurrency Sites Trap Users in Bogus Rewards Scheme (thehackernews.com)
New Loader Delivering Spyware via Image Steals Cryptocurrency Info (darkreading.com)
Cryptocurrency Attacks Quadrupled as Cyber criminals Cash In (darkreading.com)
Ransomware Hackers and Scammers Utilizing Cloud Mining to Launder Cryptocurrency (thehackernews.com)
Insider Risk and Insider Threats
Cyber Crooks Targeting Employees, Organisations Fight Back with Training Programs - MSSP Alert
Insider Threat Vs Outsider Threat: Which Is Worse? (informationsecuritybuzz.com)
Fraud, Scams & Financial Crime
Impersonation Attacks
Insurance
Ransomware Insurance: Security Strategies to Obtain Coverage (trendmicro.com)
Cyber liability insurance vs. data breach insurance: What's the difference? | CSO Online
Dark Web
Supply Chain and Third Parties
Cloud/SaaS
SaaS Ransomware Attack Hit Sharepoint Online Without Using a Compromised Endpoint - SecurityWeek
New MOVEit Transfer critical flaws found after security audit, patch now (bleepingcomputer.com)
Seven steps for using zero trust to protect your multicloud • The Register
New cloud security guidance: it's all about the config - NCSC.GOV.UK
Microsoft keeps quiet on talk of possible Azure DDoS attack • The Register
Encryption
Open Source
Chinese hackers use DNS-over-HTTPS for Linux malware communication (bleepingcomputer.com)
Fake zero-day PoC exploits on GitHub push Windows, Linux malware (bleepingcomputer.com)
Passwords, Credential Stuffing & Brute Force Attacks
Thoughts on scheduled password changes (don’t call them rotations!) – Naked Security (sophos.com)
Microsoft misused our dark web data, says security vendor • The Register
RDP honeypot targeted 3.5 million times in brute-force attacks (bleepingcomputer.com)
Want to be hacked? Just make these password mistakes | Tom's Guide (tomsguide.com)
Training, Education and Awareness
Digital Transformation
Regulations, Fines and Legislation
AI is moving too fast to regulate, security minister warns (telegraph.co.uk)
Ofcom, Minnesota Dept of Ed among latest MOVEit victims • The Register
Confidential data downloaded from UK regulator Ofcom in cyber attack (therecord.media)
Yet more direct calling fiends fined by UK's data watchdog • The Register
How Europe is Leading the World in the Push to Regulate AI - SecurityWeek
Feds extend deadline for software security attestations • The Register
Models, Frameworks and Standards
Data Protection
Careers, Working in Cyber and Information Security
Law Enforcement Action and Take Downs
Privacy, Surveillance and Mass Monitoring
Examining the long-term effects of data privacy violations - Help Net Security
Strava heatmap feature can be abused to find home addresses (bleepingcomputer.com)
US Intelligence Has Admitted Amassed Data on 'Nearly Everyone' (gizmodo.com)
Feds Say Facial Recognition IDed Bosnian War Criminal Miljkovic (gizmodo.com)
Spyware, Cyber Espionage & Cyber Warfare, including Russian Invasion of Ukraine
Putin’s little cyber helpers turn their sights on the UK (telegraph.co.uk)
Russia-Ukraine war sending shockwaves into cyber-ecosystem • The Register
Ukrainian hackers take down service provider for Russian banks (bleepingcomputer.com)
RomCom Threat Actor Targets Ukrainian Politicians, US Healthcare (darkreading.com)
Pro-Russian hackers step up attacks against Swiss targets, authorities say | Reuters
Russian hackers steal data on thousands of Ulez drivers (telegraph.co.uk)
Microsoft links data wiping attacks to new Russian GRU hacking group (bleepingcomputer.com)
Russian hackers use PowerShell USB malware to drop backdoors (bleepingcomputer.com)
Pro-Russian Hackers Target Website of Europe’s Largest Port in Rotterdam - Bloomberg
Russia-linked APT Gamaredon update TTPs in recent attacks against Ukraine - Security Affairs
Russia-backed hackers unleash new USB-based malware on Ukraine’s military | Ars Technica
Nation State Actors
Chinese hackers use DNS-over-HTTPS for Linux malware communication (bleepingcomputer.com)
Iran's 'quantum processor' turned out to be a $600 dev board | PC Gamer
China-based threat actors target UIDAI, AIIMS, ICMR: Govt advisory (moneycontrol.com)
Subsea cables: how the US is pushing China out of the internet’s plumbing
Ukraine information sharing a model for countering China, top cyber official says | CyberScoop
Chinese Threat Actor Abused ESXi Zero-Day to Pilfer Files From Guest VMs (darkreading.com)
North Korea created evil twin of South Korea's Naver.com • The Register
Behind the Scenes Unveiling the Hidden Workings of Earth Preta (trendmicro.com)
Gloucester: Russian hackers behind cyber-attack on council - BBC News
Critical Barracuda ESG Zero-Day Linked to Novel Chinese APT (darkreading.com)
Russian ransomware hacker extorted tens of millions, says DOJ (cnbc.com)
Vulnerability Management
Vulnerabilities
Third Flaw Uncovered in MOVEit Transfer App Amidst Cl0p Ransomware Mass Attack (thehackernews.com)
Bitwarden update corrects password manager access vulnerability on Windows - gHacks Tech News
Fortinet: Patched Critical Flaw May Have Been Exploited (darkreading.com)
Bitwarden update corrects password manager access vulnerability on Windows - gHacks Tech News
CISA orders federal agencies to secure Internet-exposed network devices (bleepingcomputer.com)
Microsoft June 2023 Patch Tuesday fixes 78 flaws, 38 RCE bugs (bleepingcomputer.com)
Log4J exploits may rise further as Microsoft continues war on phishing | ITPro
New Critical Google Chrome Payments Security Issue Confirmed (forbes.com)
Critical Security Vulnerability Discovered in WooCommerce Stripe Gateway Plugin (thehackernews.com)
VMware fixes critical flaws in Aria Operations for Networks (CVE-2023-20887) - Help Net Security
US energy department, other agencies hit in global hacking spree | Reuters
Tools and Controls
Ignoring digital transformation is more dangerous than a recession - Help Net Security
Cyber Crooks Targeting Employees, Organisations Fight Back with Training Programs - MSSP Alert
Cyber liability insurance vs. data breach insurance: What's the difference? | CSO Online
Red teaming can be the ground truth for CISOs and execs - Help Net Security
How Continuous Monitoring and Threat Intel Can Help Prevent Ransomware (darkreading.com)
What is Dark Web Monitoring and How Does It Work? | Trend Micro News
New cloud security guidance: it's all about the config - NCSC.GOV.UK
Why Now? The Rise of Attack Surface Management (thehackernews.com)
Exploring the All-Time Best Book for Ethical Hacking – Codelivly
Enhancing security team capabilities in tough economic times - Help Net Security
Small organisations outpace large enterprises in MFA adoption - Help Net Security
MSSQL makes up 93% of all activity on honeypots tracking 10 databases | SC Media (scmagazine.com)
5 best practices to ensure the security of third-party APIs | CSO Online
Multi-Factor Authentication Usage Nearly Doubles Since 2020, New Okta Report Finds - MSSP Alert
Reports Published in the Last Week
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
As usual, contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.