Black Arrow Cyber Threat Briefing 20 September 2024
Welcome to this week’s Black Arrow Cyber Threat Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Top Cyber Stories of the Last Week
Cyber Threats and AI Disruption Top Business Risks for 2024
Global law firm Clyde & Co's latest corporate risk radar report highlights that 76% of business leaders now view cyber threats as their primary technological concern. Regulatory scrutiny is considered a growing operational threat by 43% of leaders, due to an influx of new initiatives and inconsistent regulations. People-related challenges rank as the second-highest impact risk, identified by 58% of leaders as a threat to multinational operations. Notably, climate change has dropped from sixth to ninth in the global risk hierarchy, reflecting the increased urgency of other issues. Additionally, 29% of business leaders have identified disruption caused by artificial intelligence as a significant high-impact risk for the first time. The report emphasises the need for comprehensive risk planning and employee training to enhance security and resilience in today's volatile environment.
Half of UK Firms Lack Basic Cyber Security Skills
Recent government findings indicate that 44% of UK businesses have skills gaps in basic technical cyber security areas. Among the 637,000 businesses examined, 27% lack advanced skills such as penetration testing. Incident management skills gaps have risen sharply from 27% in 2020 to 48% in 2024. The Department for Science, Innovation & Technology (DSIT) reported that despite increased supply, a significant skills gap persists. Nearly half of businesses who do not outsource incident management are not confident in handling a cyber security breach. Employers and recruiters also believe that AI will impact the cyber skills landscape, potentially leading to job losses due to automation and a need for new skills to work with AI tools.
Beyond A Buzzword: What Resilience in Cyber Really Means
Cyber resilience is now essential for organisations of all sizes, as cyber attacks have become inevitable. Resilience involves not only preventing breaches but also minimising damage and swiftly restoring operations, requiring a shift towards adaptive threat management with quick detection and response. This year’s International Cyber Expo Global Cyber Summit highlighted that leaders are focusing on integrating employees into security frameworks and policies, as well as fostering a supportive work environment to prevent burnout among cyber security professionals. Diversity and community were noted as key factors in building resilient teams capable of innovative problem-solving. Achieving true cyber resilience is a balancing act between protecting organisational assets and ensuring the wellbeing of the workforce.
Do Boards Understand Their New Role in Cyber Security?
Research reveals that over 90% of cyber security incidents originate from human action, underscoring the critical role of boards in governing cyber security risk. However, many board members view cyber security as a purely technical issue, overly focusing on tools rather than strategic oversight. Boards are encouraged to upskill on cyber risks, strategically prioritising investments and understanding their roles in incident response. Boards are advised to seek external assessments of their cyber recovery plans, much like financial audits, to enhance preparedness. Additionally, boards are adjusting member selection criteria to include technology expertise that addresses both security and strategic opportunities. Understanding that technology safeguards critical data and automates business processes, boards must integrate cyber security into their core business strategy.
All Smoke, No Fire: The Bizarre Trend of Fake Data Breaches and How to Protect Against Them
Organisations are increasingly facing fake data breach claims from cyber criminals, causing unnecessary panic and resource diversion. These hoaxes can damage a company's reputation and erode customer trust, even when no actual breach has occurred. Experts advise implementing advanced security measures and establishing dedicated teams to verify breach claims before reacting publicly. Effective communication strategies are crucial to manage public perception and maintain control over the narrative. Continuous employee training and updated security protocols are essential to mitigate both real and fake cyber threats, safeguarding the organisation's reputation and customer confidence.
Threat Actors Continue to Utilise HR-Related Phishing Tactics
Phishing attacks are becoming increasingly sophisticated, with recent tactics continuing the trend of impersonating company HR departments to deceive employees. One notable campaign sent emails urging staff to review a revised employee handbook, using professional language and creating a sense of urgency to prompt immediate action. These emails directed recipients to fake login pages designed to capture sensitive credentials. Such attacks exploit trust and fear of non-compliance, emphasising the need for robust cyber security measures. Organisations are advised to implement advanced email security solutions and enhance user awareness training. A multi-layered defence approach, combining technology and vigilant employees, is essential to protect against these evolving phishing threats.
Report: 80% of Organisations Experienced an Email-Related Security Breach in the Last Year
The latest report from a cyber security solutions provider reveals that email-related threats are a top concern for critical infrastructure organisations. The study found that 80% of these entities experienced an email-related security breach in the past year, and 63% admit their email security needs improvement. Despite advancements in cyber security, nearly half of the organisations lack confidence in their current email defences, leaving them vulnerable to cyber attacks. 65% are not compliant with regulatory standards, exposing them to significant operational and business risks. The report highlighted that essential security measures like Content Disarm and Reconstruction (CDR) and URL scanning are missing in many organisations' defences. This underscores the urgent need to adopt a zero-trust mindset and strengthen prevention-based perimeter defence strategies.
The Growing Danger of Visual Hacking and How to Protect Against It
Visual hacking is a significant threat that many organisations overlook in their data security strategies. Despite focusing on cyber security within systems, physical methods like shoulder surfing can bypass these defences, exposing sensitive information. Physical barriers such as privacy screens are highly effective, blocking up to 99.8% of visible light at angles beyond 45 degrees, ensuring only the primary user can view the screen. Traditional privacy screens have drawbacks like increased device thickness and permanent privacy modes, impacting usability. Switchable privacy screens built into devices are gaining popularity, offering automated and software-controlled privacy without hindering functionality. Organisations are advised to adopt these advanced privacy measures to prevent unauthorised visual access and enhance overall data security.
Cyber Warfare: A Growing Concern for the British Public
New research by the International Cyber Expo reveals that over 70% of Britons believe cyber warfare is the next frontier in modern combat. Cyber attacks targeting critical infrastructure are the top concern, with 54% of respondents expressing worry. Nearly a third (31%) of the public admit feeling scared about the prospect of cyber warfare, and 43% are concerned about nation-state activities. The survey highlighted that despite government investments in traditional military forces, the majority perceive cyberspace as the emerging battlefield. Experts emphasise the need for increased awareness, preparedness, and investment in cyber security to protect critical infrastructure and national security.
The Rising Cost of Vulnerable APIs and Bot Attacks – A $186 Billion Wake-Up Call for Businesses
A recent report by a cyber security solutions provider, Imperva, has found that vulnerable APIs and automated bot attacks are causing significant financial losses for businesses, with an estimated annual economic burden of up to $186 billion. An API, or Application Programming Interface, is like a bridge that allows different software applications to talk to each other and share information. A bot is a computer program that performs tasks automatically, often mimicking human actions. The study, which analysed over 161,000 cyber security incidents, revealed that the average enterprise managed 613 API endpoints in 2023, making them increasingly attractive targets for cybercriminals. Bot-related security incidents have surged dramatically, rising by 88% in 2022 and a further 28% in 2023. Insecure APIs alone have led to up to $87 billion in losses annually, marking a $12 billion increase from 2021. Automated API abuse by bots contributes significantly to this impact, costing organisations up to $17.9 billion each year. The report underscores the urgent need for robust security measures to protect against these growing threats.
Attackers are Exploiting Vulnerabilities at a Record Pace—Here’s What to Do About It
Recent findings show that attackers are exploiting vulnerabilities faster than ever, with the average time to exploitation now just 4.76 days—a 43% increase in speed compared to earlier this year. This rapid escalation emphasises the critical need for timely patching, yet 86% of breaches occurred through known vulnerabilities with available patches. 98% of organisations reported detecting exploits of vulnerabilities over five years old, underscoring the importance of strong cyber hygiene practices. Experts advise prioritising vulnerabilities actively under attack and ensuring robust incident response plans. Collaboration between public and private sectors is deemed essential to enhance cyber security and stay ahead of evolving threats.
What Can Businesses Learn from the Rise of Cyber Espionage?
Cyber espionage is becoming a critical concern for businesses, as state-sponsored attacks increasingly target the private sector to disrupt economies and access confidential information. The UK GCHQ estimates that at least 34 nation-states now have advanced cyber espionage teams. The rise of AI technologies has amplified these threats, with attackers using tools like large language models to enhance their capabilities. Attacks on major cloud providers pose significant risks due to their impact on software supply chains. While AI introduces new risks, it is also essential for improving threat detection and response. Organisations are urged to adopt zero trust architectures, conduct regular security audits, and strategically incorporate AI to protect against sophisticated cyber threats.
When Startup Founders Should Start Thinking About Cyber Security
A recent discussion has highlighted that cyber security risks pose a significant threat to startups, yet many founders prioritise rapid growth over security measures. Advanced persistent threats like China's Volt Typhoon have begun targeting startups, with one such attack breaching Versa Networks after exploiting a high-severity vulnerability. According to a survey by a business insurance company, over two-thirds of startup founders have experienced a cyber attack, with 86% owning some form of cyber insurance and 71% considering additional security measures. Despite this, investors seldom prioritise cyber security during negotiations, but the consequences of neglecting it can be catastrophic. Experts suggest that as startups expand, the importance of cyber security increases, and founders should integrate security planning from the outset to mitigate risks.
Sources:
https://www.infosecurity-magazine.com/news/half-of-uk-firms-lack-basic/
https://www.itsecurityguru.org/2024/09/19/beyond-a-buzzword-what-resilience-in-cyber-really-means/
https://www.cio.com/article/3523667/do-boards-understand-their-new-role-in-cybersecurity.html
https://securityboulevard.com/2024/09/threat-actors-continue-to-utilize-hr-related-phishing-tactics/
https://www.helpnetsecurity.com/2024/09/17/robert-ramsey-rain-technology-visual-hacking/
https://www.itsecurityguru.org/2024/09/19/cyber-warfare-a-growing-concern-for-the-british-public/
https://securityintelligence.com/articles/what-can-businesses-learn-from-rise-of-cyber-espionage/
https://www.darkreading.com/cybersecurity-operations/cybersecurity-influence-startup-investment
Governance, Risk and Compliance
The alarming gap between perception and reality in the corner office | TechRadar
Over Half of Breached UK Firms Pay Ransom - Infosecurity Magazine (infosecurity-magazine.com)
Nearly half of UK businesses unequipped to face cyber attacks, Ipsos finds (holyrood.com)
Half of UK Firms Lack Basic Cybersecurity Skills - Infosecurity Magazine (infosecurity-magazine.com)
Do boards understand their new role in cybersecurity? | CIO
Closing the gap between cyber risk strategy and execution (betanews.com)
Beyond A Buzzword: What Resilience in Cyber Really Means - IT Security Guru
Palo Alto Networks CEO says cybersecurity has ‘become an arms race’ – BNN Bloomberg
99% of Business Leaders Are Concerned About Internal Data (darkreading.com)
Fines and lawsuits after data breaches ‘worse than the attack itself’ (foodmanufacture.co.uk)
Better metrics can show how cybersecurity drives business success | CSO Online
It's Time To Dismantle The Long Held Silos Between Security And Tech Teams (forbes.com)
The Cybersecurity Landscape: New Threats, Same Mistakes (darkreading.com)
The Cost Of Inaction: How Breached Organisations Are Redefining Cyber Resilience | Scoop News
Companies aren't 'owning' their data (betanews.com)
SecOps' new frontier in the remote work era: HR | TechTarget
Only 1/3 of businesses have 24/7 security coverage, survey finds | SC Media (scmagazine.com)
Modernization: Nothing to fear except failing to future-proof | ITPro
Striking the balance between cybersecurity and operational efficiency - Help Net Security
What can businesses learn from the rise of cyber espionage? (securityintelligence.com)
Want to get ahead? Four activities that can enable a more proactive security regime | CSO Online
Protecting Critical Data and Infrastructure in the Digital Age | Entrepreneur
The ripple effects of regulatory actions on CISO reporting - Help Net Security
Citigroup strips COO of responsibility for data overhaul after $136mn fine
Threats
Ransomware, Extortion and Destructive Attacks
Over Half of Breached UK Firms Pay Ransom - Infosecurity Magazine (infosecurity-magazine.com)
Top 10 ransomware groups to watch | CSO Online
Infostealers: An Early Warning for Ransomware Attacks (darkreading.com)
Infostealers Cause Surge in Ransomware Attacks - Infosecurity Magazine (infosecurity-magazine.com)
Ransomware attacks: Rising threats and increasing demands - SiliconANGLE
Ransomware attacks are soaring to a new high | TechRadar
Medusa Ransomware Exploiting Fortinet Flaw For Sophisticated Attacks (cybersecuritynews.com)
Gen reveals 24% rise in ransomware attacks on consumers (securitybrief.co.nz)
Ransomware gangs now abuse Microsoft Azure tool for data theft (bleepingcomputer.com)
75 percent of organizations affected more than once by ransomware (betanews.com)
Germany seizes 47 crypto exchanges used by ransomware gangs (bleepingcomputer.com)
What more can be done to stop ransomware attacks? | CyberScoop
Defending Against Ransomware Threats: Tactics and Procedures Revealed by CISA (cimcor.com)
For ransomware, universities are paying more | EdScoop
Vanilla Tempest hackers hit healthcare with INC ransomware (bleepingcomputer.com)
Four ways to stay ahead of the ransomware threat | SC Media (scmagazine.com)
Ransomware Victims
Over Half of Breached UK Firms Pay Ransom - Infosecurity Magazine (infosecurity-magazine.com)
Qilin ransomware attack on Synnovis impacted over 900K patients (securityaffairs.com)
UnitedHealth CISO: We had to ‘start over’ after ransomware attack (cyberscoop.com)
Ascension Suffered $1.3 Billion Hit From Cyberattack, Analysis Finds - KFF Health News
LockBit boasts once again of ransoming eFile.com • The Register
Valencia Ransomware crew 'hits' California city and more • The Register
Vice Society Uses Inc Ransomware in Healthcare Attack (darkreading.com)
Data Stolen in Ransomware Attack That Hit Seattle Airport - SecurityWeek
Rhysida ships off Port of Seattle data for $6M • The Register
German radio station forced to broadcast 'emergency tape' following cyberattack (therecord.media)
Ransomware Group Leaks Data Allegedly Stolen From Kawasaki Motors - SecurityWeek
88,000 Impacted by Access Sports Data Breach Resulting From Ransomware Attack - SecurityWeek
Phishing & Email Based Attacks
Threat Actors Continue to Utilize HR-Related Phishing Tactics - Security Boulevard
Email Attacks a Problem for National Infrastructure Companies (techrepublic.com)
How hackers are using legitimate tools to distribute phishing links | ITPro
Cybercriminals exploit content platforms for phishing attacks (securitybrief.co.nz)
What is email spam and how to fight it? | Definition from TechTarget
North Korean APT Bypasses DMARC for Cyber Espionage (darkreading.com)
DoJ accuses Chinese national of phishing for military code • The Register
Advanced Phishing Attacks Put X Accounts at Risk - Infosecurity Magazine (infosecurity-magazine.com)
What Is Phishing-Resistant MFA and How Does it Work? - Security Boulevard
Other Social Engineering
The growing danger of visual hacking and how to protect against it - Help Net Security
Security Firm's North Korean Hacker Hire Not Unique (darkreading.com)
Windows users targeted with fake human verification pages delivering malware - Help Net Security
New North Korean Social Engineering Campaign Targets Crypto Sector | MSSP Alert
Artificial Intelligence
How are cybercriminals upskilling to make the most of AI? - Raconteur
Companies skip security hardening in rush to adopt AI | CSO Online
The AI Threat: Deepfake or Deep Fake? Unraveling the True Security Risks - SecurityWeek
Security leaders consider banning AI coding due to security risks - Help Net Security
OODA Loop - Attacker VS Defender. Who Will Win the Race to Best Operationalize AI?
Orca: AI services, models falling short on security | TechTarget
Hacker tricks ChatGPT into giving out detailed instructions for making homemade bombs | TechCrunch
Is that photo real or AI? Google's 'About this image' aims to help you tell the difference | ZDNET
Compliance frameworks and GenAI: The Wild West of security standards - Help Net Security
2FA/MFA
How MFA gets hacked — and strategies to prevent it | CSO Online
What Is Phishing-Resistant MFA and How Does it Work? - Security Boulevard
Malware
Infostealers: An Early Warning for Ransomware Attacks (darkreading.com)
Infostealers Cause Surge in Ransomware Attacks - Infosecurity Magazine (infosecurity-magazine.com)
This Harry Potter-Named Attack Runs Fileless Malware (makeuseof.com)
Espionage Alert: Google Sheets Exploit For Malware Control - Security Boulevard
This Windows Tool Can Let In Viruses Without Detection (makeuseof.com)
Hackers Force Chrome Users To Hand Over Google Passwords, Here’s How (forbes.com)
CISA warns of Windows flaw used in infostealer malware attacks (bleepingcomputer.com)
1.3 million Android-based TV boxes backdoored; researchers still don’t know how | Ars Technica
'SambaSpy' RAT's Multiple Features Pack Hefty Punch (darkreading.com)
Windows users targeted with fake human verification pages delivering malware - Help Net Security
Binance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency Users (thehackernews.com)
Bots/Botnets
Chinese Spies Built Massive Botnet of IoT Devices to Target US, Taiwan Military - SecurityWeek
New "Raptor Train" IoT Botnet Compromises Over 200,000 Devices Worldwide (thehackernews.com)
FBI director says Chinese spies 'burned down' their botnet • The Register
Study: Bots pose major online fraud threat | Chain Store Age
Five Eyes alliance seizes control of extensive spy tech network used by China | TechRadar
How to detect and stop bot activity - Help Net Security
Mobile
14 dead as Hezbollah walkie-talkies explode in second, deadlier attack | Ars Technica
11 dead, thousands injured in explosive supply chain attack on Hezbollah pagers | Ars Technica
Mass pager attack in Lebanon raises concerns over cyber warfare and terrorism · Global Voices
Securing your smartphone: Vital steps to protect your digital assets | TechRadar
Android to be getting its own version of Apple's "Stolen Device Protection" feature - PhoneArena
Watch out! These 9 online banking scams drain your accounts | PCWorld
Here's How to Remotely Disable Your Smartphone If It's Stolen (makeuseof.com)
Denial of Service/DoS/DDOS
Financial services sector remains top DDoS target, Akamai reports (securitybrief.co.nz)
Internet of Things – IoT
Malware has infected 1.3 million Android TV boxes in 197 countries | TechSpot
Chinese Spies Built Massive Botnet of IoT Devices to Target US, Taiwan Military - SecurityWeek
New "Raptor Train" IoT Botnet Compromises Over 200,000 Devices Worldwide (thehackernews.com)
NCSC exposes Chinese company running malicious Mirai botnet | Computer Weekly
FBI director says Chinese spies 'burned down' their botnet • The Register
Data Breaches/Leaks
Fortinet confirms breach that likely leaked 440GB of customer data | CSO Online
Cybersecurity company Fortinet suffers third-party data breach (techmonitor.ai)
23andMe to pay $30 million in genetics data breach settlement (bleepingcomputer.com)
Hackers steal nearly 1.7 million credit card numbers in breach | Mashable
After yet another data breach, how can you protect yourself? (thehill.com)
AT&T agrees to $13 million fine for third-party cloud breach | CyberScoop
This Dating App May Have Leaked Extremely Private Data: Check Your Account Now (makeuseof.com)
Over 1,000 ServiceNow instances found leaking corporate KB data (bleepingcomputer.com)
Temu denies breach after hacker claims theft of 87 million data records (bleepingcomputer.com)
Hackers steal iCloud photos through calendar invites -- no clicks required (appleinsider.com)
Construction firms breached in brute force attacks on accounting software (bleepingcomputer.com)
RansomHub claims Kawasaki cyberattack, threatens to leak stolen data (bleepingcomputer.com)
88,000 Impacted by Access Sports Data Breach Resulting From Ransomware Attack - SecurityWeek
Organised Crime & Criminal Actors
Violent cyber criminals to spend collective 191 years in prison • The Register
Ticketmaster boss who repeatedly hacked rival firm sentenced (bitdefender.com)
'Marko Polo' Creates Globe-Spanning Cybercrime Juggernaut (darkreading.com)
Criminals Keep Hacking Themselves, Letting Researchers Unmask Them (404media.co)
Europol takes down "Ghost" encrypted messaging platform used for crime (bleepingcomputer.com)
The Dark Web Demystified: Its Role In Privacy, Crime, And Regulation – Analysis – Eurasia Review
Tor says it’s "still safe" amid reports of police deanonymizing users (bleepingcomputer.com)
Suspects behind $230 million cryptocurrency theft arrested in Miami (bleepingcomputer.com)
Australian Police conducted supply chain attack on crime app • The Register
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Binance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency Users (thehackernews.com)
Cryptojacking Gang TeamTNT Make a Comeback - Infosecurity Magazine (infosecurity-magazine.com)
Germany seizes 47 crypto exchanges used by ransomware gangs (bleepingcomputer.com)
Suspects behind $230 million cryptocurrency theft arrested in Miami (bleepingcomputer.com)
Tether and Others Freeze Millions Tied to Lazarus Group Wallets - DailyCoin
New North Korean Social Engineering Campaign Targets Crypto Sector | MSSP Alert
Insider Risk and Insider Threats
Insider threats highlighted, calls for enhanced security measures (securitybrief.co.nz)
How to reduce cyber risk during employee onboarding (bleepingcomputer.com)
Insurance
How Cyber Insurance Shifts Affect the Security Landscape (darkreading.com)
Why Breaking Down Silos Is Key To Optimizing Cyber Insurance Investments
How NIS2 Directive Impacts Businesses and Cyber Insurance (kingsbridge.co.uk)
Supply Chain and Third Parties
How Mega Attacks Are Spotlighting Critical 3rd-Party Risks (govinfosecurity.com)
Qilin ransomware attack on Synnovis impacted over 900K patients (securityaffairs.com)
The ‘Sleeping Time Bomb’ of Third-Party Cybersecurity Risk | Decipher (duo.com)
Post-CrowdStrike Fallout: Microsoft Redesigning EDR Vendor Access to Windows Kernel - SecurityWeek
Fortinet confirms data breach, extortion demand | TechTarget
Why Strong Cybersecurity is the Key to Unlocking the Full Potential of Supply Chains | Entrepreneur
Third-party risk management can learn a lot from the musk ox | CSO Online
Construction firms breached in brute force attacks on accounting software (bleepingcomputer.com)
Concerns Over Supply Chain Attacks on US Seaports Grow (darkreading.com)
Cloud/SaaS
Cloud-Native Network Security Up 17%, Hardware Down 2% (darkreading.com)
Ransomware gangs now abuse Microsoft Azure tool for data theft (bleepingcomputer.com)
AT&T agrees to $13 million fine for third-party cloud breach | CyberScoop
RCE Flaw in Google Cloud Affected Millions of Servers (darkreading.com)
Hackers steal iCloud photos through calendar invites -- no clicks required (appleinsider.com)
How to stop hackers attacking hybrid clouds | ITPro
Outages
1 in 10 firms dump infosec wares after Crowstrike outage • The Register
Post-CrowdStrike Fallout: Microsoft Redesigning EDR Vendor Access to Windows Kernel - SecurityWeek
Will Microsoft Rethink Windows Security? (govinfosecurity.com)
Cloudflare outage cuts off access to websites in some regions (bleepingcomputer.com)
Identity and Access Management
Gateways to havoc: Overprivileged dormant service accounts - Help Net Security
The proliferation of non-human identities - Help Net Security
Beyond human IAM: The rising tide of machine identities - Help Net Security
Encryption
Tor says it’s "still safe" amid reports of police deanonymizing users (bleepingcomputer.com)
Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense (thehackernews.com)
Linux and Open Source
What is open-source and how does it benefit you? | ZDNET
Government unveils open-source security steps (baselinemag.com)
Passwords, Credential Stuffing & Brute Force Attacks
TfL requires in-person password resets for 30,000 employees after hack (bleepingcomputer.com)
Why Hackers Aren't Stopped by Account Lockouts | HackerNoon
Hackers Force Chrome Users To Hand Over Google Passwords, Here’s How (forbes.com)
Malware locks browser in kiosk mode to steal Google credentials (bleepingcomputer.com)
Over 2 million VPN passwords have been stolen – here's what you can do about it | TechRadar
Understanding Credential Stuffing Attacks - Security Boulevard
Construction firms breached in brute force attacks on accounting software (bleepingcomputer.com)
Social Media
France uses tough, untested cybercrime law to target Telegram's Durov | Reuters
British MPs and international organisations hacked on X | X | The Guardian
LinkedIn's new search filter aims to protect you from suspicious job postings | ZDNET
Instagram makes 'Teen Accounts' private by default - and AI will be checking your age | ZDNET
Facebook Hit With Class Action Over Spate of Hacked Accounts (bloomberglaw.com)
Meta to Train AI Models Using Public U.K. Facebook and Instagram Posts (thehackernews.com)
Advanced Phishing Attacks Put X Accounts at Risk - Infosecurity Magazine (infosecurity-magazine.com)
Training, Education and Awareness
Regulations, Fines and Legislation
Fines and lawsuits after data breaches ‘worse than the attack itself’ (foodmanufacture.co.uk)
France uses tough, untested cybercrime law to target Telegram's Durov | Reuters
AT&T agrees to $13 million fine for third-party cloud breach | CyberScoop
5 new cybersecurity regulations businesses should know about | MIT Sloan
Citigroup strips COO of responsibility for data overhaul after $136mn fine
The ripple effects of regulatory actions on CISO reporting - Help Net Security
Compliance frameworks and GenAI: The Wild West of security standards - Help Net Security
How NIS2 Directive Impacts Businesses and Cyber Insurance (kingsbridge.co.uk)
Models, Frameworks and Standards
How NIS2 Directive Impacts Businesses and Cyber Insurance (kingsbridge.co.uk)
Data Protection
Careers, Working in Cyber and Information Security
Cyber workforce must almost double to meet global talent need | Computer Weekly
Cyber workforce size stalls despite skills shortages (betanews.com)
UK convenes global coalition to boost cyber skills and tackle growing threats - GOV.UK (www.gov.uk)
The cybersecurity workforce of the future requires diverse hiring practices - Help Net Security
Only 1/3 of businesses have 24/7 security coverage, survey finds | SC Media (scmagazine.com)
Law Enforcement Action and Take Downs
Violent cyber scum to spend collective 191 years in prison • The Register
France uses tough, untested cybercrime law to target Telegram's Durov | Reuters
Tor insists its safe after cops convict CSAM site admin • The Register
Ticketmaster boss who repeatedly hacked rival firm sentenced (bitdefender.com)
UK activists file complaint with police against NSO Group • The Register
Tor says it’s "still safe" amid reports of police deanonymizing users (bleepingcomputer.com)
Europol takes down "Ghost" encrypted messaging platform used for crime (bleepingcomputer.com)
Suspects behind $230 million cryptocurrency theft arrested in Miami (bleepingcomputer.com)
Australian Police conducted supply chain attack on crime app • The Register
Misinformation, Disinformation and Propaganda
Putin really wants to put Trump back in the White House • The Register
US accuses RT, others of covert arms dealing, global influence operations | CyberScoop
Malicious Actors Sow Discord With Election Compromise Claims (darkreading.com)
FBI, CISA Warn of Fake Voter Data Hacking Claims - SecurityWeek
44% of people report believing election-related misinformation - Adobe study | ZDNET
Russian threat groups shift attention to Harris-Walz campaign, researchers find | CyberScoop
Russian troll farms turn up heat on presidential candidates | SC Media (scmagazine.com)
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Mass pager attack in Lebanon raises concerns over cyber warfare and terrorism · Global Voices
Cyber Warfare: A Growing Concern for the British Public - IT Security Guru
What can businesses learn from the rise of cyber espionage? (securityintelligence.com)
Espionage Alert: Google Sheets Exploit For Malware Control - Security Boulevard
Nation State Actors
China
Did a Chinese University Hacking Competition Target a Real Victim? | WIRED
Chinese Spies Built Massive Botnet of IoT Devices to Target US, Taiwan Military - SecurityWeek
Chinese spies spent 4 months in aerospace firm’s server • The Register
New "Raptor Train" IoT Botnet Compromises Over 200,000 Devices Worldwide (thehackernews.com)
FBI director says Chinese spies 'burned down' their botnet • The Register
China suspected of hacking diplomatic body for Pacific islands region (therecord.media)
DoJ accuses Chinese national of phishing for military code • The Register
Chinese gov’t mulls anti-money laundering law to ‘monitor’ new fintech
Chinese boffins claim Starlink signals can defeat stealth • The Register
Temu denies breach after hacker claims theft of 87 million data records (bleepingcomputer.com)
Russia
Putin really wants to put Trump back in the White House • The Register
Despite Russia warnings, critical infrastructure unprepared • The Register
Russian Secret Sub Unit Menaces Undersea Cables - Business Insider
US accuses RT, others of covert arms dealing, global influence operations | CyberScoop
RT News Hosted Russian Cyber Spy Unit, US Says (darkreading.com)
Russian troll farms turn up heat on presidential candidates | SC Media (scmagazine.com)
Malicious Actors Sow Discord With Election Compromise Claims (darkreading.com)
Russian threat groups shift attention to Harris-Walz campaign, researchers find | CyberScoop
'Marko Polo' Creates Globe-Spanning Cybercrime Juggernaut (darkreading.com)
Russian Security Firm Doctor Web Hacked - SecurityWeek
Iran
As Geopolitical Tensions Mount, Iran's Cyber Operations Grow (darkreading.com)
North Korea
Security Firm's North Korean Hacker Hire Not Unique (darkreading.com)
SecOps' new frontier in the remote work era: HR | TechTarget
North Korean APT Bypasses DMARC for Cyber Espionage (darkreading.com)
Tether and Others Freeze Millions Tied to Lazarus Group Wallets - DailyCoin
New North Korean Social Engineering Campaign Targets Crypto Sector | MSSP Alert
The Next US President Needs a New North Korea Strategy | The National Interest
Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence
11 dead, thousands injured in explosive supply chain attack on Hezbollah pagers | Ars Technica
Explosive Pagers Reveal Major Security Breach Within Hezbollah (armyrecognition.com)
Mass pager attack in Lebanon raises concerns over cyber warfare and terrorism · Global Voices
UK activists file complaint with police against NSO Group • The Register
Key Predator spyware peddlers added to US sanctions list • The Register
Apple Abandons Spyware Suit to Avoid Sharing Cyber Secrets (darkreading.com)
Tools and Controls
Closing the gap between cyber risk strategy and execution (betanews.com)
Beyond A Buzzword: What Resilience in Cyber Really Means - IT Security Guru
1 in 10 firms dump infosec wares after Crowstrike outage • The Register
UK Data Centers Gain Critical Infrastructure Status, Raising Green Belt Controversy - SecurityWeek
Post-CrowdStrike Fallout: Microsoft Redesigning EDR Vendor Access to Windows Kernel - SecurityWeek
Security leaders consider banning AI coding due to security risks - Help Net Security
OODA Loop - Attacker VS Defender. Who Will Win the Race to Best Operationalize AI?
Why Pay A Pentester? (thehackernews.com)
SecOps' new frontier in the remote work era: HR | TechTarget
Over 2 million VPN passwords have been stolen – here's what you can do about it | TechRadar
Better metrics can show how cybersecurity drives business success | CSO Online
It's Time To Dismantle The Long Held Silos Between Security And Tech Teams (forbes.com)
How to reduce cyber risk during employee onboarding (bleepingcomputer.com)
Only 1/3 of businesses have 24/7 security coverage, survey finds | SC Media (scmagazine.com)
Striking the balance between cybersecurity and operational efficiency - Help Net Security
Organizations overwhelmed by numerous and insecure remote access tools - Help Net Security
DNS security best practices to implement now | TechTarget
What is Enterprise Attack Surface Management? | UpGuard
Is that photo real or AI? Google's 'About this image' aims to help you tell the difference | ZDNET
Want to get ahead? Four activities that can enable a more proactive security regime | CSO Online
Other News
When Startup Founders Should Be Thinking About Cybersecurity (darkreading.com)
73% Of Small Businesses Concerned About Cyber Security, New AMI Research Shows | Scoop News
Nearly half of UK businesses unequipped to face cyber attacks, Ipsos finds (holyrood.com)
TfL requires in-person password resets for 30,000 employees after hack (bleepingcomputer.com)
BT Report HUGE Rise in Malicious IP Scanners Across UK Network - ISPreview UK
The Cybersecurity Landscape: New Threats, Same Mistakes (darkreading.com)
Why are utilities especially vulnerable to cyberattacks? - Digital Journal
Increased Cybersecurity Essential For NGOs: Help Available (forbes.com)
Healthcare's Diagnosis is Critical: The Cure is Cybersecurity Hygiene (thehackernews.com)
Cybercrime in the Education Sector | MSSP Alert
Cyberattacks Are Huge Threat for All Manufacturers | ASSEMBLY (assemblymag.com)
Ports need to prepare for cyber attacks | News | Port Strategy
The rising threat of cyberattacks in the restaurant industry (securityintelligence.com)
Hospitality & Travel Cybersecurity: Protection the During Peak Seasons - Security Boulevard
Cyber threats to shipping explained | Pen Test Partners
Cybersecurity in the Skies - Avionics International (aviationtoday.com)
Vulnerability Management
Attackers are exploiting vulnerabilities at a record pace—here’s what to do about it | CSO Online
Insecure software makers are the real cyber villains – CISA • The Register
Patch management: A dull IT pain that won’t go away | CSO Online
The Ultimate Unseen Vulnerability in Addressing Cybersecurity Threats: Communication | HackerNoon
Is Microsoft really going to cut off security updates for your 'unsupported' Windows 11 PC? | ZDNET
CISA Releases Analysis of FY23 Risk and Vulnerability Assessments | CISA
Detecting vulnerable code in software dependencies is more complex than it seems - Help Net Security
The line between citizen developers and IT pros gets fuzzier - is that a problem? | ZDNET
Vulnerabilities
More details on that Windows Installer 'make me admin' hole • The Register
CISA warns of Windows flaw used in infostealer malware attacks (bleepingcomputer.com)
Google Chrome 129: new features and security fixes arrive on all platforms - gHacks Tech News
1 PoC Exploit for RCE Flaw, but 2 Patches From Veeam (darkreading.com)
Microsoft confirms second 0-day exploited by Void Banshee APT (CVE-2024-43461) - Help Net Security
SolarWinds Issues Patch for Critical ARM Vulnerability Enabling RCE Attacks (thehackernews.com)
Patch Issued for Critical VMware vCenter Flaw Allowing Remote Code Execution (thehackernews.com)
Medusa Ransomware Exploiting Fortinet Flaw For Sophisticated Attacks (cybersecuritynews.com)
VMware Releases Security Advisory for VMware Cloud Foundation and vCenter Server | CISA
Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers (thehackernews.com)
Windows vulnerability abused braille “spaces” in zero-day attacks (bleepingcomputer.com)
SolarWinds fixed critical RCE CVE-2024-28991 in Access Rights Manager (securityaffairs.com)
D-Link addressed three critical RCE in wireless router models (securityaffairs.com)
Apple Patches Major Security Flaws With iOS 18 Refresh - SecurityWeek
GitLab releases security updates to fix 17 vulnerabilities | Security Magazine
RCE Flaw in Google Cloud Affected Millions of Servers (darkreading.com)
Is Microsoft really going to cut off security updates for your 'unsupported' Windows 11 PC? | ZDNET
Atlassian Patches Vulnerabilities in Bamboo, Bitbucket, Confluence, Crowd - SecurityWeek
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.