Black Arrow Cyber Threat Intelligence Briefing 21 February 2025
Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Executive Summary
Black Arrow Cyber has identified a significant surge in cyber threats targeting organisations worldwide, with supply chain vulnerabilities, phishing scams, and ransomware tactics evolving at an alarming rate. Supply chain cyber attacks have increased by 431% in just two years, exposing weaknesses in third-party security oversight and operational dependencies. Simultaneously, phishing attacks remain a major risk, with 98% of senior business leaders unable to recognise key warning signs. The rapid rise of deepfake technology, infostealer malware, and mobile phishing further exacerbates these threats, with cyber criminals leveraging AI and automation to enhance their attack strategies.
Corporate cyber security measures remain insufficient, as evidenced by 96% of S&P 500 firms experiencing data breaches and 69% of UK businesses failing to implement basic network security protections. Ransomware gangs are accelerating their attacks, demanding ransoms within 17 hours of infiltration, while Phishing-as-a-Service platforms are making sophisticated attacks accessible to criminals with little technical knowledge. Social media has also become a prime target, with 2.55 billion threats blocked in a single quarter.
Black Arrow Cyber believes that urgent action is required. Businesses must prioritise proactive security strategies, including continuous supply chain monitoring, robust phishing awareness training, and advanced authentication measures to mitigate these growing risks. As cyber threats evolve, only a strong, multi-layered defence will ensure operational resilience and data security in an increasingly volatile digital landscape.
Top Cyber Stories of the Last Week
Supply Chain Cyber Attacks Surge Over 400%, Expected to Continue Rising
A new cyber risk report by Cowbell has revealed a 431% surge in supply chain cyber attacks between 2021 and 2023, with further increases expected by 2025. Businesses with revenues over $50 million are 2.5 times more likely to be targeted, with manufacturing, public administration, and education among the most at-risk sectors. Key vulnerabilities stem from reliance on third-party suppliers, poor visibility into vendor security, and weaknesses in operating systems and business applications. To mitigate these risks, organisations must enhance supplier oversight, conduct regular cyber risk assessments, and implement proactive security measures across their supply chains.
98% of Business Leaders Can't Spot a Phishing Scam
A new report from Tech.co has revealed that 98% of senior business leaders struggle to recognise all the warning signs of phishing, despite such attacks accounting for 40% of data breaches in 2024, a sharp rise from the previous year. Nearly half of respondents failed to identify urgency or threats as key phishing indicators, while 19% could not correctly define two-factor authentication. With the global average cost of a data breach reaching $4.88M, the findings highlight a critical gap in cyber security awareness at the highest levels, underscoring the need for improved training across all leadership roles.
Two-Thirds of UK Businesses Still Failing on Cyber Security
Beaming’s latest research reveals that 69% of UK businesses, equating to 3.6 million companies, are at heightened risk of cyber attack due to poor network security practices. Many fail to encrypt data in transit, isolate traffic from public infrastructure, or monitor for malicious activity. While the majority are micro businesses, over 7,000 medium-sized and nearly 1,000 large organisations also fall short. With corporate networks now critical to business operations, the report highlights a widespread failure to recognise their role in safeguarding sensitive data and maintaining operational resilience.
44% of Middle-Market Firms Invest in Cyber Crime Protection
A recent PYMNTS Intelligence report highlights that cyber security is a growing concern for middle-market CFOs, with 44% of high-uncertainty firms (facing fluctuating demand, supply chain disruptions, or macroeconomic volatility) investing in AI-driven threat detection. Rising cyber threats are diverting budgets away from innovation, forcing firms to prioritise security over growth. Nearly a third of high-uncertainty organisations have conducted third-party security assessments, while just 13% have implemented multifactor authentication. Despite these measures, optimism about cyber security improvements remains mixed, with 31% of high-uncertainty firms expecting risks to worsen in 2025, while 74% of low-uncertainty firms anticipate improvements.
A Deepfake Epidemic Is Coming: People Are Simply Not Good Enough at Identifying Fakes
A new study by iProov highlights the growing threat of deepfakes, revealing that most people struggle to distinguish AI-generated content from reality. In a test of 2,000 participants, only 0.1% correctly identified all deepfakes, with older adults being particularly vulnerable and 39% of those over 65 had never heard of deepfakes. While younger generations showed greater confidence, their detection accuracy did not improve. Social media was identified as a key risk area, with nearly half of respondents pointing to Meta and TikTok. Experts warn that traditional detection methods are insufficient, calling for biometric security solutions to combat rising deepfake threats.
Cyber Security Gaps Exposed as 96% of S&P 500 Firms Hit by Data Breaches
Nearly all S&P 500 firms have experienced data breaches, with 96% impacted, highlighting critical cyber security gaps across industries. A new report reveals widespread deficiencies in software patching, SSL configurations, and system hosting, with nearly 90% of companies affected by hosting vulnerabilities and over 80% exposed to web application security risks. Manufacturing, Finance, and Healthcare rank among the most vulnerable sectors. Nearly 63% of Finance sector employees reuse compromised passwords. The findings underscore the urgent need for stronger encryption, better patch management, and stricter credential security to mitigate risks and prevent further breaches.
Cyber Criminals Shift Focus to Social Media as Attacks Reach Historic Highs
Cyber criminals are increasingly exploiting social media platforms, with attacks reaching record highs in 2024. A new report from Gen revealed that 2.55 billion threats were blocked in Q4 alone, equating to 321 per second. Social engineering accounted for 86% of these, highlighting the growing sophistication of scams. Malvertising drove 41% of threats, while Facebook was the most targeted platform, linked to 56% of social media attacks. Financial scams surged, with mobile banking malware infections rising by 236%. As AI-driven fraud increases, businesses must prioritise cyber security awareness and robust defences to mitigate evolving digital risks.
Is a Lack of Supply Chain Visibility Undermining Board-Level Confidence in Cyber Security Programs?
Many UK organisations are struggling with supply chain cyber security. 95% of C-level executives reported being negatively impacted by supply chain cyber breaches, yet 34% have no way of knowing when an incident occurs. As supply chains grow (some organisations engage with over 10,000 third parties) so too does risk, with nearly every firm with 10,000+ suppliers suffering a breach in the past year. Boards must prioritise continuous monitoring and structured oversight to mitigate risk and ensure operational resilience amidst increasing regulatory pressures.
Ransomware Gangs Extort Victims 17 Hours After Intrusion on Average
Ransomware groups are accelerating their attacks, reducing the time organisations have to detect intrusions. Analysis shows the average time from breach to ransom demand is now just 17 hours, with some groups acting in as little as 4 to 6 hours. Groups with the fastest attack times have also seen the highest growth in victims. A shift towards data theft over encryption is emerging, exploiting gaps in data loss prevention tools. Multiple sectors remain primary targets, with attackers increasingly abusing remote monitoring tools to maintain access and evade detection.
Over 330 million Credentials Compromised by Infostealers
Infostealer malware emerged as a major initial access threat in 2024, with over 330 million credentials compromised across at least 4.3 million machines, according to a new report. These stolen credentials grant access to critical corporate services, heightening cyber security risks. While law enforcement efforts disrupted key infostealer operations, including RedLine, threats persist due to the growth of malware-as-a-service models. The report also highlighted a 10.5% rise in ransomware victims and a 28.5% increase in active threat groups, underscoring the escalating cyber crime landscape organisations must navigate.
Mobile Phishing Attacks Surge, Accounting for 16% of Phishing Incidents
Mobile phishing attacks, or “mishing,” have surged, with daily incidents peaking at over 1,000 in August 2024. A report by Zimperium zLabs found that 16% of these attacks occurred in the US, with India leading global susceptibility at 37%. Attackers are increasingly exploiting mobile-first channels such as SMS, QR codes and messaging apps to bypass traditional security measures, often using geolocation-targeted campaigns. With 82% of phishing sites now designed for mobile devices, experts stress the need for mobile-specific security strategies, including phishing-resistant multi-factor authentication, real-time URL analysis and targeted user training.
Phishing-as-a-Service (PhaaS) Can Now Auto-Generate Phishing Kits for Any Brand
The latest version of the Darcula phishing-as-a-service (PhaaS) platform removes technical barriers, enabling cyber criminals to launch highly sophisticated phishing attacks with minimal effort. The platform's new DIY phishing kit generator allows users to clone any brand's website automatically, streamlining credential theft. Additional features include enhanced anti-detection measures, real-time campaign monitoring, and tools for automating credit card fraud. Netcraft reports that in the past 10 months, it has blocked nearly 100,000 Darcula-related domains and 20,000 phishing sites, warning that the ease of use and growing adoption of this platform will significantly increase phishing attack volumes.
This Open Text-to-Speech Model Needs Just Seconds of Audio to Clone Your Voice
Zyphra has released an open-source text-to-speech model capable of cloning a voice with just five seconds of sample audio. The Zonos models, trained on 200,000 hours of multilingual speech data, generate convincing voice replicas, though subtle pacing inconsistencies remain detectable. Unlike competitors, Zyphra has made the models freely available under an open licence. While the technology has legitimate applications in accessibility and audiobook production, it also raises security concerns, such as its potential use in scams and misinformation campaigns. Given the minimal effort required to create realistic clones, organisations should be alert to emerging threats in voice-based authentication and fraud.
Sources:
https://totaltele.com/two-thirds-of-uk-businesses-still-failing-on-cyber-security/
https://www.helpnetsecurity.com/2025/02/18/cybercriminals-social-media-attacks/
https://www.infosecurity-magazine.com/news/330-million-credentials/
https://www.infosecurity-magazine.com/news/mobile-phishing-attacks-surge-16/
Governance, Risk and Compliance
Gartner: CISOs struggling to balance security, business objectives | Computer Weekly
Is a lack of supply chain visibility undermining board-level confidence in cyber security programs?
2024 a 'record year for cyber attacks on business' - Director of Finance Online
How Slashing the SAT Budget Is Appreciated By Hackers - Security Boulevard
Cyber security gaps exposed as 96% of S&P 500 firms hit by data breaches
Two-thirds of UK businesses still failing on cyber security | Total Telecom
IT spending will be driven by cybesecurity and AI
44% of Middle-Market Firms Invest in Cyber Crime Protection
New GRC and cyber risk strategies emphasize risk adaptability - Help Net Security
Cyber Security in 2025: AI, Attack Surfaces and the Shift to Cyber Resilience - Security Boulevard
Signs Your Organisation's Culture Is Hurting Your Cyber Security
Threats
Ransomware, Extortion and Destructive Attacks
Ransomware gangs extort victims 17 hours after intrusion on average | CSO Online
Ransomware and reputation | Professional Security Magazine
Ransomware Detection: Attack Types & Latest Techniques in 2025 - Security Boulevard
BlackLock ransomware onslaught: What to expect and how to fight it - Help Net Security
Ransomware Spike Driven By RaaS Operations | MSSP Alert
The new ransomware groups worrying security researchers in 2025 | ITPro
Ransomware Attacks on Critical Infrastructure, AI Use to Grow in 2025 | MSSP Alert
Dozens of Orgs Claimed To Be Hacked by Cl0p Ransomware | MSSP Alert
Ending the Ransomware Scourge Requires Punishing Its Enablers
BlackLock On Track to Be 2025’s Most Prolific Ransomware Group - Infosecurity Magazine
The growing cyber threat: Ransomware, China, and state-sponsored attacks - GZERO Media
Feds warn Ghost ransomware crew remains active, potent • The Register
CISA and FBI: Ghost ransomware breached orgs in 70 countries
Inside A LockBit Ransomware Attack: A Firsthand Account Of Financial And Security Fallout
Updated Shadowpad Malware Leads to Ransomware Deployment | Trend Micro (US)
Darktrace Report Highlights The Growing Power Of MaaS, Sneaky Evasion Tactics
Black Basta ransomware gang's internal chat logs leak online
Acronis H2 2024 Cyber Threats Report Unveils Rise in
The complete story of the 2024 ransomware attack on UnitedHealth
Is Russia Reining In Ransomware-Wielding Criminals?
Ransomware losses tumble but threat remains: Chainalysis
NailaoLocker ransomware targets EU healthcare-related entities
Ransomware Victims
Dozens of Orgs Claimed To Be Hacked by Cl0p Ransomware | MSSP Alert
Lee Enterprises newspaper disruptions caused by ransomware attack
Christie's Ransomware Hack Settlement Pact Wins Court's Approval
Army soldier linked to Snowflake extortion to plead guilty • The Register
The complete story of the 2024 ransomware attack on UnitedHealth
Medusa extortion gang demands $2M from UK's HCRG Care Group • The Register
NailaoLocker ransomware targets EU healthcare-related entities
Phishing & Email Based Attacks
Darcula PhaaS can now auto-generate phishing kits for any brand
Mobile Phishing Attacks Surge with 16% of Incidents in US - Infosecurity Magazine
98% of Business Leaders Can't Spot a Phishing Scam Tech.co Report Reveals | Business Wire
Russian Hackers Target Microsoft 365 Accounts with Device Code Attacks - Infosecurity Magazine
What is device code phishing, and why are Russian spies so successful at it? - Ars Technica
Suspected Russian spies caught spoofing Teams invites • The Register
Threat actors are using legitimate Microsoft feature to compromise M365 accounts - Help Net Security
Hackers are using this new phishing technique to bypass MFA | ITPro
What is barrel phishing? All you need to know | NordVPN
Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains
Phishing with AI is cyber security’s new hook
This New Email Attack Can Bypass Spam Filters: Here's How to Protect Against It
Amazon Phish Hunts for Security Answers and Payment Information - Security Boulevard
Phishing attack hides JavaScript using invisible Unicode trick
Russian phishing campaigns exploit Signal's device-linking feature
A Signal Update Fends Off a Phishing Technique Used in Russian Espionage | WIRED
Spear Phishing vs Phishing: What Are the Main Differences?
Business Email Compromise (BEC)/Email Account Compromise (EAC)
Mining Company NioCorp Loses $500,000 in BEC Hack - SecurityWeek
Other Social Engineering
Zypher's speech model can clone your voice with 5s of audio • The Register
Cyber criminals shift focus to social media as attacks reach historic highs - Help Net Security
Venture capital giant Insight Partners hit by cyber attack
Cyber Investor Insight Partners Suffers Security Breach - Infosecurity Magazine
Insight Partners, VC Giant, Falls to Social Engineering
Artificial Intelligence
Zypher's speech model can clone your voice with 5s of audio • The Register
The AI Hype Frenzy Is Fueling Cyber Security Risks
IT spending will be driven by cyber security and AI
Cyber security pros are preparing for a new adversary: AI agents | Fortune
Ransomware Attacks on Critical Infrastructure, AI Use to Grow in 2025 | MSSP Alert
Why Regulating AI Is So Hard — And Necessary - The Good Men Project
The overlooked cyber security threat of AI
UK’s AI Safety Institute Rebrands Amid Government Strategy Shift - Infosecurity Magazine
The risks of autonomous AI in machine-to-machine interactions - Help Net Security
Sounding the alarm on AI-powered cyber security threats in 2025 | TechRadar
AI vs. Endpoint Attacks: What Security Leaders Need To Know | VentureBeat
Phishing with AI is cyber security’s new hook
Russia’s AI-Powered Cyber Attacks Threaten to Outpace Western Defences
South Korea Suspends DeepSeek AI Downloads Over Privacy Violations
UK’s AI Security Institute to protect against AI risks to national security
DarkMind: A new backdoor attack that leverages the reasoning capabilities of LLMs
Controlling Shadow AI: Protecting Knowledge Management From Cyber Threats
How to run DeepSeek AI locally to protect your privacy - 2 easy ways | ZDNET
US AI Safety Institute will be 'gutted,' Axios reports | ZDNET
Europe Mounts the Artificial-Intelligence Barricades - Bloomberg
Yikes: Jailbroken Grok 3 can be made to say and reveal just about anything | ZDNET
2FA/MFA
Hackers are using this new phishing technique to bypass MFA | ITPro
Malware
Microsoft Outlook targeted by new malware attacks allowing sneaky hijacking | TechRadar
New FinalDraft Malware Spotted in Espionage Campaign - SecurityWeek
ESentire Uncovers EarthKapre/RedCurl Attack Targeting Law Firms
Malware-as-a-Service accounts for 57 percent of all threats
300% increase in endpoint malware detections - Help Net Security
Why ‘malware as a service’ is becoming a serious problem | ITPro
Over 330 Million Credentials Compromised by Infostealers - Infosecurity Magazine
Beware of Fake BSOD Delivered by Malicious Python Script
PirateFi game on Steam caught installing password-stealing malware
Microsoft Detects New XCSSET MacOS Malware Variant - Infosecurity Magazine
Telegram Used as C2 Channel for New Golang Malware - Infosecurity Magazine
Russian malware discovered with Telegram hacks for C2 operations | CSO Online
Proofpoint Uncovers FrigidStealer, A New MacOS Infostealer - Infosecurity Magazine
Evolving Snake Keylogger Variant Targets Windows Users - Infosecurity Magazine
Trojanized Game Installers Deploy Cryptocurrency Miner in Large-Scale StaryDobry Attack
Hackers used free Steam game to steal passwords, Valve warns affected users | TechSpot
US military and defence contractors hit with Infostealer malware | TechRadar
Updated Shadowpad Malware Leads to Ransomware Deployment | Trend Micro (US)
Darktrace Report Highlights The Growing Power Of MaaS, Sneaky Evasion Tactics
Google Calendar Malware Is on the Rise. Here’s How to Stay Safe | WIRED
Hide and Seek in Memory: Outsmarting Sneaky Malware with Data Magic | HackerNoon
Phishing attack hides JavaScript using invisible Unicode trick
Chinese hackers use custom malware to spy on US telecom networks
Mobile
Mobile Phishing Attacks Surge with 16% of Incidents in US - Infosecurity Magazine
The 6 most notorious and dangerous Android malware of all time
Chrome for Android adds new protection against malicious apps | Digital Trends
Android's New Feature Blocks Fraudsters from Sideloading Apps During Calls
Apple resists UK regulator demands to open up iOS browsers, citing security risks | TechSpot
Your Android phone could have stalkerware — here's how to remove it | TechCrunch
Denial of Service/DoS/DDoS
Qualys Identifies Critical Vulnerabilities That Enable DDoS, MITM Attacks
Internet of Things – IoT
Massive Data Exposure At Mars Hydro Highlights IoT Security Risks
Connected vehicle hacking on the increase
Data Breaches/Leaks
Cyber security gaps exposed as 96% of S&P 500 firms hit by data breaches
N Ireland police charges suspected terrorists using FoI data • The Register
Insight Partners, VC Giant, Falls to Social Engineering
When Brand Loyalty Trumps Data Security
Massive data breach in France: Protect yourself from cyber attacks
Zacks Investment hit in data breach - 12 million users potentially at risk | TechRadar
Fintech giant Finastra notifies victims of October data breach
Massive Data Exposure At Mars Hydro Highlights IoT Security Risks
Zacks Investment Research Breach Hits 12 Million - Infosecurity Magazine
US Coast Guard paychecks delayed by cyber attack | TechRadar
Cyber attack compromises leading Australian IVF provider’s data | SC Media
Data breach risk confirmed - Bailiwick Express News Guernsey
Organised Crime & Criminal Actors
Malware-as-a-Service accounts for 57 percent of all threats
Why ‘malware as a service’ is becoming a serious problem | ITPro
127 Servers of Bulletproof Hosting Service Zservers Seized by Dutch Police - SecurityWeek
Black Basta ransomware gang's internal chat logs leak online
Thousands of trafficked scammers await return to Thailand • The Register
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Trojanized Game Installers Deploy Cryptocurrency Miner in Large-Scale StaryDobry Attack
Two arrested after pensioner scammed out of crypto nest egg • The Register
Insider Risk and Insider Threats
The Bourne Insecurity: When Defence Employees Unwittingly Help Attackers
Forrester Report: The Complexities Of Human-Element Breaches
Insurance
Supply Chain and Third Parties
Is a lack of supply chain visibility undermining board-level confidence in cyber security programs?
Third party delegation risk - IT Security Guru
Cloud/SaaS
Hackers are using this new phishing technique to bypass MFA | ITPro
Russian Hackers Target Microsoft 365 Accounts with Device Code Attacks - Infosecurity Magazine
What is device code phishing, and why are Russian spies so successful at it? - Ars Technica
Suspected Russian spies caught spoofing Teams invites • The Register
Threat actors are using legitimate Microsoft feature to compromise M365 accounts - Help Net Security
Trump admin sought to counter UK-ordered iCloud encryption backdoor | SC Media
New "whoAMI" Attack Exploits AWS AMI Name Confusion for Remote Code Execution
How CISOs can balance security and business agility in the cloud - Help Net Security
Identity and Access Management
Identity is the Breaking Point—Get It Right or Zero Trust Fails | VentureBeat
Encryption
What is an encryption backdoor? | TechCrunch
Trump admin sought to counter UK-ordered iCloud encryption backdoor | SC Media
10 years on after Data and Goliath warned of data collection • The Register
Rethinking the Debate on Encryption Backdoors | SC Media UK
Quantum computing in cyber security: A double-edged sword | Computer Weekly
Passwords, Credential Stuffing & Brute Force Attacks
Over 330 Million Credentials Compromised by Infostealers - Infosecurity Magazine
PirateFi game on Steam caught installing password-stealing malware
The Bourne Insecurity: When Defence Employees Unwittingly Help Attackers
Hackers used free Steam game to steal passwords, Valve warns affected users | TechSpot
US military and defence contractors hit with Infostealer malware | TechRadar
Hundreds of US Military and Defence Credentials Stolen - Infosecurity Magazine
Credential Theft Becomes Cyber Criminals' Favorite Target
Social Media
Cyber criminals shift focus to social media as attacks reach historic highs - Help Net Security
Training, Education and Awareness
How Slashing the SAT Budget Is Appreciated By Hackers - Security Boulevard
Regulations, Fines and Legislation
Why Regulating AI Is So Hard — And Necessary - The Good Men Project
Trump admin sought to counter UK-ordered iCloud encryption backdoor | SC Media
UK’s AI Safety Institute Rebrands Amid Government Strategy Shift - Infosecurity Magazine
UK’s AI Security Institute to protect against AI risks to national security
SEC creates Cyber and Emerging Technologies Unit
CIOs to the DORA test: how to speed up the process for compliance | CSO Online
Top US Election Security Watchdog Forced to Stop Election Security Work | WIRED
Elon Musk's DOGE launched its website. It was hacked within days | Fortune
Why dismantling the PCLOB and CSRB threatens privacy and national security
DoD's new CISO once had clearance revoked for data leak • The Register
DOGE Now Has Access to the Top US Cyber Security Agency | WIRED
US AI Safety Institute will be 'gutted,' Axios reports | ZDNET
Europe Mounts the Artificial-Intelligence Barricades - Bloomberg
Models, Frameworks and Standards
CIOs to the DORA test: how to speed up the process for compliance | CSO Online
PCI DSS 4.0 Mandates DMARC By 31st March 2025
Careers, Working in Cyber and Information Security
Cyber security jobs are on the rise as digital threats continue to evolve - The Globe and Mail
Cyber security Salaries Stay Competitive, Retention Challenges Persist - Security Boulevard
Cyber security is tough: 4 steps leaders can take now to reduce team burnout | CSO Online
Q&A: Tackling the cyber skills gap — Financier Worldwide
Cyber security professionals not happy in their jobs
West Coast Cyber Security Salaries Outshine Rest of Country - Infosecurity Magazine
Law Enforcement Action and Take Downs
127 Servers of Bulletproof Hosting Service Zservers Seized by Dutch Police - SecurityWeek
US Army soldier pleads guilty to AT&T and Verizon hacks | TechCrunch
The Zservers takedown is another big win for law enforcement | ITPro
Two arrested after pensioner scammed out of crypto nest egg • The Register
Thousands of trafficked scammers await return to Thailand • The Register
Ending the Ransomware Scourge Requires Punishing Its Enablers
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Banking sector wrestling with cyber concerns amid spectre of geopolitical impacts
ESentire Uncovers EarthKapre/RedCurl Attack Targeting Law Firms
Spies Eye AUKUS Nuclear Submarine Secrets - Infosecurity Magazine
Nation State Actors
China
The growing cyber threat: Ransomware, China, and state-sponsored attacks - GZERO Media
China-Linked Threat Group Targets Japanese Orgs' Servers
South Korea Suspends DeepSeek AI Downloads Over Privacy Violations
Chinese hackers use custom malware to spy on US telecom networks
Salt Typhoon used custom malware JumbledPath to spy on US telecom providers
Winnti APT41 Targets Japanese Firms in RevivalStone Cyber Espionage Campaign
AI Could Help the US Evade a Crippling Cyber Attack on Its Satellites - Business Insider
How to run DeepSeek AI locally to protect your privacy - 2 easy ways | ZDNET
Russia
Hackers are using this new phishing technique to bypass MFA | ITPro
Russian Hackers Target Microsoft 365 Accounts with Device Code Attacks - Infosecurity Magazine
Suspected Russian spies caught spoofing Teams invites • The Register
Russian malware discovered with Telegram hacks for C2 operations | CSO Online
Russia’s AI-Powered Cyber Attacks Threaten to Outpace Western Defences
Russian Groups Target Signal Messenger in Spy Campaign
Ending the Ransomware Scourge Requires Punishing Its Enablers
Russian phishing campaigns exploit Signal's device-linking feature
Is Russia Reining In Ransomware-Wielding Criminals?
North Korea
North Korea's Kimsuky Attacks Rivals' Trusted Platforms
Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence
N Ireland police charges suspected terrorists using FoI data • The Register
Tools and Controls
How Slashing the SAT Budget Is Appreciated By Hackers - Security Boulevard
44% of Middle-Market Firms Invest in Cyber Crime Protection
IT spending will be driven by cyber security and AI
300% increase in endpoint malware detections - Help Net Security
CISO's Expert Guide To CTEM And Why It Matters
New GRC and cyber risk strategies emphasize risk adaptability - Help Net Security
Edge device vulnerabilities fueled attack sprees in 2024 | CyberScoop
Most impactful cyber attacks linked to vulnerable edge devices | SC Media
AI vs. Endpoint Attacks: What Security Leaders Need To Know | VentureBeat
API Security Matters: The Risks of Turning a Blind EyeWebinar.
Identity is the Breaking Point—Get It Right or Zero Trust Fails | VentureBeat
How CISOs can balance security and business agility in the cloud - Help Net Security
Other News
Two-thirds of UK businesses still failing on cyber security | Total Telecom
Robert De Niro Tries to Save America in Netflix’s High-Profile Mini-Series Zero Day | Vanity Fair
How to improve cyber security in healthcare | McKinsey
US Coast Guard paychecks delayed by cyber attack | TechRadar
Another Cyber Security Flaw: Automakers Still Risking Too Much
Securing E-Commerce in an Age of Relentless Cyber Threats
AI Could Help the US Evade a Crippling Cyber Attack on Its Satellites - Business Insider
4 Cyber Security Misconceptions to Leave Behind in 2025 - The New Stack
Five cyber security basics that stand the test of time | SC Media
Vulnerability Management
Cyber security experts defend CVSS amid criticism | SC Media
Edge device vulnerabilities fuelled attack sprees in 2024 | CyberScoop
Microsoft reminds admins to prepare for WSUS driver sync deprecation
Vulnerabilities
Hackers Exploit Palo Alto Firewall Vulnerability Day After Disclosure - SecurityWeek
SonicWall firewalls under attack. Patch now • The Register
Palo Alto Networks and SonicWall Firewalls Under Attack - Infosecurity Magazine
Microsoft is pushing a security update to Windows 11 that breaks File Explorer
New Xerox Printer Flaws Could Let Attackers Capture Windows Active Directory Credentials
Citrix Releases Security Fix for NetScaler Console Privilege Escalation Vulnerability
Ivanti endpoint manager can become endpoint ravager • The Register
Xerox Versalink Printer Vulnerabilities Enable Lateral Movement - SecurityWeek
Qualys Identifies Critical Vulnerabilities That Enable DDoS, MITM Attacks
Juniper Session Smart Routers Vulnerability Could Let Attackers Bypass Authentication
Juniper Warns of Critical Authentication Bypass Vulnerability Affecting Multiple Products
OpenSSH bugs threaten enterprise security, uptime • The Register
Chrome 133, Firefox 135 Updates Patch High-Severity Vulnerabilities - SecurityWeek
Palo Alto warns firewalls flaws are under active attack • The Register
Microsoft Patches Actively Exploited Power Pages Privilege Escalation Vulnerability
WordPress Plugin Vulnerability Exposes 90,000 Sites to Attack - Infosecurity Magazine
Firefox 135.0.1: important security update and bug fixes - gHacks Tech News
Cisco Confirms Salt Typhoon Exploited CVE-2018-0171 to Target US Telecom Networks
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.