Black Arrow Cyber Threat Intelligence Briefing 21 March 2025
Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Summary
There is a clear trend this week that the human element in cyber attacks is being consistently underestimated. Many organisations are overlooking how psychological manipulation, poor user awareness, and leadership blind spots continue to drive successful attacks – even as technical defences evolve.
Reports reveal a concerning rise in phishing and social engineering, with AI now enabling convincing scams that bypass traditional detection. Despite employee confidence, over half of workers fall victim to these tactics. Malicious email campaigns are becoming more deceptive, targeting hiring processes and using compromised accounts to breach defences. Meanwhile, research highlights concerns that ‘cyberwashing’ (the overstating of security capabilities) is creating a false sense of safety, exposing organisations and consumers to avoidable risk.
From a leadership perspective, there’s a growing recognition that cyber security must be a business-wide priority, not just a technical one. Black Arrow Cyber believes that moving beyond checkbox compliance towards risk-led, strategic resilience is essential. Rising ransomware threats, politically motivated sabotage, and complex supply chain risks all demand a unified approach that integrates robust cyber governance with board-level engagement, independent oversight, and ongoing investment in both technology and human readiness.
Top Cyber Stories of the Last Week
Why Cyber Security Needs More Business-Minded Leaders
Cyber security leadership is undergoing a fundamental shift as organisations move beyond compliance towards true resilience. Increasingly, leaders with backgrounds in finance, law, and corporate strategy are taking the helm, bringing a risk-first mindset to security. Rather than focusing solely on technical defences, today’s leaders must align cyber security with wider business objectives, ensuring it supports operational continuity and mitigates financial and reputational risks. This evolution reflects a growing understanding that cyber threats disrupt entire enterprises, not just IT systems. By embedding security into core business strategy, organisations can drive efficiency, secure executive buy-in, and build long-term resilience.
Cyberwashing Exposes Businesses and Consumers to Cyber Risks, Study Warns
A new study from Monash University in Australia warns that many organisations are overstating their cyber security capabilities, a practice dubbed ‘cyberwashing’. This creates a false sense of safety, leaving businesses and consumers exposed to data breaches. The report highlights that vague security claims, lack of independent verification, and failure to disclose past incidents undermine trust and resilience. High-profile breaches at firms like Optus and Medibank illustrate the reputational and legal risks. The study calls for independent audits, clearer reporting, and stronger board oversight as regulatory scrutiny and shareholder lawsuits increase in response to misleading cyber security assurances.
New KnowBe4 Report Reveals a Spike in Phishing Campaigns
KnowBe4’s latest Phishing Threat Trends Report reveals a 17% rise in phishing emails over six months, with 82% of them using AI. Attacks are increasingly bypassing traditional defences, with phishing hyperlinks up 36%, malware up 20%, and social engineering tactics up 14%. Ransomware payloads rose by 22%, including a sharp 57% increase in the last three months. Notably, 76% of campaigns now use polymorphic techniques to avoid detection, and attacks from compromised accounts are up 57%. The report also warns of growing threats targeting hiring processes: 64% focused on engineering roles to gain access to sensitive systems and data.
Over 400 million Unwanted and Malicious Emails Were Received by Businesses in 2024
Hornetsecurity’s latest research reveals that in 2024, over 427 million malicious emails were received by businesses, with phishing accounting for a third of all cyber attacks. Malicious URLs surged to 22% of attack methods, as cyber criminals shifted tactics away from attachments toward more deceptive strategies like reverse proxy attacks that can bypass two-factor authentication. Despite a slight drop in the overall threat index, industries such as mining, entertainment, and manufacturing remain high-risk. The report stresses the need for advanced email filtering, robust multi-layered authentication, and company-wide cyber security awareness to defend against increasingly sophisticated threats.
The Psychology of Scams: How Cyber Criminals Are Exploiting the Human Brain
Cyber criminals stole over £11.4 billion from UK victims last year, increasingly exploiting human psychology rather than just technical weaknesses. With AI lowering barriers to entry, even unsophisticated attackers can craft convincing scams using deepfakes, fake websites, and personalised phishing emails. In fact, 70% of over 30 million phishing emails detected bypassed standard authentication checks. Under stress and decision fatigue, employees are more likely to fall for social engineering tactics that manipulate trust and urgency. While training helps, organisations must combine human awareness with AI-enabled cyber security systems to detect threats traditional tools may miss.
Many Workers Are Overconfident at Spotting Phishing Attacks
A report from KnowBe4 highlights the risks of overconfidence among employees when it comes to spotting phishing attacks. Despite 86% of employees feeling confident in their ability to identify phishing emails, more than half (53%) have fallen victim to social engineering scams. This includes phishing, social media scams, and deepfakes. The report stresses the importance of employee training and fostering a transparent security culture to combat these threats. Even in regions with historically high confidence, such as the UK, vulnerability to these attacks is rising, highlighting the need for ongoing awareness and education.
Russia Using Criminal Networks to Drive Increase in Sabotage Acts, Says Europol
Europol’s latest threat assessment warns of a rise in politically motivated cyber attacks and sabotage across the EU, driven by state actors like Russia working through organised criminal networks. These proxies engage in cyber attacks, arson, data theft and infrastructure sabotage, often using a “woodpecker” approach of frequent, low-level incidents that cumulatively undermine public trust and stability. The report highlights over 150 migrant-smuggling incidents daily on Poland’s border, as well as recent attacks on hospitals and retail centres linked to Russian intelligence. Europol also flags AI-driven online fraud and youth recruitment into cyber crime as growing concerns.
AI Will Make Ransomware Even More Dangerous
Ivanti’s latest research warns that ransomware, already the top predicted threat for 2025, is expected to become even more dangerous with AI; a concern shared by 38% of security professionals yet only 29% feel very prepared to face such attacks. Despite 49% of leaders understanding exposure management, a more strategic approach to cyber security, just 22% plan to increase investment in it. Blind spots remain across shadow IT and vendor risk, while tech debt is a growing concern, with 43% citing increased breach risk and 71% reporting slowed growth. Boards are engaged, but alignment on risk appetite is often lacking.
Third of UK Supply Chain Relies on ‘Chinese Military’ Companies
Bitsight’s latest report reveals that UK firms have digital supply chains 10% larger than the global average, making them more exposed to cyber threats. A key concern is that 30% of UK supply chain relationships involve companies linked to the Chinese military. Additionally, many organisations depend on ‘hidden pillar’ providers (small vendors with an outsized impact) raising the risk of cascading disruption. Suppliers themselves are often more vulnerable than their clients, using 2.5 times more products and having 10 times more internet-facing assets, while also lagging in critical areas like patching and securing systems.
How Economic Headwinds Influence the Ransomware Ecosystem
Ransomware attacks continue to place severe financial strain on organisations, with median ransom demands reaching $2.54 million and total recovery costs often exceeding $3 million. Economic pressures such as inflation, volatile cryptocurrency markets, and security budget cuts are compounding the issue. Threat actors are increasingly adjusting their demands based on inflation and crypto trends, while financial hardship is breeding more attackers and weakening organisational defences. Encouragingly, only 25% of victims paid ransoms in late 2024, an all-time low, but experts warn that even basic cyber defences are being neglected due to budget constraints, increasing the likelihood of compromise.
Malicious Android ‘Vapor’ Apps on Google Play Installed 60 million Times
A recent campaign dubbed ‘Vapor’ saw over 300 malicious Android apps downloaded 60 million times from Google Play, posing as legitimate utilities like health trackers and QR scanners. Though harmless at first glance, these apps activated malicious functions after installation to commit large-scale ad fraud generating 200 million fake ad requests daily, and in some cases attempted to steal user credentials and credit card details. The apps bypassed Google’s security checks by delaying malicious behaviour, remaining hidden from users. While Google has since removed the apps, experts warn the threat actors could return using similar techniques to evade detection.
Moving Beyond Checkbox Security for True Resilience
Many organisations still rely on a ‘checkbox’ approach to cyber security, meeting regulatory requirements without addressing broader risks. MITRE highlights the need for CISOs to align compliance with a threat-informed, risk-based strategy focused on protecting core business assets. Shadow IT and software supply chain vulnerabilities are key blind spots, often left unaddressed. With cloud-focused attacks and advanced ransomware tactics on the rise, investment in continuous testing and managed services is recommended. Large firms like Microsoft have made sizeable investments in security, demonstrating that security must be treated as an evolving discipline, with regular reviews and proactive enhancements to build true resilience.
Sources:
https://www.itsecurityguru.org/2025/03/20/new-knowbe4-report-reveals-a-spike-in-phishing-campaigns/
https://www.techradar.com/pro/security/many-workers-are-overconfident-at-spotting-phishing-attacks
https://www.helpnetsecurity.com/2025/03/21/exposure-management-understanding-among-security-leaders/
https://www.infosecurity-magazine.com/news/third-uk-supply-chain-relies/
https://www.helpnetsecurity.com/2025/03/19/william-booth-mitre-proactive-security-measures/
Governance, Risk and Compliance
A strategic approach to security is key for cyber resilience | World Economic Forum
The Core Pillars of Cyber Resiliency
What Is Cyber Security Risk? A Guide to Protect Your Business - Security Boulevard
Moving beyond checkbox security for true resilience - Help Net Security
Not all cuts are equal: Security budget choices disproportionately impact risk | CSO Online
What If Prevention Was the Key to Cyber Security Success? | Entrepreneur
Advanced Cyber Security for the Modern Enterprise - Security Boulevard
Why Cyber Security Needs More Business-Minded Leaders
Security Neglect: Like an Unserviced Car, It’s Only a Matter of Time - Security Boulevard
Cyberwashing exposes businesses and consumers to cyber risks, study warns
Higher Profile and AI are Putting More Pressure on GRC Teams: Drata | MSSP Alert
Why 2025’s Cyber Security Landscape Demands a Complete Overhaul of Your IT Infrastructure
Most organisations change policies to reduce CISO liability risk - Help Net Security
Quantifying cyber risk strategies to resonate with CFOs and boards - Help Net Security
5 Mistakes Companies Will Make This Year With Cyber Security
Court Affirms Conviction of Ex-Uber Security Chief That Shook Cyber Security World
Lessons on Attack Attribution for CIOs and CISOs
How financial institutions can minimize their attack surface - Help Net Security
Breaches Often Start Where You Least Expect | Grip Security - Security Boulevard
Threats
Ransomware, Extortion and Destructive Attacks
Ransomware is the top predicted threat for 2025
Now Ransomware Attackers Can Brute Force Your VPNs And Firewalls
How Economic Headwinds Affect Ransomware
Europol Warns of “Shadow Alliance” Between States and Criminals - Infosecurity Magazine
Fraudsters Impersonate Clop Ransomware to Extort Businesses - Infosecurity Magazine
Report: Ransomware attacks soared to new heights last month | SC Media
BlackLock Ransomware Hacked 40+ Organisation Within Two Months
Cyber Security Officials Warn Against Potentially Costly Medusa Ransomware Attacks
SANS Institute Warns of Novel Cloud-Native Ransomware Attacks
The state of ransomware: Fragmented but still potent despite takedowns | CSO Online
Fortinet Vulnerability Exploited in Ransomware Attack, CISA Warns - Infosecurity Magazine
Clop resurgence drives ransomware attacks in February | Computer Weekly
FBI: A Simple Email Could Make You a Target for Extortion
BlackLock Ransomware: What You Need To Know | Tripwire
AI will make ransomware even more dangerous - Help Net Security
Extortion crew to victim: Pay or we tell ... Edward Snowden? • The Register
Update: LockBit Ransomware | Intel 471
RansomHub affiliate leverages multi-function Betruger backdoor - Help Net Security
LockBit Developer Extradited to US
Suspected LockBit ransomware dev extradited to United States
Leaked Black Basta Chats Suggest Russian Officials Aided Leader's Escape from Armenia
Ransomware attacks are costing Government offices a month of downtime on average | TechRadar
Phishing & Email Based Attacks
Many workers are overconfident at spotting phishing attacks | TechRadar
Over 400 million unwanted and malicious emails were received by businesses in 2024 | TechRadar
False confidence leaves businesses at risk of phishing scams
427.8 Million Dangerous Emails Confirmed—One Rule Can Protect You All
Achilles Email: Defending the Eternal Attack Surface - Infosecurity Magazine
Phishing: A Persistent Threat in the Age of AI - Security Boulevard
How to avoid and prevent social engineering attacks | TechTarget
What do watering holes, pharming and evil twins have in common?
New KnowBe4 Report Reveals a Spike in Phishing Campaigns - IT Security Guru
The psychology of scams: how cyber criminals are exploiting the human brain | TechRadar
Microsoft 365 Targeted in New Phishing, Account Takeover Attacks - SecurityWeek
Cyber criminals Exploit CSS to Evade Spam Filters and Track Email Users' Actions
Mac users are now in danger of a well-known Windows phishing attack | Digital Trends
New Mac phishing attack causes fake freezes to nab your Apple ID password | Macworld
FBI: A Simple Email Could Make You a Target for Extortion
Targeted Microsoft 365 Tenants: Attackers Exploit Billing Emails For Phishing
Sneaky 2FA Joins Tycoon 2FA and EvilProxy in 2025 Phishing Surge - Infosecurity Magazine
Scareware Combined With Phishing in Attacks Targeting macOS Users - SecurityWeek
752,000 Browser Phishing Attacks Mark 140% Increase YoY - Infosecurity Magazine
Julius Caesar Linked To 890,000 New Phishing Attacks
How phishing attacks are hitting the supply chain – and how to fight back | TechRadar
Why No-Reply Emails Are a Cyber Security Hazard - Security Boulevard
Browser Security Under Siege: The Alarming Rise of AI-Powered Phishing - SecurityWeek
Malicious Android 'Vapor' apps on Google Play installed 60 million times
New Ad Fraud Campaign Exploits 331 Apps with 60M+ Downloads for Phishing and Intrusive Ads
Mandatory Coinbase wallet migration? It's a phishing scam!
Other Social Engineering
How to avoid and prevent social engineering attacks | TechTarget
What do watering holes, pharming and evil twins have in common?
The psychology of scams: how cyber criminals are exploiting the human brain | TechRadar
£1M Lost as UK Social Media and Email Account Hacks Skyrocket - Infosecurity Magazine
Artificial Intelligence
AI Can Crack Your Passwords Fast—6 Tips To Stay Secure
AI Use in Cyber Attacks Raises Worker Cyber Security Concerns
Google Report Reveals How Threat Actors Are Currently Using Generative AI - InfoQ
Invisible C2 — thanks to AI-powered techniques - Security Boulevard
Tackling The Threat Of Cyber Risk During AI Adoption
AI will make ransomware even more dangerous - Help Net Security
How AI agents help hackers steal your confidential data - and what to do about it | ZDNET
Gartner Warns Agentic AI Will Accelerate Account Takeovers - Infosecurity Magazine
Hackers target AI and crypto as software supply chain risks grow - Help Net Security
Browser Security Under Siege: The Alarming Rise of AI-Powered Phishing - SecurityWeek
Cyber criminals Taking Advantage Of AI, 'Shadow' Alliances
Higher Profile and AI are Putting More Pressure on GRC Teams: Drata | MSSP Alert
Security Researcher Proves GenAI Tools Can Develop Chrome Infostealers - Infosecurity Magazine
Rethinking vendor risk management in the age of AI and automation | TechRadar
How Schools Can Prepare for Artificial Intelligence-Backed Cyber Attacks | EdTech Magazine
3 types of deepfake detection technology and how they work | TechTarget
2FA/MFA
Malware
ClickFix Widely Adopted by Cyber Criminals, APT Groups - SecurityWeek
Microsoft Uncovers New XCSSET MacOS Malware Variant Targeting Xcode Projects
Why Infostealer Malware Is My New Biggest Malware Worry
AsyncRAT Surges In Global Malware Rankings
Free file converter malware scam "rampant" claims FBI
Microsoft 365 accounts are under attack from new malware spoofing popular work apps | TechRadar
Invisible Windows Rootkit Hides Dangerous Files Using This Prefix
11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft - SecurityWeek
China-Linked MirrorFace Deploys ANEL and AsyncRAT in New Cyber Espionage Operation
Malware Increasingly Spread By Fraudulent CAPTCHA Checks | MSSP Alert
Password Warning As 2.1 Billion Credentials Hit By Infostealer Attacks
Beware the coming Mac malware season – Computerworld
RansomHub affiliate leverages multi-function Betruger backdoor - Help Net Security
Malware campaign 'DollyWay' breached 20,000 WordPress sites
Security Researcher Proves GenAI Tools Can Develop Chrome Infostealers - Infosecurity Magazine
Be Careful What You Search For—New Attack Could Cost You Dearly
Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners
YouTube Game Cheats Spread Arcane Stealer Malware to Russian-Speaking Users
CERT-UA warns of cyber espionage against the Ukrainian defence industry using Dark Crystal RAT
100 Car Dealerships Hit by Supply Chain Attack - SecurityWeek
Mobile
Rooted Devices 250 Times More Vulnerable to Compromise - Infosecurity Magazine
New Ad Fraud Campaign Exploits 331 Apps with 60M+ Downloads for Phishing and Intrusive Ads
Denial of Service/DoS/DDoS
European Cyber Report 2025: 137% more DDoS attacks than
Internet of Things – IoT
All your Alexa recordings will go to the cloud soon, as Amazon sunsets Echo privacy | ZDNET
Data Breaches/Leaks
Over 16.8 Billion Records Exposed as Data Breaches Increase 6% - Infosecurity Magazine
How to calculate the cost of a data breach | TechTarget
Massive Cyber Attack in France: 12 Million Identities at Risk - Protect Yourself Now
GitHub supply chain attack spills secrets from 23K projects • The Register
Fake "Security Alert" issues on GitHub use OAuth app to hijack accounts
Personal info feared stolen from sperm bank • The Register
Top California sperm bank suffers embarrassing leak | TechRadar
Infosys to Pay $17.5 Million in Settlement Over 2023 Data Breach - SecurityWeek
Western Alliance Bank notifies 21,899 customers of data breach
Organised Crime & Criminal Actors
Why Cyber Crime Forum Collaboration Is Making Attacks More Efficient, And How To Stay Ahead
Russia Escalated Sabotage to Pressure U.S. and Allies on Ukraine, Study Says - The New York Times
Europol Warns of “Shadow Alliance” Between States and Criminals - Infosecurity Magazine
UK Police Arrest 422 in Major Fraud Crackdown - Infosecurity Magazine
20,000 Hacked WordPress Sites Used in Redirect Scheme
What Trump 2.0 Might Mean for Russian Cyber Crime - New Lines Magazine
Capital One hacker Paige Thompson got too light a sentence, appeals court rules | CyberScoop
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Blockchain gaming platform WEMIX hacked to steal $6.1 million
Widespread Coinbase phishing attack uncovered | SC Media
Hackers target AI and crypto as software supply chain risks grow - Help Net Security
Bybit: 89% of stolen $1.4B crypto still traceable post-hack
Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners
Mandatory Coinbase wallet migration? It's a phishing scam!
Insider Risk and Insider Threats
The psychology of scams: how cyber criminals are exploiting the human brain | TechRadar
43% of office workers say they could cause a cyber security breach this year
Many workers are overconfident at spotting phishing attacks | TechRadar
False confidence leaves businesses at risk of phishing scams
DoD engineer took home top-secret docs, booked a trip to MX • The Register
Supply Chain and Third Parties
Third of UK Supply Chain Relies on “Chinese Military” Companies - Infosecurity Magazine
Supply Chain Attack Exposes Enterprise Secrets: A Wake-Up Call for Enterprise Security Professionals
How phishing attacks are hitting the supply chain – and how to fight back | TechRadar
Hackers target AI and crypto as software supply chain risks grow - Help Net Security
Rethinking vendor risk management in the age of AI and automation | TechRadar
GitHub supply chain attack spills secrets from 23K projects • The Register
Infosys to Pay $17.5 Million in Settlement Over 2023 Data Breach - SecurityWeek
100 Car Dealerships Hit by Supply Chain Attack - SecurityWeek
Cloud/SaaS
UK Businesses Face Growing Cloud Security Crisis – Are You Prepared? | SC Media UK
SANS Institute Warns of Novel Cloud-Native Ransomware Attacks
Microsoft 365 Targeted in New Phishing, Account Takeover Attacks - SecurityWeek
Microsoft 365 accounts are under attack from new malware spoofing popular work apps | TechRadar
Hackers Use OAuth Apps to Steal Microsoft 365 Credentials
Targeted Microsoft 365 Tenants: Attackers Exploit Billing Emails For Phishing
The biggest security flaw of every cloud service that no one talks about -- until it's too late
How to Protect Your Business from Cyber Threats: Mastering the Shared Responsibility Model
Week-long Exchange Online outage causes email failures, delays
Outages
Week-long Exchange Online outage causes email failures, delays
Encryption
New Akira ransomware decryptor cracks encryptions keys using GPUs
US lawmakers urge public hearing on UK Apple encryption • The Register
A New Era of Attacks on Encryption Is Starting to Heat Up | WIRED
US Legislators Demand Transparency in Apple's UK Backdoor Court Fight - Infosecurity Magazine
NCSC Sets 2035 Deadline for Post-Quantum Cryptography Migration - Infosecurity Magazine
UK cyber security watchdog warns on future risk of quantum computer hacking
The UK’s Apple backdoor demand
Filing: DOGE broke Treasury policy with unencrypted email • The Register
Linux and Open Source
Open source security in the spotlight as UK gov publishes fresh guidance | ITPro
Security issue in open source software leaves businesses concerned for systems | TechRadar
Passwords, Credential Stuffing & Brute Force Attacks
AI Can Crack Your Passwords Fast—6 Tips To Stay Secure
Now Ransomware Attackers Can Brute Force Your VPNs And Firewalls
Microsoft 365 Targeted in New Phishing, Account Takeover Attacks - SecurityWeek
New Mac phishing attack causes fake freezes to nab your Apple ID password | Macworld
The poor the bad and the terrible -- popular passwords around the world
Hackers Use OAuth Apps to Steal Microsoft 365 Credentials
Gartner Warns Agentic AI Will Accelerate Account Takeovers - Infosecurity Magazine
Password Warning As 2.1 Billion Credentials Hit By Infostealer Attacks
70% of leaked secrets remain active two years later - Help Net Security
Fake "Security Alert" issues on GitHub use OAuth app to hijack accounts
"China's Amazon" JD.com passwords allegedly stolen | Cybernews
Social Media
£1M Lost as UK Social Media and Email Account Hacks Skyrocket - Infosecurity Magazine
UK’s Online Safety Act: Ofcom Can Now Issue Sanctions - Infosecurity Magazine
Stay safe from online hate with these five tips
YouTube Game Cheats Spread Arcane Stealer Malware to Russian-Speaking Users
Malvertising
Malvertising Explained: How To Spot And Steer Clear Of It
Why It's So Hard to Stop Rising Malicious TDS Traffic
Malicious Android 'Vapor' apps on Google Play installed 60 million times
New Ad Fraud Campaign Exploits 331 Apps with 60M+ Downloads for Phishing and Intrusive Ads
Large-Scale Malicious App Campaign Bypassing Android Security - Infosecurity Magazine
Training, Education and Awareness
43% of office workers say they could cause a cyber security breach this year
Many workers are overconfident at spotting phishing attacks | TechRadar
False confidence leaves businesses at risk of phishing scams
Regulations, Fines and Legislation
UK ICO warns biometric tools may pose privacy, compliance risks | Biometric Update
A New Era of Attacks on Encryption Is Starting to Heat Up | WIRED
US Legislators Demand Transparency in Apple's UK Backdoor Court Fight - Infosecurity Magazine
MS-ISAC, EI-ISAC Funding Cuts Threaten National Security, Officials Say | MSSP Alert
Trump Administration Orders Federal Agencies To Avoid Cyber Staff Layoffs | MSSP Alert
US lawmakers urge public hearing on UK Apple encryption • The Register
UK’s Online Safety Act: Ofcom Can Now Issue Sanctions - Infosecurity Magazine
The UK’s Apple backdoor demand
NIST’s vulnerability database logjam is still growing despite attempts to clear it - Nextgov/FCW
Open source security in the spotlight as UK gov publishes fresh guidance | ITPro
CISA works to contact probationary employees for reinstatement after court order - Nextgov/FCW
DOGE staffer violated security policies at Treasury Department, court filing shows | CyberScoop
Filing: DOGE broke Treasury policy with unencrypted email • The Register
What Trump 2.0 Might Mean for Russian Cyber Crime - New Lines Magazine
12 Hours or Else: Hong Kong’s Cyber Security Explained - Security Boulevard
Careers, Working in Cyber and Information Security
Wellbeing in the Cyber Security Sector: A Call for Participation - IT Security Guru
3 AI-Driven Roles in Cyber Security
Law Enforcement Action and Take Downs
The state of ransomware: Fragmented but still potent despite takedowns | CSO Online
UK Police Arrest 422 in Major Fraud Crackdown - Infosecurity Magazine
LockBit Developer Extradited to US
Telegram CEO leaves France temporarily as criminal probe continues
Suspected LockBit ransomware dev extradited to United States
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Denmark warns of increased state-sponsored campaigns targeting the European telcos
11 State-Sponsored APTs Exploiting LNK Files for Espionage, Data Theft - SecurityWeek
Windows shortcut exploit used as zero-day in global cyber espionage campaigns
How CISOs can counter the threat of nation state espionage | Computer Weekly
Nation State Actors
Europol Warns of “Shadow Alliance” Between States and Criminals - Infosecurity Magazine
Denmark warns of increased state-sponsored campaigns targeting the European telcos
What is an APT and how are they tracked? | ITPro
ClickFix Widely Adopted by Cyber Criminals, APT Groups - SecurityWeek
New Windows zero-day exploited by 11 state hacking groups since 2017
Microsoft isn't fixing 8-year-old zero day used for spying • The Register
How CISOs can counter the threat of nation state espionage | Computer Weekly
Cyber criminals Taking Advantage Of AI, 'Shadow' Alliances
China
Third of UK Supply Chain Relies on “Chinese Military” Companies - Infosecurity Magazine
China-Linked MirrorFace Deploys ANEL and AsyncRAT in New Cyber Espionage Operation
Chinese Hacking Group MirrorFace Targeting Europe - SecurityWeek
Exploit Code for Apache Tomcat RCE Vulnerability Published on Chinese Forum - SecurityWeek
Emulating the Sophisticated Chinese Adversary Salt Typhoon - Security Boulevard
FishMonger APT Group Linked to I-SOON in Espionage Campaigns - Infosecurity Magazine
"China's Amazon" JD.com passwords allegedly stolen | Cybernews
12 Hours or Else: Hong Kong’s Cyber Security Explained - Security Boulevard
Russia
Russia Escalated Sabotage to Pressure U.S. and Allies on Ukraine, Study Says - The New York Times
BlackBasta Ransomware Ties to Russian Authorities Uncovered - Infosecurity Magazine
Europol Warns of “Shadow Alliance” Between States and Criminals - Infosecurity Magazine
UK under-prepared for catastrophic cyber attack
Three years after Russia’s invasion, a global online army is still fighting for Ukraine
Leaked Black Basta Chats Suggest Russian Officials Aided Leader's Escape from Armenia
Black Basta Leader in League With Russian Officials
What Trump 2.0 Might Mean for Russian Cyber Crime - New Lines Magazine
CERT-UA warns of cyber espionage against the Ukrainian defence industry using Dark Crystal RAT
YouTube Game Cheats Spread Arcane Stealer Malware to Russian-Speaking Users
North Korea
Bybit: 89% of stolen $1.4B crypto still traceable post-hack
Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence
Six additional countries identified as suspected Paragon spyware customers | CyberScoop
Tools and Controls
Now Ransomware Attackers Can Brute Force Your VPNs And Firewalls
Moving beyond checkbox security for true resilience - Help Net Security
Not all cuts are equal: Security budget choices disproportionately impact risk | CSO Online
A strategic approach to security is key for cyber resilience | World Economic Forum
The API Security Illusion: IT Leaders May Be Overconfident
Hackers Leveraging RMM Tools To Maintain Persistence To Infiltrate And Move Through Networks
What Is Cyber Security Risk? A Guide to Protect Your Business - Security Boulevard
Is it time to retire 'one-off' pen tests for continuous testing?
Why So Many Employee Phishing Training Initiatives Fall Short
What If Prevention Was the Key to Cyber Security Success? | Entrepreneur
Quantifying cyber risk strategies to resonate with CFOs and boards - Help Net Security
43% of office workers say they could cause a cyber security breach this year
Leveraging AI in Security: What MSSPs Need to Know Before They Commit | MSSP Alert
Many workers are overconfident at spotting phishing attacks | TechRadar
Why Continuous Compliance Monitoring Is Essential For IT Managed Service Providers
55% of COOs Use GenAI to Improve Data Security
False confidence leaves businesses at risk of phishing scams
13 API security best practices to protect your business
3 types of deepfake detection technology and how they work | TechTarget
How financial institutions can minimize their attack surface - Help Net Security
Unifying Threat Operations: An Integrated Cyber Security Strategy
Reports Published in the Last Week
New KnowBe4 Report Reveals a Spike in Phishing Campaigns - IT Security Guru
Other News
1 in 10 people do nothing to stay secure and private on vacation | Malwarebytes
New KnowBe4 Report Finds Education Sector Unprepared for Escalating Cyber Attacks
Denmark warns of increased state-sponsored campaigns targeting the European telcos
CNI Security Leaders Express Cyber Confidence Despite 95% Breach Rate - Infosecurity Magazine
Cyber Industry Falls Short on Collaboration, Says Former GCHQ Director - Infosecurity Magazine
Hackers Leveraging RMM Tools To Maintain Persistence To Infiltrate And Move Through Networks
Government probes ‘national security risks’ of data brokers – PublicTechnology
Why 2025’s Cyber Security Landscape Demands a Complete Overhaul of Your IT Infrastructure
Breaches Often Start Where You Least Expect | Grip Security - Security Boulevard
Danish govt raises telecoms sector cyber risk assessment to 'high' - Telecompaper
UK under-prepared for catastrophic cyber attack
Global Education Report Says Some Schools Endure Over 2,500 Attempted Cyber Attacks A Day
Why betting on Mac security could put your organisation at risk | TechRadar
What is a buffer overflow? How do these types of attacks work?| Definition from TechTarget
What Would a Decentralized Internet Look Like? | HackerNoon
The DoD's Cyber Wake-Up Call: Why Playing It Safe Won't Keep Us Safe - ClearanceJobs
Cyber Security Concerns Arise After Announcement To Scrap NHS England
Five ways to protect university data from cyber security threats | EdScoop
Vulnerability Management
Cyber security vulnerabilities and their financial impact | CEPR
How Security Teams Should Respond To The Rise In Vulnerability Disclosures
NIST’s vulnerability database logjam is still growing despite attempts to clear it - Nextgov/FCW
The Microsoft patch management guide for admins | TechTarget
Vulnerabilities
Hackers Use OAuth Apps to Steal Microsoft 365 Credentials
Windows shortcut exploit used as zero-day in global cyber espionage campaigns
Veeam RCE bug lets domain users hack backup servers, patch now
Infoseccers flame Veeam over RCE bug, failing blacklist • The Register
Cisco IOS XR vulnerability lets attackers crash BGP on routers
8,000 New WordPress Vulnerabilities Reported in 2024 - SecurityWeek
Fortinet Vulnerability Exploited in Ransomware Attack, CISA Warns - Infosecurity Magazine
ChatGPT SSRF bug quickly becomes a favorite attack vector
Microsoft isn't fixing 8-year-old zero day used for spying • The Register
Veeam and IBM Release Patches for High-Risk Flaws in Backup and AIX Systems
Critical Fortinet Vuln Draws Fresh Attention
IBM urges quick patching of critical AIX bugs • The Register
WordPress security plugin WP Ghost vulnerable to remote code execution bug
Ongoing Cyber Attacks Exploit Critical Vulnerabilities in Cisco Smart Licensing Utility
iOS 18.3.2 patches gateway for ‘extremely sophisticated attack' - Tech Advisor
HellCat hackers go on a worldwide Jira hacking spree
Hackers Exploit Severe PHP Flaw to Deploy Quasar RAT and XMRig Miners
CISA tags NAKIVO backup flaw as actively exploited in attacks
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.