Black Arrow Cyber Threat Intelligence Briefing 22 November 2024
Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Top Cyber Stories of the Last Week
Cyber Security Dominates Concerns Among the C-Suite, Small Businesses and the Nation
Cyber security is now the top concern for organisations globally, with the 2024 Allianz Risk Barometer naming cyber events as the number one business risk. Gartner forecasts a 15% increase in information security spending by 2025, reaching $212 billion. Small businesses are also vulnerable, with 60% ranking cyber security risks as major concerns. Generative AI introduces new threats, and Gartner predicts that by 2027, 17% of cyber attacks and data leaks will involve generative AI.
Cyber Criminals Don’t Take Holidays Warns Expert
Semperis has found that cyber attacks during holidays and weekends pose a significant risk to businesses because many are underprepared to handle incidents outside of standard working hours. These risks intensify when an organisation’s security capability is reduced on holidays and weekends. The report highlighted that identity-related attacks are a major concern, yet a quarter of respondents feel they lack the expertise to protect against them, and over 22% don't have an identity recovery plan in place.
The Urgent and Critical Need to Prioritise Mobile Security
Recent findings reveal that mobile security threats are a top concern for organisations. With over 55% of organisations increasing their mobile device users and more than 70% of employees using smartphones for work tasks, threats like mobile phishing and malware are intensifying. The report indicates that 82% of phishing websites are designed for mobile users, and 200 malicious apps on Google Play have been downloaded 8 million times. Despite this, many organisations face challenges in mitigating mobile risks due to device diversity and user control, highlighting a critical need for improved mobile security measures.
Companies Take Over Seven Months to Recover from Cyber Incidents
A new report reveals that organisations are underestimating recovery times from cyber incidents, with actual recovery averaging over seven months, 25% longer than anticipated. This gap widens to nearly 11 months for companies reducing cyber security investments. Despite efforts like implementing stronger security measures (43%) and offering additional employee training (41%), nearly half of organisations are rethinking how they use existing cyber security tools. The study also highlights a shift towards shared responsibility, with platform engineering teams and app developers increasingly held accountable alongside traditional roles like Chief Information Security Officers (CISOs) and CIOs.
Data is the New Uranium – Incredibly Powerful and Amazingly Dangerous
Recent insights from Chief Information Security Officers (CISOs) indicate that data-related risks are becoming a primary concern for organisations. The vast and dispersed nature of data storage has led many CISOs to feel that the cost of managing data now outweighs its value. There’s a growing perception that the business proposition of ‘big data’ is shifting from a net positive to a net negative. This underscores the urgent need for organisations to manage data carefully and to be fully aware of the risks and costs associated with potential breaches.
‘Scam Yourself’ Attacks Just Increased Over 600% - Here’s What to Look For
Gen, the company behind Norton and Avast, reports a 614% surge in ‘scam yourself’ cyber attacks in the third quarter compared to the second. These scams leverage social engineering to trick users into downloading malware themselves. Notably, over two million people worldwide were targeted by fake captcha scams in the past quarter. Despite increased vigilance, users remain vulnerable to fake updates, deceptive fixes, and counterfeit tutorials that often instruct them to disable antivirus software or input commands that compromise security.
60% of Emails with QR Codes Classified as Spam or Malicious
Cisco Talos has found that 60% of emails containing QR codes are classified as spam, with some being malicious and targeting users with phishing or credential theft. Despite representing only about one in 500 global emails, these QR code emails effectively bypass security filters. Attackers use deceptive methods like blending QR codes into attractive designs. The report emphasises the importance of ‘defanging’ QR codes to neutralise threats, and advises treating QR codes with the same caution as unknown URLs. Users should be vigilant when scanning QR codes and avoid entering credentials into unknown sites linked via QR codes.
Coalition Highlights 68% Surge in Ransomware Claims Severity, as Active Ransomware Groups Increase 56%
Coalition's latest report reveals a 68% surge in the severity of ransomware claims, with average losses escalating to $353,000. Searchlight Cyber has found a 56% increase in active ransomware groups in the first half of 2024, tracking 73 groups compared to 46 last year. This rise indicates that the fight against ransomware is far from over. The impact of ransomware has intensified, particularly affecting larger companies. Coalition also notes a rise in significant cyber risk aggregation events (which cause widespread loss to other organisations) disrupting a substantial proportion of healthcare firms and auto dealerships with revenues over $100 million. Business email compromise remains the most common cyber incident, increasing by 4% and constituting nearly one-third of all cyber insurance claims. Meanwhile, claims severity overall rose by 14%.
One Deepfake Digital Identity Attack Strikes Every Five Minutes
Entrust has reported that deepfake attacks are occurring every five minutes in 2024, posing a significant threat to digital identity verification systems. The report found that deepfakes account for 24% of fraudulent attempts to bypass motion-based biometric checks used by banks and service providers. In contrast, only 5% of these attacks target basic selfie-based authentication methods. The growing accessibility of generative AI technology is enabling fraudsters to circumvent advanced security measures. Entrust highlighted that organisations must proactively adapt their security strategies, as these evolving threats are pervasive across all sectors.
Supply Chain Attacks Up Over 400% Since 2021
Cowbell Insurance has found that supply chain attacks have surged by 431% since 2021. Large enterprises with over $50 million in revenue are 2.5 times more likely to face cyber incidents. Manufacturing is the most vulnerable sector due to its reliance on automation and exposure to intellectual property threats. Public administration and educational services also face elevated risks, with a 70% increase in attacks on educational institutions over the past year. The report identifies five risky technology categories: operating systems, content management tools, virtualisation technologies, server-side technologies, and business applications. No business is immune to cyber threats and the consequences can be devastating.
Rethinking Cyber Security from Cost Centre to Value Driver
A University of Maryland study found that cyber attacks occur every 39 seconds, amounting to 2,244 attacks daily. Cybersecurity Ventures predicts annual cyber damages will reach $10.5 trillion by 2025. Despite these alarming figures, many organisations treat cyber security as a minimal compliance exercise. Leadership must transform this approach by integrating cyber security into business strategy, fostering a culture of trust and resilience. By prioritising employee training and leveraging technologies like artificial intelligence, companies can enhance customer loyalty, avoid regulatory issues, and shift cyber security from a cost centre to a value driver.
Majority of UK Businesses Lack Readiness for Rising AI-Led Phishing Attacks, Reveals Survey
Vodafone Business has found that most UK businesses are unprepared for the rapid rise in AI-led phishing attacks, which have increased 60% globally over the past year. Despite over three quarters of business leaders expressing confidence in employees' ability to detect scams, only a third could identify fraudulent communications. The report highlighted that over half of UK businesses lack a response plan for AI-driven phishing, and younger employees are particularly susceptible, with nearly half aged 18 to 24 not updating passwords in over a year.
Sources:
https://www.emergingrisks.co.uk/cyber-criminals-dont-take-holidays-warns-expert/
https://www.securityweek.com/the-urgent-and-critical-need-to-prioritize-mobile-security/
https://www.infosecurity-magazine.com/news/companies-seven-months-recover/
https://www.theregister.com/2024/11/20/data_is_the_new_uranium/
https://www.zdnet.com/article/scam-yourself-attacks-just-increased-over-600-heres-what-to-look-for/
https://www.infosecurity-magazine.com/news/60-emails-qr-codes-spam-malicious/
https://www.reinsurancene.ws/coalition-highlights-68-surge-in-ransomware-claims-severity/
https://securityintelligence.com/news/research-finds-56-percent-increase-active-ransomware-groups/
https://www.infosecurity-magazine.com/news/deepfake-identity-attack-every/
https://betanews.com/2024/11/21/supply-chain-attacks-up-over-400-percent-since-2021/
Governance, Risk and Compliance
Cyber security dominates concerns among the C-suite, small businesses and the nation
Rethinking Cyber Security From Cost Center To Value Driver
So, you don’t have a chief information security officer? 9 signs your company needs one | CSO Online
Cyber criminals don’t take holidays warns expert
Chris Inglis: Why cyber security success hinges on strategic choices, not just tech | SC Media
Data is the new uranium – both powerful and dangerous • The Register
Cyber Security is Everyone’s Responsibility - Security Boulevard
Overcoming the cyber paradox: Shrinking budgets – growing threats | Computer Weekly
Hackers Aren’t Cutting Back, Why is Your Security Budget?
Full recovery from breaches takes longer than expected - Help Net Security
Google report shows CISOs must embrace change to stay secure - Help Net Security
Soaring cyber risks: Large enterprises, supply chains and key industries in the crosshairs
Emerging Security Practices in Digital Finance: By Shiv Nanda
Poor cyber hygiene enabled nearly 30% of cyber attacks last quarter | StateScoop
Insights from Cohesity on cyber resilience as a technical team sport - SiliconANGLE
Interconnectivity and cyber risk: A double-edged sword - IT Security Guru
We Can Do Better Than Free Credit Monitoring After a Breach
Breaches Don't Have to Be Disasters
CISOs can now obtain professional liability insurance | CyberScoop
Experts warn businesses of escalating cyber security threats
CISOs Look to Establish Additional Leadership Roles - Security Boulevard
Threats
Ransomware, Extortion and Destructive Attacks
Armis: Triple Extortion Attacks Becoming More Common | SC Media UK
Research finds 56% increase in active ransomware groups
Ransomware gang Akira leaks unprecedented number of victims’ data in one day
Ransomware is doubling down—What you need to know about the recent surge - Security Boulevard
Akira Ransomware Racks Up 30+ Victims in a Single Day
Cloud ransomware threats rise, targeting S3 & Azure
FBI says BianLian based in Russia, moving from ransomware attacks to extortion
Ransomware Evolution: From Triple-Quadruple Extortion to RaaS - Security Boulevard
Coalition highlights 68% surge in ransomware claims severity - Reinsurance News
Ransomware Groups Use Cloud Services For Data Exfiltration - Infosecurity Magazine
Hibernation is Over? Akira Ransomware: Published Over 30 New Victims on their DLS – DataBreaches.Net
Ransomware attacks primarily caused by poor cyber hygiene | SC Media
Cyber insurers address ransom reimbursement policy concerns | TechTarget
Ransomware Gangs on Recruitment Drive for Pen Testers - Infosecurity Magazine
Trellix report reveals evolving ransomware ecosystem trends
Security Bite: Ransomware groups surge in Q3 2024, with shifting dominance - 9to5Mac
Ransomware Attacks On Healthcare Sector Surge In 2024
Linux Variant of Helldown Ransomware Targets VMware
Helldown ransomware exploits Zyxel VPN flaw to breach networks
Alleged Russian Phobos ransomware administrator extradited to U.S., in custody | CyberScoop
Threat Landscape: Corporate Japan Its Own Worst Enemy in the Ransomware War | Nippon.com
Ransomware Victims
How the British Library hack has caused havoc for UK research
SafePay ransomware gang claims attack on UK's Microlise • The Register
Ransomware Attack on Oklahoma Medical Center Impacts 133,000 - SecurityWeek
Change Healthcare’s clearing house restored after 9 months • The Register
Phishing & Email Based Attacks
Phishing emails increasingly use SVG attachments to evade detection
Communication platforms play a major role in data breach risks
You're Not Imagining It: Phishing Attacks Are Rampant
Why email security is still so bad today - 9to5Mac
Why AI alone can't protect you from sophisticated email threats - Help Net Security
Phishing Decoded: How Cyber Criminals Target You And How To Fight Back
Majority of UK businesses lack readiness for rising AI-led phishing attacks, reveals survey
60% of Emails with QR Codes Classified as Spam or Malicious - Infosecurity Magazine
What is a whaling attack (whaling phishing)? | Definition from TechTarget
Job termination scam warns staff of phony Employment Tribunal decision | CSO Online
'Scattered Spider' scammers charged in sophisticated, million-dollar phishing scheme | Mashable
Microsoft Takes Phishing-as-a-Service Platform to Court
Fake Donald Trump Assassination Story Used in Phishing Scam - Infosecurity Magazine
No, Microsoft doesn't have dirt on you, it's just a sextortion scam - Neowin
Microsoft 365 Admin portal abused to send sextortion emails
North Korean IT Worker Network Tied to BeaverTail Phishing Campaign - Infosecurity Magazine
New phishing scam targeting companies with fake gov’t requests: What FBI says to do
Other Social Engineering
60% of Emails with QR Codes Classified as Spam or Malicious - Infosecurity Magazine
NCSC Warns UK Shoppers Lost £11.5m Last Christmas - Infosecurity Magazine
6 Reasons Social Engineering Is More Successful in Holiday Seasons | Mimecast
'Scam yourself' attacks just increased over 600% - here's what to look for | ZDNET
Malicious QR codes sent in the mail deliver malware | Malwarebytes
UK consumers losing more than ever to holiday scams | Computer Weekly
Fake Discount Sites Exploit Black Friday to Hijack Shopper Information
Security Alert: Fake Accounts Threaten Black Friday Gaming Sales - Security Boulevard
‘ClickFix’ Cyber-Attacks for Malware Deployment on the Rise - Infosecurity Magazine
Meta cracks down on millions of accounts it tied to pig-butchering scams | CyberScoop
Watch Out for Malicious QR Codes Sent Through the Mail
Cyber security chief warns Black Friday shoppers to be alert to scams | The Standard
Don't Fall for This Fake Image Generator and Its Political AI Slop
No, Microsoft doesn't have dirt on you, it's just a sextortion scam - Neowin
Active network of North Korean IT front companies exposed - Help Net Security
You Can Prevent Smishing Scams With These Features and Tricks
Artificial Intelligence
AI fuels 244% surge in digital forgeries, says new study
97% of organisations hit by Gen AI-related security breaches, survey finds
One Deepfake Digital Identity Attack Hits Every Five Minutes - Infosecurity Magazine
Google Issues New Security Cloaking Warning As Attackers Use AI In Attacks
Majority of UK businesses lack readiness for rising AI-led phishing attacks, reveals survey
Largest Companies View AI as a Risk Multiplier
Don't Fall for This Fake Image Generator and Its Political AI Slop
Phishing on the Rise: CUJO AI Blocks Over 12,000 Attacks per Minute
The limits of AI-based deepfake detection - Help Net Security
OWASP Warns of Growing Data Exposure Risk from AI in New Top 10 List - Infosecurity Magazine
Supply chain threats highlight security gaps in LLMs and AI | TechRadar
AI in Cyber Crime: Hackers Exploiting OpenAI - Security Boulevard
Fake AI video generators infect Windows, macOS with infostealers
AI About-Face: 'Mantis' Turns LLM Attackers Into Prey
Artificial intelligence, international security, and the risk of war
Did you play Pokémon Go? You didn't know it, but you were training AI to map the world | ZDNET
Malware
Phishing emails increasingly use SVG attachments to evade detection
Don’t Hold Down The Ctrl Key—New Warning As Cyber Attacks Confirmed
Malicious QR codes sent in the mail deliver malware | Malwarebytes
Fortinet VPN Zero-Day Exploited in Malware Attacks Remains Unpatched: Report - SecurityWeek
‘ClickFix’ Cyber-Attacks for Malware Deployment on the Rise - Infosecurity Magazine
Watch Out for Malicious QR Codes Sent Through the Mail
New Stealthy BabbleLoader Malware Spotted Delivering WhiteSnake and Meduza Stealers
Scammers resort to physical Swiss post to spread malware • The Register
Fake Bitwarden ads on Facebook push info-stealing Chrome extension
Don't Fall for This Fake Image Generator and Its Political AI Slop
Fake AI video generators infect Windows, macOS with infostealers
NodeStealer Malware Targets Facebook Ad Accounts, Harvesting Credit Card Data
Warning: DEEPDATA Malware Exploiting Unpatched Fortinet Flaw to Steal VPN Credentials
Botnet exploits GeoVision zero-day to install Mirai malware
Researchers unearth two previously unknown Linux backdoors - Help Net Security
Lumma Stealer Proliferation Fueled by Telegram Activity - Infosecurity Magazine
Black Lotus, Emotet, Beep, and Dark Pink, still the top malware threats of 2024 | SC Media
Microsoft accused of Malware-like Bing Wallpaper app - gHacks Tech News
Bots/Botnets
'Water Barghest' Sells Hijacked IoT Devices for Proxy Botnet Misuse
Dangerous global botnet fueling residential proxies is being hit in major crackdown | TechRadar
Botnet serving as ‘backbone’ of malicious proxy network taken offline | CyberScoop
Mobile
The Urgent And Critical Need To Prioritize Mobile Security - SecurityWeek
No work phone? Companies tell staff to bring their own
Mobile UK on fraud ahead of Reeves' Mansion House speech
Google Issues New Security Cloaking Warning As Attackers Use AI In Attacks
Protect Your Phone From Juice Jacking: Public Charging Risks Explained
New Ghost Tap attack abuses NFC mobile payments to steal money
NSO Group used another WhatsApp zero-day after being sued, court docs say
LightSpy Spyware Operation Expands to Windows - SecurityWeek
It’s Time to Get Paranoid About Your Phone, Says This Security Expert | KQED
iOS 18 reboots iThings after 72 hours - secretly and smartly • The Register
This hacking tool can unlock an iPhone 16. Here's how it works | Digital Trends
You Can Prevent Smishing Scams With These Features and Tricks
Denial of Service/DoS/DDoS
DDoS Attack Growing Bigger & Dangerous, New Report Reveals
Internet of Things – IoT
Threat Actor Turns Thousands of IoT Devices Into Residential Proxies - SecurityWeek
'Water Barghest' Sells Hijacked IoT Devices for Proxy Botnet Misuse
Eken hit with $700K fine for putting an inactive address on FCC filings - The Verge
Data Breaches/Leaks
Ten Lessons Learned from The Mother of All Breaches Data Leak - Security Boulevard
97% of organisations hit by Gen AI-related security breaches, survey finds
Fintech giant Finastra confirms it's investigating a data breach | TechCrunch
Equinox discloses data breach involving health info of clients, staff | Reuters
T-Mobile confirms it was hacked in recent wave of telecom breaches
What is Data Egress? How It Works and How to Manage Costs | Definition from TechTarget
Threat actor sells data of +750,000 patients from a French hospital
US-UK Armed Forces Dating Service Exposes Over 1 Million Records Online
We Can Do Better Than Free Credit Monitoring After a Breach
Breaches Don't Have to Be Disasters
The Crucial Influence of Human Factors in Security Breaches - Security Boulevard
171K AnnieMac customers informed of data breach • The Register
Space tech giant Maxar confirms hacker accessed employees' personal data | TechCrunch
Ford 'actively investigating' breach claims • The Register
Ford rejects breach allegations, says customer data not impacted
Helpline for Yakuza victims fears it leaked personal info • The Register
Andrew Tate Hack: Online Course Data Breached
Organised Crime & Criminal Actors
Cyber criminals don’t take holidays warns expert
Microsoft killed 240 sites selling ONNX phishing kits
5 Scattered Spider Gang Members Indicted in Multi-Million Dollar Cyber Crime Scheme
Threat Actor Turns Thousands of IoT Devices Into Residential Proxies - SecurityWeek
Zimbabwe police arrest 1,000 cyber criminals - Bulawayo24 News
Targeting the Cyber Crime Supply Chain - Microsoft On the Issues
US seizes PopeyeTools cyber crime marketplace, charges administrators
AI in Cyber Crime: Hackers Exploiting OpenAI - Security Boulevard
Russian women stepping up for cyber crime outfits | SC Media
UK supports Nigeria to tackle cyber threats
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Man Who Stole and Laundered Roughly $1B in Bitcoin Is Sentenced to 5 Years in Prison - SecurityWeek
Now BlueSky hit with crypto scams as it crosses 20 million users
Insider Risk and Insider Threats
The Crucial Influence of Human Factors in Security Breaches - Security Boulevard
Insurance
Coalition highlights 68% surge in ransomware claims severity - Reinsurance News
Cyber insurers address ransom reimbursement policy concerns | TechTarget
Marsh launches cyber security compliance program | Insurance Business America
CISOs can now obtain professional liability insurance | CyberScoop
Supply Chain and Third Parties
Supply chain attacks up over 400 percent since 2021
Soaring cyber risks: Large enterprises, supply chains and key industries in the crosshairs
IT pros revise pipelines for software supply chain security | TechTarget
Gatwick Airport's Cyber Security Chief on Supply Chain Risks - Infosecurity Magazine
Cloud/SaaS
Cloud ransomware threats rise, targeting S3 & Azure
Cracking the Code: Tackling the Top 5 Cloud Security Challenges - Security Boulevard
Ransomware Groups Use Cloud Services For Data Exfiltration - Infosecurity Magazine
Outages
After the CrowdStrike disaster, Microsoft is improving Windows security to avoid outages
Identity and Access Management
One Deepfake Digital Identity Attack Hits Every Five Minutes - Infosecurity Magazine
The trouble with identity in an increasingly fake world | SC Media
Privileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top Priority
10 Most Impactful PAM Use Cases for Enhancing Organisational Security
Encryption
Now Online Safety Act is law, UK outlines 'priorities' • The Register
NIST Publishes Draft Strategy For Post-Quantum Cryptography Transition
Linux and Open Source
Ubuntu Linux impacted by decade-old 'needrestart' flaw that gives root
Debunking myths about open-source security - Help Net Security
Linux Variant of Helldown Ransomware Targets VMware
Researchers unearth two previously unknown Linux backdoors - Help Net Security
Passwords, Credential Stuffing & Brute Force Attacks
123456 is the world's most popular password – again | Tom's Guide
Research Highlights SHA256 Password Security Strengths and Risks - IT Security Guru
700,000 passengers suffered delays after password of engineer allowed to work remotely... - LBC
Navigating NIST’s updated password rotation guidelines | TechRadar
More than 200 major companies already support passkeys
Put your usernames and passwords in your will, Japan advises • The Register
Social Media
Ireland orders X, TikTok and Instagram to curb terrorist content | Ireland | The Guardian
Fake Bitwarden ads on Facebook push info-stealing Chrome extension
Meta cracks down on millions of accounts it tied to pig-butchering scams | CyberScoop
NodeStealer Malware Targets Facebook Ad Accounts, Harvesting Credit Card Data
Canada Shuts Down TikTok Office Over National Security Risks
Now BlueSky hit with crypto scams as it crosses 20 million users
Malvertising
Fake Bitwarden ads on Facebook push info-stealing Chrome extension
NodeStealer Malware Targets Facebook Ad Accounts, Harvesting Credit Card Data
How does malvertising work? | TechTarget
Training, Education and Awareness
Cyber Awareness Is a Joke: Here’s How to Actually Prepare for Attacks
New educational campaign "Flex Your Cyber" launched - IT Security Guru
KnowBe4 Releases 2024 Holiday Kit to Boost Cyber Resilience - IT Security Guru
Regulations, Fines and Legislation
The SEC Cyber Security Rule: Awareness Rises, Compliance Lags - Security Boulevard
The Cyber Resilience Act published
NIS 2 Directive: Transposition Period is Up for EU Member States | Jones Day - JDSupra
ENISA's Draft NIS2 Guidance Consultation for Industry
Beyond The EU: How British Businesses Can Prepare For NIS2
EU Council approves declaration on international law in cyber space - JURIST - News
Preparing for DORA Compliance in 2025 - Financial News
Increased GDPR Enforcement Highlights the Need for Data Security
A Fifth of UK Enterprises “Not Sure” If NIS 2 Applies - Infosecurity Magazine
Now Online Safety Act is law, UK outlines 'priorities' • The Register
What CISOs need to know about the SEC’s breach disclosure rules | CSO Online
CISA no more? Rand Paul has a plan, and it’s not good for US cyber defenders | Cybernews
Trump 2.0 May Mean Fewer Cyber Security Regs
The Accountability Dilemma: Civilian Cyber Vigilantism and International Law | directions blog
What a second Trump term means for the future of ransomware | TechCrunch
Why the NIS2 Directive causes growing pains for businesses - Help Net Security
CISA Dir. Jen Easterly to Resign on Inauguration Day
With Tech Considerations for Securities Lawyers | Mayer Brown Free Writings + Perspectives - JDSupra
Models, Frameworks and Standards
A Fifth of UK Enterprises “Not Sure” If NIS 2 Applies - Infosecurity Magazine
The Cyber Resilience Act published
NIS 2 Directive: Transposition Period is Up for EU Member States | Jones Day - JDSupra
ENISA's Draft NIS2 Guidance Consultation for Industry
Beyond The EU: How British Businesses Can Prepare For NIS2
Preparing for DORA Compliance in 2025 - Financial News
Increased GDPR Enforcement Highlights the Need for Data Security
NIST Publishes Draft Strategy For Post-Quantum Cryptography Transition
Backup and Recovery
Five backup lessons learned from the UnitedHealth ransomware attack - Help Net Security
Law Enforcement Action and Take Downs
5 Scattered Spider Gang Members Indicted in Multi-Million Dollar Cyber Crime Scheme
Brit charged in US over Scattered Spider cyber attacks | Computer Weekly
Man Who Stole and Laundered Roughly $1B in Bitcoin Is Sentenced to 5 Years in Prison - SecurityWeek
US seizes PopeyeTools cyber crime marketplace, charges administrators
Zimbabwe police arrest 1,000 cyber criminals - Bulawayo24 News
Alleged Russian Phobos ransomware administrator extradited to U.S., in custody | CyberScoop
UK supports Nigeria to tackle cyber threats
Misinformation, Disinformation and Propaganda
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Artificial intelligence, international security, and the risk of war
Sweden, Finland and Norway release new advice on surviving war - BBC News
Nation State Actors
China
A Look at Trending Chinese APT Techniques | Intel 471
UK warned of cyber threats from China-backed Volt Typhoon
China Espionage Soon ‘the Number 1 Issue’ for US Security Community: Cyber Security Expert | NTD
Chinese hackers are using this open-source VPN to mask spying activities | TechRadar
T-Mobile confirms it was hacked in recent wave of telecom breaches
Chinese Hackers Exploit T-Mobile and Other U.S. Telecoms in Broader Espionage Campaign
Cyber-espionage group Volt Typhoon resurfaces globally
LightSpy Spyware Operation Expands to Windows - SecurityWeek
China-Backed Hackers Leverage SIGTRAN, GSM Protocols to Infiltrate Telecom Networks
Chinese APT Group Targets Telecom Firms Linked to BRI - Infosecurity Magazine
Chinese spies, Musk’s biz ties, ‘a real risk’ to US security • The Register
Chinese spies and the security of America's networks
China's Liminal Panda APT Attacks Telcos, Steals Data
Chinese ship casts shadow over Baltic subsea cable snipfest • The Register
Canada Shuts Down TikTok Office Over National Security Risks
Lithuania bans remote Chinese access to solar, wind, storage devices – pv magazine International
Coast Guard Warns of Continued Risks in Chinese Port Cranes
Russia
Severed subsea internet cables raise network security questions | ITPro
Sweden, Finland and Norway release new advice on surviving war - BBC News
Russian women stepping up for cyber crime outfits | SC Media
FBI says BianLian based in Russia, moving from ransomware attacks to extortion
BianLian Ransomware Group Adopts New Tactics, Posing Significant Risk - Infosecurity Magazine
Russian sanctions busting linked to British Overseas Territories
Undersea cable between Germany and Finland severed - BBC News
Finland and Lithuania Report Severed Undersea Data Cables - Bloomberg
Fears of sabotage rise after Baltic cable disruptions
North Korea
North Korean Front Companies Impersonate US IT Firms to Fund Missile Programs
Active network of North Korean IT front companies exposed - Help Net Security
North Korean IT Worker Network Tied to BeaverTail Phishing Campaign - Infosecurity Magazine
Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence
LightSpy Spyware Operation Expands to Windows - SecurityWeek
NSO Group used another WhatsApp zero-day after being sued, court docs say
The Accountability Dilemma: Civilian Cyber Vigilantism and International Law | directions blog
Tools and Controls
The Urgent And Critical Need To Prioritize Mobile Security - SecurityWeek
No work phone? Companies tell staff to bring their own
Rethinking Cyber Security From Cost Center To Value Driver
Companies Take Over Seven Months to Recover From Cyber Incidents - Infosecurity Magazine
State of SIEM Detection Risk: A Wake-Up Call for Enterprise Security Teams - Security Boulevard
Why Custom IOCs Are Necessary for Advanced Threat Hunting and Detection - SecurityWeek
5 Threat Intel Tricks MSSPs Can Use to Thwart Adversaries | MSSP Alert
Underfunded, under pressure: We must act to support cyber teams | Computer Weekly
Overcoming the cyber paradox: Shrinking budgets – growing threats | Computer Weekly
Chris Inglis: Why cyber security success hinges on strategic choices, not just tech | SC Media
The trouble with identity in an increasingly fake world | SC Media
How Cloud Security Advances Help Future-Proof Resilience
Privileged Accounts, Hidden Threats: Why Privileged Access Security Must Be a Top Priority
Avoiding Common API Security Mistakes
Hackers Aren’t Cutting Back, Why is Your Security Budget?
Cross-Site Scripting: 2024's Most Dangerous Software
Cyber criminals hijack DNS to build stealth attack networks - Help Net Security
Unlocking the power of public data to make your security team faster and more effective | SC Media
Safeguarding the DNS through registries - Help Net Security
Red red team team: threat actors hire pentesters to test out ransomware effectiveness | SC Media
Weaponized pen testers are becoming a new hacker staple | CSO Online
5 Questions CISOs Should Be Asking Regarding DSPM
8 Security Risks Of Shared Email Accounts - Security Boulevard
Insights from Cohesity on cyber resilience as a technical team sport - SiliconANGLE
Eight essential steps to fortify cyber security after a breach | SC Media
The limits of AI-based deepfake detection - Help Net Security
Navigating NIST’s updated password rotation guidelines | TechRadar
How Can PR Protect Companies During a Cyber Attack?
We Need to Talk: Breaking up With Your SIEM Vendor | MSSP Alert
Other News
Severed subsea internet cables raise network security questions | ITPro
Cyber Security is Everyone’s Responsibility - Security Boulevard
8 Security Risks Of Shared Email Accounts - Security Boulevard
300 Drinking Water Systems in US Exposed to Disruptive, Damaging Hacker Attacks - SecurityWeek
Cross-Site Scripting: 2024's Most Dangerous Software
Weaponized pen testers are becoming a new hacker staple | CSO Online
Eight essential steps to fortify cyber security after a breach | SC Media
Telecom Cable Disruption Reported Between Finland and Germany - Nord News
Poor cyber hygiene enabled nearly 30% of cyber attacks last quarter | StateScoop
Cyber attack leaves Stop & Shop shelves empty 10 days before Thanksgiving - CBS News
6 Ways Your Computer Isn't as Secure as You Think
The rising tide of maritime cyberthreats in global trade | TechRadar
Nearly 90% of UK industrial firms hit by cyber attacks in past year - Drives&Controls
ICS Security: 145,000 Systems Exposed to Web, Many Industrial Firms Hit by Attacks - SecurityWeek
5 alarming Windows cyber security facts you probably don’t know
Cisco reveals top cyber security threats trends
Expert warns construction industry on costly ransomware attacks | Project Scotland
Australian government cyber security falls in global ranking | The Canberra Times | Canberra, ACT
Cyber security tips for the education sector | Education Business
Navigating the surge of cyber threats in global maritime
Thames Water Dismisses Claims on Cyber-Attacks | SC Media UK
Fortra Reports Alarming Increase In Abuse Of Cloudflare Services
Airplane cyber security: Past, present, future
70% of Hong Kong companies saw cyber attacks in 2024
Gambling and lottery giant disrupted by cyber attack, working to bring systems back online
CISA Director Jen Easterly to depart agency on January 20 | TechCrunch
Vulnerability Management
Microsoft beefs up Windows security with new recovery and patching features | TechCrunch
CWE top 25 most dangerous software weaknesses - Help Net Security
MITRE shares 2024's top 25 most dangerous software weaknesses
Vulnerabilities
Critical 9.8-rated VMware vCenter RCE bug under exploit • The Register
Warning: VMware vCenter and Kemp LoadMaster Flaws Under Active Exploitation
Microsoft Vulnerability Poses Risk To Domain Control
Critical RCE bug in VMware vCenter Server now exploited in attacks
Mystery Palo Alto Networks 0-day RCE now actively exploited • The Register
PAN-OS Firewall Vulnerability Under Active Exploitation – IoCs Released
Fortinet VPN Zero-Day Exploited in Malware Attacks Remains Unpatched: Report - SecurityWeek
Millions of WordPress sites potentially hijackable due to critical plugin bug | SC Media
Apple Releases Urgent Updates to Patch Actively Exploited Zero-Day Vulnerabilities
Chrome Security Update, Fix For Multiple Vulnerabilities
Ubuntu Linux impacted by decade-old 'needrestart' flaw that gives root
Fortinet VPN design flaw hides successful brute-force attacks
Microsoft pauses Exchange security updates over buggy patch • The Register
Microsoft Pulls Exchange Patches Amid Mail Flow Issues
Security plugin flaw in millions of WordPress sites gives admin access
Oracle patches exploited Agile PLM vulnerability (CVE-2024-21287) - Help Net Security
Linux Variant of Helldown Ransomware Targets VMware
Exploitation Attempts Target Citrix Session Recording Vulnerabilities - SecurityWeek
Helldown ransomware exploits Zyxel VPN flaw to breach networks
NSO Group used another WhatsApp zero-day after being sued, court docs say
D-Link urges users to retire VPN routers impacted by unfixed RCE flaw
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.