Black Arrow Cyber Threat Intelligence Briefing 24 January 2025
Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Executive Summary
This week, our cyber threat intelligence reports on new and evolving tactics of attackers and the devastating impact of attacks, as well as how organisations should act to improve their security including rehearsing how they will react when they experience an incident.
Recent reports highlight a surge in attacks whereby the attacker overwhelms their victim with emails and then contacts them on Teams posing as IT support to gain access to the victim’s systems. These attacks underscore the need for organisations to restrict external communications, limit remote access, and enhance employee awareness to prevent breaches. Furthermore, the growing use of artificial intelligence (AI) by cyber criminals has necessitated a focus on specialised expertise, with companies investing in both internal training and external cyber security support to counter AI-driven threats.
Behind the stories of attacks and data breaches, there are the real lives of individuals and organisations who suffer the heart-breaking catastrophic impact, including organisations that have closed or filled for insolvency. Studies indicate that the average cost of a breach is now nearly $5 million, while paying ransom demands often fails to recover data, leading to further losses. The increasing sophistication of phishing campaigns and deepfake technology is further complicating fraud detection and identity verification processes. To mitigate these risks, firms must adopt a proactive approach that includes robust incident response plans, enhanced employee training, and the adoption of zero-trust security frameworks.
Organisations must move beyond 'security theatre' by focusing on practical, risk-based strategies that address core vulnerabilities rather than relying on superficial measures. The rise in nation-state cyber espionage, misinformation, and AI-enabled threats highlights the importance of collaboration between public and private sectors to enhance resilience. As cyber security gains greater prominence at the boardroom level, business leaders must ensure they are equipped with the necessary knowledge and strategic vision to navigate this rapidly changing threat landscape effectively.
Top Cyber Stories of the Last Week
Russian Ransomware Groups Deploy Email Bombing and Teams Vishing
Security experts have identified two ransomware groups using email bombing and Teams-based social engineering to gain remote access to corporate systems. Victims receive thousands of spam emails followed by a fraudulent Teams call from someone posing as IT support. The attackers then attempt to install remote access tools to steal data and extort organisations. At least 15 attacks have been observed in the past three months, with a significant increase recently. Businesses are advised to restrict external Teams calls, limit remote access tools, and enhance employee awareness to mitigate these evolving threats.
Cyber Security Breaches Are Increasing Business Insolvency Risks
Cyber attacks are increasingly pushing businesses into financial distress, with data breaches and ransomware incidents significantly raising operational costs and even leading to bankruptcy. A 2024 IBM study found that data breaches cost companies an average of $4.9 million globally, nearly doubling in the US. High-profile cases, such as Stoli Group and National Public Data, highlight the devastating impact, with disrupted operations and mounting legal expenses. Despite the rising risks, 75% of small US businesses remain underinsured for cyber events, underscoring the growing need for robust cyber insurance and proactive security measures to ensure business resilience.
Companies Seek Specialised Expertise to Combat Artificial Intelligence (AI) Cyber Threats
Kaspersky's latest study highlights growing concerns over AI-driven cyber attacks, with 92% of IT and security professionals expecting an escalation in such threats within the next two years. In response, organisations are prioritising cyber security expertise, with 94% focusing on internal training and 93% seeking external support from cyber security vendors. The report reveals that 61% of companies already utilise external expertise, while 62% have internal training programs in place, reflecting a dual approach to strengthening cyber defences across various sectors.
When Risk Becomes Habit: Employee Behaviour and Organisational Security
A recent report highlights that a small number of employees account for a disproportionate share of cyber security risks within organisations. Just 5% of users are responsible for 75% of detected security incidents, with 1% clicking on nearly half of phishing emails. While most employees engage in only one type of risky behaviour, a small group repeatedly commit multiple infractions. The study suggests that shielding high-risk roles, such as managers and executives, from frequent phishing attempts may be more effective than additional training, helping organisations better mitigate human-related cyber threats.
New GhostGPT AI Chatbot Facilitates Malware Creation and Phishing
Researchers have identified a new malicious AI chatbot, GhostGPT, which is being sold on Telegram to assist cyber criminals with activities such as malware creation and phishing. Unlike earlier tools, GhostGPT offers easy access without the need to jailbreak existing AI models. Thousands of views on online forums highlight growing interest in such tools, which enable low-skilled attackers to launch sophisticated campaigns with ease. The chatbot is marketed for a range of criminal activities, including exploit development and business email compromise, with claims of anonymity and fast response times to aid efficiency.
Global Cyber Attacks Jumped 44% Last Year
Check Point Software’s latest report reveals a 44% rise in cyber attacks globally last year, driven by evolving nation-state tactics and the growing use of generative AI. Threat actors are shifting from short-term attacks to sustained campaigns aimed at undermining trust and stability. AI-driven disinformation targeted a third of global elections, while ransomware groups increasingly focus on data extortion over encryption. Healthcare saw a 47% surge in ransomware attacks, and compromised edge devices became key entry points. The report stresses the need for resilience, urging firms to enhance bring-your-own-device (BYOD) security, threat intelligence, and patch management.
Phishing Campaigns Became a Lot More Sinister in 2024
Phishing attacks surged by 202% in the second half of 2024, with some individuals receiving at least one sophisticated phishing attempt each week capable of bypassing security controls. The rise in advanced tactics, such as leveraging legitimate services to mask malicious intent, has made detection increasingly challenging. To counter these threats, organisations must focus on employee awareness, regular software updates, and adopting a zero-trust security approach to mitigate risks effectively.
CISOs Dramatically Increase Boardroom Influence but Many Still Lack Soft Skills
Splunk's latest research reveals that Chief Information Security Officers (CISOs) are gaining greater influence in the boardroom, with 82% now reporting directly to the CEO, up from 47% in 2023. However, board members highlight a need for improved business acumen, communication, and emotional intelligence among CISOs. Budget concerns persist, with only 29% of CISOs feeling adequately funded, while 64% reported that financial constraints led to a cyber attack. The report underscores the need for better alignment between CISOs and boards to position cyber security as a business enabler and drive digital resilience.
Bad News - Businesses Who Pay Ransomware Attackers Aren’t Very Likely to Get Their Data Back
A recent Hiscox study has revealed that paying ransomware demands rarely leads to full data recovery, with only 7% of businesses successfully retrieving all their data. 1 in 10 firms that paid still experienced data leaks. Beyond financial losses, ransomware attacks have a significant impact on reputation, with 47% of affected firms facing challenges in attracting new customers and 43% reporting customer losses. Additionally, 21% lost business partners due to reputational damage. With ransomware attacks becoming more frequent, a company’s response strategy is critical to minimising long-term harm and ensuring operational resilience.
Deepfakes Force a New Era in Fraud Detection, Identity Verification
Deepfake technology is posing a significant challenge for businesses globally, with nearly half affected by its growing sophistication. To combat this, organisations are enhancing their identity verification processes by incorporating liveness checks and strengthening biometric methods such as facial recognition and fingerprint scanning. However, traditional fraud methods, including fake IDs, remain prevalent. The industry is adapting to rising regulatory pressures and evolving workforce needs, with AI and machine learning playing an increasing role in fraud prevention. Moving forward, businesses must strike a balance between robust security measures and user-friendly solutions to meet compliance demands and customer expectations.
Misinformation Is No. 1 Global Risk, Cyber Espionage in Top 5
The World Economic Forum's Global Risks Report 2025 highlights misinformation and disinformation as the top global risk over the next two years, driven by the rise of generative AI and geopolitical tensions. Cyber espionage ranks fifth, with one in three CEOs citing it as a major concern. Despite growing threats, cyber resilience remains inadequate, particularly among small and mid-sized firms, with 35% feeling underprepared. Larger organisations face challenges with supply chain vulnerabilities, while AI presents both opportunities and risks, with 47% of firms concerned about its misuse. Public-private partnerships are crucial to enhancing cyber resilience and regulatory alignment.
Educate, Prepare, and Mitigate: The Keys to Unlocking Cyber Resilience
Recent cyber incidents have highlighted the real-world impact of poor cyber security, affecting healthcare services and retail supply chains, eroding public trust, and damaging brand reputations. With threats increasing year over year, organisations must focus on education, preparation, and mitigation to enhance resilience. Employee training, regular risk assessments, and penetration testing are crucial to identifying and addressing vulnerabilities. Additionally, having a robust incident response plan and business continuity plan, regularly tested and updated, ensures operational resilience and safeguards customer trust in the face of potential cyber attacks.
What is ‘Security Theatre’ and How Can Firms Move Beyond It?
Many organisations are trapped in ‘security theatre,’ relying on an increasing number of alerts and tools that create an illusion of protection rather than addressing the root causes of cyber threats. In 2024 alone, over 1 billion individuals were impacted by data breaches, a 409% rise from the previous year. Despite rising investments in cyber security, human error remains the primary attack vector, with 99% of identity attacks targeting passwords. To move beyond performative security, organisations must focus on reducing the attack surface by eliminating static credentials and minimising standing privileges.
SMEs Face Rising Cyber Threats Amid AI and Training Concerns
Sharp Europe’s latest study highlights the growing cyber security risks facing European SMEs, with 84% of employees now more concerned than a year ago. AI-driven threats are a major worry, with 43% citing AI as a key factor in their unease, while 72% lack confidence in identifying cyber threats. 41% of SME workers have not received cyber security training in the past two years. With over half of SMEs fearing they could go out of business within a week of a major incident, the report underscores the urgent need for improved training and proactive cyber security measures.
Sources:
https://www.infosecurity-magazine.com/news/ransomware-email-bombing-teams/
https://www.mimecast.com/blog/when-risk-becomes-habit-employee-behavior-and-organizational-security/
https://www.infosecurity-magazine.com/news/ghostgpt-ai-chatbot-malware/
https://www.itpro.com/security/cyber-attacks/global-cyber-attacks-jumped-44-percent-last-year
https://hackernoon.com/phishing-campaigns-became-a-lot-more-sinister-in-2024
https://www.infosecurity-magazine.com/news/cisos-increase-boardroom-influence/
https://www.helpnetsecurity.com/2025/01/24/identity-fraud-rise/
https://www.govinfosecurity.com/misinformation-no-1-global-risk-cyberespionage-in-top-5-a-27358
https://informationsecuritybuzz.com/the-keys-to-unlocking-cyber-resilience/
https://cyberscoop.com/security-theater-cybersecurity-tooling-ev-kontsevoy-op-ed/
https://www.therecycler.com/posts/smes-face-rising-cyber-threats-amid-ai-and-training-concerns/
Governance, Risk and Compliance
Many firms see cyber attacks as their top business concern this year | TechRadar
Experts fire security warning as EU’s DORA comes into play
DORA Takes Effect: Financial Firms Navigating Compliance Headwinds - Infosecurity Magazine
Cyber disruptions remain top business risk concern in US, globally | CIO Dive
The WEF forecasts a rocky year ahead in cyber security - Verdict
When risk becomes habit Employee behaviour and organisational security | Mimecast
Why CISOs Must Think Clearly Amid Regulatory Chaos
The CFO may be the CISO’s most important business ally | CSO Online
Global cyber attacks jumped 44% last year | ITPro
Security chiefs whose companies operate in the EU should be exploring DORA now | CSO Online
Cyber security Breaches Are Increasing Business Insolvency Risks
Educate, Prepare, & Mitigate: The Keys To Unlocking Cyber Resilience
What is ‘security theatre’ and how can we move beyond it? | CyberScoop
Security Need to Start Saying 'No' Again
CISOs Dramatically Increase Boardroom Influence but Still Lack Soft Sk - Infosecurity Magazine
CISOs are juggling security, responsibility, and burnout - Help Net Security
Splunk Report: CISOs Gain Influence in the C-Suite and Boardrooms Worldwide
Nearly half of CISOs now report to CEOs, showing their rising influence - Help Net Security
SMEs face rising cyber threats amid AI and training concerns - The Recycler - 20/01/2025
JPMorgan’s CISO on Overcoming Surging Threats and Regulatory Hurdles - Infosecurity Magazine
Cyber security is tough: 4 steps leaders can take now to reduce team burnout | CSO Online
The UK's cyber security landscape: Key trends and challenges for 2025
CISO Top 10 Priorities for Q1 2025: Key Findings and Evolving Focus | SC Media
Top Priorities for Cyber Security Leaders in 2025: Info-Tech Research Group Publishes Annual Report
Threats
Ransomware, Extortion and Destructive Attacks
Russian Ransomware Groups Deploy Email Bombing and Teams Vishing - Infosecurity Magazine
Ransomware gangs pose as IT support in Microsoft Teams phishing attacks
Ransomware Attacks Surge to Record High in December 2024 - Infosecurity Magazine
Microsoft services exploited in separate ransomware campaigns | SC Media
Record Number of Ransomware Attacks in December 2024 - SecurityWeek
Suspected AI-Powered Python Backdoor Tapped for RansomHub Deployment | MSSP Alert
HP Wolf Security Threat Intelligence: AI-Fueled Cyber Attackers - The Futurum Group
FBI: North Korean IT workers steal source code to extort employers
Russian couple on trial for large-scale ransomware attacks
35 years on: The history and evolution of ransomware | TechRadar
The impact of the cyber insurance industry in resilience against ransomware | TechRadar
Medusa Ransomware: What You Need To Know | Tripwire
A floppy disk launched world's first ransomware attack 35 years ago | TechSpot
New Ransomware Attacking VMware ESXi Hosts Via SSH Tunneling to Evade Detection
Next Steps for the International Counter Ransomware Initiative
Experts Find Shared Codebase Linking Morpheus and HellCat Ransomware Payloads
Ransomware Victims
Ransomware costs at NHS provider Synnovis far outstrip profits
59 organisations reportedly victim to breaches caused by Cleo software bug | TechRadar
PowerSchool hackers have your kid's info. These 3 steps protect them | PCWorld
Ransomware attack forces Brit high school to shut doors • The Register
Phishing & Email Based Attacks
Ransomware Groups Abuse Microsoft Services for Initial Access - SecurityWeek
Microsoft Teams abused in Russian email bombing ransomware campaign | TechRadar
Russian Ransomware Groups Deploy Email Bombing and Teams Vishing - Infosecurity Magazine
New 'Sneaky 2FA' Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass
Ransomware gangs pose as IT support in Microsoft Teams phishing attacks
New GhostGPT AI Chatbot Facilitates Malware Creation and Phishing - Infosecurity Magazine
Phishing Campaigns Became a Lot More Sinister in 2024 | HackerNoon
Phishing Risks Rise as Zendesk Subdomains Facilitate Attacks - Infosecurity Magazine
When risk becomes habit Employee behaviour and organisational security | Mimecast
Tycoon 2FA Phishing Kit Upgraded to Bypass Security Measures - Infosecurity Magazine
Phishing Attacks Are Top Security Issue for Consumers
Account Compromise and Phishing Top Healthcare Security Incidents - Infosecurity Magazine
Other Social Engineering
Microsoft Teams abused in Russian email bombing ransomware campaign | TechRadar
Russian Ransomware Groups Deploy Email Bombing and Teams Vishing - Infosecurity Magazine
FBI: North Korean IT workers steal source code to extort employers
Scam Yourself attacks: How social engineering is evolving - Help Net Security
Hundreds of fake Reddit sites push Lumma Stealer malware
Artificial Intelligence
Why the 'Bring Your Own AI' trend could mean big trouble for business leaders | ZDNET
Employees Enter Sensitive Data Into GenAI Prompts Too Often
New GhostGPT AI Chatbot Facilitates Malware Creation and Phishing - Infosecurity Magazine
HP Wolf Security Threat Intelligence: AI-Fueled Cyber Attackers - The Futurum Group
Companies seek specialised expertise to combat Artificial Intelligence (AI) cyber threats
Suspected AI-Powered Python Backdoor Tapped for RansomHub Deployment | MSSP Alert
Invisible Prompt Injection: A Threat to AI Security | Trend Micro (US)
The Security Risk of Rampant Shadow AI
Deepfakes force a new era in fraud detection, identity verification - Help Net Security
CISA releases AI cyber security playbook
World Economic Forum Provides Guidance on AI Use | SC Media UK
One in ten GenAI prompts puts sensitive data at risk - Help Net Security
SMEs face rising cyber threats amid AI and training concerns - The Recycler - 20/01/2025
Trump Overturns Biden Rules on AI Development, Security
Misinformation Is No. 1 Global Risk, Cyberespionage in Top 5
Sage Copilot grounded briefly to fix AI misbehaviour • The Register
2FA/MFA
New 'Sneaky 2FA' Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass
Sneaky 2FA Kit Exposes Vulnerabilities In 2FA Security
Microsoft to Mandate MFA for Accessing Microsoft 365 Admin Center
Malware
New GhostGPT AI Chatbot Facilitates Malware Creation and Phishing - Infosecurity Magazine
Suspected AI-Powered Python Backdoor Tapped for RansomHub Deployment | MSSP Alert
Fake Homebrew Google ads target Mac users with malware
Enterprise Juniper Routers Tagged with 'Magic' Backdoor
Pumakit - A Sophisticated Linux Rootkit Attack Critical Infrastructure
Hundreds of fake Reddit sites push Lumma Stealer malware
Telegram captcha tricks you into running malicious PowerShell scripts
Chinese Hackers Hijack VPN's Website to Spread Malware
Bots/Botnets
Botnet Unleashes Record-Breaking 5.6Tbps DDoS Attack
Mirai Botnet Spinoffs Unleash Global DDoS Attack Wave
Mirai Variant Murdoc_Botnet Exploits AVTECH IP Cameras and Huawei Routers
Mobile
Mobile Cyber Security Trends for 2025: Key Predictions and Preparations - Security Boulevard
New Porn Ban Threat—Millions Of iPhone, iPad, Android Users Now At Risk
Novel Android Malware Leveraged By DoNot Team | MSSP Alert
Android's New Identity Check Feature Locks Device Settings Outside Trusted Locations
WhatsApp Security Alert—Broken Link Hackers Strike
Phishing Attacks Are Top Security Issue for Consumers
Denial of Service/DoS/DDoS
Botnet Unleashes Record-Breaking 5.6Tbps DDoS Attack
Cloudflare blocks 21.3 million DDoS attacks in 2024, reports record 53% surge
Standing strong against hyper-volumetric DDoS attacks | TechRadar
Critical Vulnerability In ChatGPT API Enables Reflective DDoS Attacks
Several Swiss municipalities and banks hit by cyber attack - SWI swissinfo.ch
Spooks of the internet came alive this Halloween | CSO Online
Who is DDoSing you? Competitors, most likely • The Register
How to Stop Layer 7 DDoS Attacks in 2025 - Security Boulevard
The Internet is (once again) awash with IoT botnets delivering record DDoSes
Internet of Things – IoT
Mirai Botnet Spinoffs Unleash Global DDoS Attack Wave
Mirai Variant Murdoc_Botnet Exploits AVTECH IP Cameras and Huawei Routers
The Internet is (once again) awash with IoT botnets delivering record DDoSes
FTC orders GM to stop collecting and selling driver’s data
Experts found multiple flaws in Mercedes-Benz infotainment system
Subaru’s poor security left troves of vehicle data easily accessible
Data Breaches/Leaks
Otelier data breach exposes info, hotel reservations of millions
Hackers Likely Stole FBI Call Logs From AT&T That Could Compromise Informants | WIRED
Major Cyber Security Vendors’ Credentials Found on Dark Web - Infosecurity Magazine
Fortinet: FortiGate config leaks are genuine but misleading • The Register
Wolf Haldenstein Data Breach Impacts 3.4 Million People - SecurityWeek
HPE’s sensitive data exposed in alleged IntelBroker hack | CSO Online
PowerSchool hacker claims they stole data of 62 million students
Organised Crime & Criminal Actors
New GhostGPT AI Chatbot Facilitates Malware Creation and Phishing - Infosecurity Magazine
US President Donald Trump granted a "full and unconditional pardon" to Ross Ulbricht
Telegram boss Pavel Durov admits 'seriousness' of French allegations
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
"Crazy Evil" Cryptoscam Gang: Unmasking a Global Threat in 2024
Insider Risk and Insider Threats
When risk becomes habit Employee behaviour and organisational security | Mimecast
Former CIA Analyst Pleads Guilty to Sharing Top Secret Files - Infosecurity Magazine
When risky cyber security behaviour becomes a habit among employees - Help Net Security
Insurance
The impact of the cyber insurance industry in resilience against ransomware | TechRadar
Report highlights urgent need for cyber insurance | Insurance Business America
Supply Chain and Third Parties
Supply chain attack strikes array of Chrome Extensions • The Register
The critical need for watertight security across the IT supply chain | TechRadar
Biden order gives CISA software supply chain 'teeth' | TechTarget
Cloud/SaaS
Russian Ransomware Groups Deploy Email Bombing and Teams Vishing - Infosecurity Magazine
New 'Sneaky 2FA' Phishing Kit Targets Microsoft 365 Accounts with 2FA Code Bypass
Ransomware gangs pose as IT support in Microsoft Teams phishing attacks
Why some companies are backing away from the public cloud | ZDNET
Cloud challenges | Professional Security Magazine
Staying Ahead: Key Cloud-Native Security Practices - Security Boulevard
Outages
Bitbucket services “hard down” due to major worldwide outage
Identity and Access Management
How Secure Is Your PAM Strategy? - Security Boulevard
Will 2025 See a Rise of NHI Attacks?
Linux and Open Source
Pumakit - A Sophisticated Linux Rootkit Attack Critical Infrastructure
Passwords, Credential Stuffing & Brute Force Attacks
Major Cyber Security Vendors’ Credentials Found on Dark Web - Infosecurity Magazine
The $10 Cyber Threat Responsible for the Biggest Breaches of 2024
Social Media
Has the TikTok Ban Already Backfired on US Cyber Security?
TikTok among six tech firms under fire for sending Europeans' personal data to China | TechRadar
Hundreds of fake Reddit sites push Lumma Stealer malware
Trump dismisses concerns over TikTok's potential security risks
TikTok Restores Service for US Users Based on Trump's Promised Executive Order - SecurityWeek
Meta confirms it will keep fact-checkers outside the US 'for now' | TechCrunch
Meta's pay-or-consent model criticized by EU consumer groups • The Register
Donald Trump’s bigger China cyber threat isn’t TikTok
Malvertising
Fake Homebrew Google ads target Mac users with malware
Understanding and avoiding malvertizing attacks | TechRadar
Training, Education and Awareness
Companies seek specialised expertise to combat Artificial Intelligence (AI) cyber threats
Educate, Prepare, & Mitigate: The Keys To Unlocking Cyber Resilience
SMEs face rising cyber threats amid AI and training concerns - The Recycler - 20/01/2025
Regulations, Fines and Legislation
Experts fire security warning as EU’s DORA comes into play
DORA Takes Effect: Financial Firms Navigating Compliance Headwinds - Infosecurity Magazine
Security chiefs whose companies operate in the EU should be exploring DORA now | CSO Online
GDPR Fines Total €1.2bn in 2024 - Infosecurity Magazine
Why CISOs Must Think Clearly Amid Regulatory Chaos
EU’s DORA could further strain cyber security skills gap | CSO Online
Trump axes TSA chief who led pipeline, airline, rail cyber security rules | SC Media
Government battles against tech could leave consumers less secure | CyberScoop
Biden's Cyber Security EO Leaves Trump a Comprehensive Blueprint for Defence
CISA should abandon disinformation fight, Trump’s DHS pick says - Defense One
TikTok among six tech firms under fire for sending Europeans' personal data to China | TechRadar
TikTok Restores Service for US Users Based on Trump's Promised Executive Order - SecurityWeek
Trump Overturns Biden Rules on AI Development, Security
Trump’s disbanding of Cyber Safety Review Board draws ire | SC Media
Under Trump, US Cyber Defence Loses Its Head | WIRED
Trump Has Had a Light Touch on Cyber Security – So Far - Security Boulevard
Trump has fired a major cyber security investigations body. It’s a risky move
PayPal fined by New York for cyber security failures | Reuters
Donald Trump’s bigger China cyber threat isn’t TikTok
Models, Frameworks and Standards
Experts fire security warning as EU’s DORA comes into play
DORA Takes Effect: Financial Firms Navigating Compliance Headwinds - Infosecurity Magazine
Security chiefs whose companies operate in the EU should be exploring DORA now | CSO Online
EU’s DORA could further strain cyber security skills gap | CSO Online
MITRE Launches D3FEND 1.0 to Standardize Cyber Security Techniques
GDPR Fines Total €1.2bn in 2024 - Infosecurity Magazine
EU Strengthens Cyber Security with Enhanced NIS2 Directive | MSSP Alert
76% of Irish businesses will struggle to meet NIS2 requirements
OWASP Top 10 2025 - Most Critical Weaknesses Exploited/Discovered in Smart Contract
Cyber Essentials NHS and Healthcare Organisations - Security Boulevard
Irish companies 'a mixed bag' on new cyber attack laws
Backup and Recovery
Acronis CISO on why backup strategies fail and how to make them resilient - Help Net Security
Data Protection
GDPR Fines Total €1.2bn in 2024 - Infosecurity Magazine
Privacy professionals feel more stressed than ever - Help Net Security
Careers, Working in Cyber and Information Security
EU’s DORA could further strain cyber security skills gap | CSO Online
Law Enforcement Action and Take Downs
Former CIA Analyst Pleads Guilty to Sharing Top Secret Files - Infosecurity Magazine
Telegram boss Pavel Durov admits 'seriousness' of French allegations
Washington Man Admits to Role in Multiple Cyber Crime, Fraud Schemes - SecurityWeek
Russian couple on trial for large-scale ransomware attacks
Misinformation, Disinformation and Propaganda
Misinformation Is No. 1 Global Risk, Cyberespionage in Top 5
Meta confirms it will keep fact-checkers outside the US 'for now' | TechCrunch
CISA should abandon disinformation fight, Trump’s DHS pick says - Defense One
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Misinformation Is No. 1 Global Risk, Cyberespionage in Top 5
Understanding Cyber Effects in Modern Warfare - War on the Rocks
Taking the fight to the enemy: Cyber persistence strategy gains momentum
Let’s get creative to protect undersea cables from sabotage – POLITICO
Nation State Actors
Are attackers already embedded in US critical infrastructure networks?
China
Nato flotilla assembles off Estonia to protect undersea cables in Baltic Sea | Nato | The Guardian
ProxyLogon, one of Salt Typhoon's favorites, still wide open • The Register
FCC says US telcos by law must secure networks from spies • The Register
US Names One of the Hackers Allegedly Behind Massive Salt Typhoon Breaches | WIRED
Treasury Breach by Chinese Sponsored Hackers Focused on Sanctions, Report Says - Bloomberg
Trump Fires DHS Board Probing Salt Typhoon Hacks
Trump dismisses concerns over TikTok's potential security risks
Trump ‘waved a white flag to Chinese hackers,’ senator says • The Register
Chinese Hackers Hijack VPN's Website to Spread Malware
How Taiwan Balances Cyber Security With Human Rights in Resisting China – The Diplomat
TikTok among six tech firms under fire for sending Europeans' personal data to China | TechRadar
TikTok Restores Service for US Users Based on Trump's Promised Executive Order - SecurityWeek
New Chinese cyberespionage campaign targeted South Korean VPN service | SC Media
US Supreme Court Gives Green Light to TikTok Ban - Infosecurity Magazine
Has the TikTok Ban Already Backfired on US Cyber Security?
Trump Faces Unique Challenges Due to Chinese Hackers | Newsmax.com
Trump has fired a major cyber security investigations body. It’s a risky move
Donald Trump’s bigger China cyber threat isn’t TikTok
Hackers game out infowar against China with the US Navy • The Register
Russia
Russian Ransomware Groups Deploy Email Bombing and Teams Vishing - Infosecurity Magazine
Microsoft Teams abused in Russian email bombing ransomware campaign | TechRadar
Nato flotilla assembles off Estonia to protect undersea cables in Baltic Sea | Nato | The Guardian
Shutting down the net: The growing threat of Russian internet censorship · Global Voices
Russian Hackers Target WhatsApp Accounts, Microsoft | Silicon UK
Several Swiss municipalities and banks hit by cyber attack - SWI swissinfo.ch
Increased cyber security cooperation forged by Russia, Iran | SC Media
CERT-UA warns against "security audit" requests via AnyDesk - Help Net Security
Ukraine's State Registers Restored Following Cyber Attack - Infosecurity Magazine
Massive Russian hack on government database shows cracks in Ukraine's digitalization drive
Russian APT Phishes Kazakh Gov't for Strategic Intel
Iran
Increased cyber security cooperation forged by Russia, Iran | SC Media
North Korea
FBI: North Korean IT workers steal source code to extort employers
The hacker state: How North Korea weaponised internet - India Today
Tools and Controls
An estimated 46,000 VPN servers are vulnerable to being hijacked | Tom's Guide
Educate, Prepare, & Mitigate: The Keys To Unlocking Cyber Resilience
Companies seek specialised expertise to combat Artificial Intelligence (AI) cyber threats
Unsecured Tunnelling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers
Deepfakes force a new era in fraud detection, identity verification - Help Net Security
How Secure Is Your PAM Strategy? - Security Boulevard
Chinese Hackers Hijack VPN's Website to Spread Malware
How Can Generative AI be Used in Cyber Security - Security Boulevard
SDLC Gap Analysis: Requirement For Organisation - Security Boulevard
Using your own laptop or phone for work? Why it’s a security hazard for businesses
Cyber Insights 2025: Attack Surface Management - SecurityWeek
Cyber Insights 2025: APIs – The Threat Continues - SecurityWeek
Acronis CISO on why backup strategies fail and how to make them resilient - Help Net Security
CISA releases AI cyber security playbook
SMEs face rising cyber threats amid AI and training concerns - The Recycler - 20/01/2025
Will 2025 See a Rise of NHI Attacks?
Staying Ahead: Key Cloud-Native Security Practices - Security Boulevard
Microsoft to Mandate MFA for Accessing Microsoft 365 Admin Center
AI-driven insights transform security preparedness and recovery - Help Net Security
Other News
Travel Warning: Cyber Security Emerges As A Top Security Threat In 2025
The WEF forecasts a rocky year ahead in cyber security - Verdict
73% of UK Education Sector Hit by Cyber-Attacks in Past Five Years - Infosecurity Magazine
Healthcare Cyber Security: The Chronic Condition We Can’t Ignore - Security Boulevard
Security Need to Start Saying 'No' Again
Check Point Software’s 2025 Security Report Finds Alarming
The UK's cyber security landscape: Key trends and challenges for 2025
Researchers say new attack could take down the European power grid - Ars Technica
65% of energy professionals rank cyber security as industry's greatest risk
Hit by wave of online attacks, Japan shifts to ‘active cyber defence’ | The Straits Times
Top Spy Agencies in the World: Secrets & Operations
Cyber security threat predictions for 2025: Insights from the dark web - Digital Journal
Lessons from PowerSchool: A Wake-Up Call for the Education Sector | SC Media
Sector getting better at combatting cyber threats - TFN
Ex-spies say suburban D.C. casino would put nation’s secrets at risk - The Washington Post
Vulnerability Management
Exploits on the rise: How defenders can combat sophisticated threat actors | TechRadar
Microsoft: Exchange 2016 and 2019 reach end of support in October
How to Perform a Website Security Scan: A Vulnerabilities Guide
Vulnerabilities
SonicWall Urges Immediate Patch for Critical CVE-2025-23006 Flaw Amid Likely Exploitation
Microsoft Outlook has a new ‘critical’ flaw that spreads malware easily | Digital Trends
A flaw in the W3 Total Cache plugin exposes hundreds of thousands of WordPress sites to attacks
Unsecured Tunnelling Protocols Expose 4.2 Million Hosts, Including VPNs and Routers
Critical Vulnerability In ChatGPT API Enables Reflective DDoS Attacks
Oracle Releases January 2025 Patch to Address 318 Flaws Across Major Products
7-Zip bug could allow a bypass of a Windows security feature. Update now | Malwarebytes
Cisco addresses a critical privilege escalation bug in Meeting Management
FBI/CISA Share Details on Ivanti Exploits Chains: What Network Defenders Need to Know - SecurityWeek
Six vulnerabilities in rsync announced and fixed in a day • The Register
50K Fortinet firewalls still vulnerable to latest zero-day • The Register
Yubico Issues Security Advisory As 2FA Bypass Vulnerability Confirmed
CISA Adds Five-Year-Old jQuery XSS Flaw to Exploited Vulnerabilities List
QNAP fixes six Rsync vulnerabilities in NAS backup, recovery app
Asus lets chip fix slip out early, AMD says patch is inbound • The Register
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.