Black Arrow Cyber Threat Briefing 27 September 2024
Welcome to this week’s Black Arrow Cyber Threat Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Top Cyber Stories of the Last Week
Cyber Threats Top the 2024 Travelers Risk Index, Fourth Time in Six Years
The 2024 Travelers Risk Index shows cyber threats as the top concern for 62% of businesses, surpassing medical cost inflation, employee benefits costs, and economic uncertainty (all at 59%). Despite increased awareness, 30% of over 1,200 respondents lack cyber insurance, though coverage rose to 65% from 60% last year. Cyber incidents rose for the eighth time in nine years, with 24% experiencing breaches. Key concerns include security breaches (57%), ransomware (54%), unsafe employee practices (53%), and system glitches (53%).
Preparing for the Cyber Security and Fraud Risks of Deepfakes: What Executive Teams Need to Know
Reports from the US National Security Agency, the Cybersecurity and Infrastructure Security Agency, and the FBI highlight deepfake technology as a major concern due to the availability of AI tools. Deepfakes can replicate voices and likenesses, making impersonations undetectable. One company lost $25 million to deepfake fraud. Organisations are advised to implement response plans and detection technologies as they become more available, as well as shared phrases to validate identity, but many lack comprehensive strategies, leaving them vulnerable to deepfake-enabled fraud and reputational damage.
Organisation Data on Dark Web Increases Cyber Attack Risk: Marsh McLennan
Searchlight Cyber and the Marsh McLennan Cyber Risk Intelligence Center have found that the presence of any data related to an organisation on the dark web significantly increases the risk of cyber attacks. Despite this, many organisations lack visibility into their dark web exposure. The report emphasises that proactively monitoring the dark web can enable organisations to adjust their defences and effectively stop attacks before they occur.
84 Percent of Enterprises Suffered Security Incidents in the Last Year
Netwrix research shows 84% of enterprises experienced cyber attacks in the past year, up from 65% in 2023. AI automation increases attack frequency and sophistication. Over half of large organisations faced unexpected expenses to fix security gaps. Additionally, 22% faced compliance fines, and 21% suffered reduced competitive edge. Nearly 30% estimate financial damage from cyber threats of at least $50,000.
It's Estimated That 91% of Cyber Attacks Begin with Phishing Emails
Phishing emails cause significant disruption, with 91% of cyber attacks starting this way. Larger companies are vulnerable to lateral phishing (from internal compromised email accounts), while smaller businesses face frequent external phishing and extortion schemes. Smaller businesses experience nearly three times more extortion attacks than larger firms. Many organisations lack tailored security measures to combat evolving email risks, highlighting the need to prioritise email security.
82% of Phishing Sites Now Target Mobile Devices
Zimperium’s 2024 zLabs Global Mobile Threat Report finds 82% of phishing sites target mobile devices, with 76% using HTTPS to appear secure. Unique malware samples increased by 13% year-on-year, with riskware and trojans making up 80% of threats. Healthcare is the most affected industry, with 39% of mobile threats from phishing. Sideloaded apps (installed on a device through unofficial means, bypassing the standard app store) pose significant risks, especially in financial services where 68% of threats are linked to them. Advanced security solutions are essential to protect mobile endpoints.
UK Firms Are Dangerously Overconfident About Paying Ransoms to Cyber Criminals
Cohesity found that ransomware is a top concern for UK organisations, with over half experiencing attacks in 2023. Three-quarters would pay a ransom to recover data, despite only 4% fully recovering after payment. Costs averaged £870,000 per incident, with some reaching £20 million. Fewer than 2% restored operations within 24 hours, and one in five took up to two months. This highlights the need for resilience and robust recovery processes over ransom payments.
Preparing To Fail is a Vital Part of Cyber Security
The UK Government reports that 50% of businesses suffered cyber attacks in 2023. The Synnovis ransomware attack disrupted NHS services, highlighting unpreparedness for worst-case scenarios including when organisations rely on other organisations in their supply chain. Few organisations plan for high-impact risks or supply chain attacks. The report stresses the need for pre-assigned roles and responsibilities to ensure swift remediation. Preparing for the most damaging incidents is essential for organisational survival.
Over a Third of Employees Secretly Sharing Work Info with AI
CybSafe and the National Cyber Security Alliance found that employees sharing sensitive work information with AI tools without permission is a major concern. This behaviour is prevalent among Gen Z (46%) and millennials (43%). Despite awareness of AI risks, over half of employees lack training on safe AI use. Two-thirds of survey respondents worry AI will make scams harder to detect and increase cyber crime. Trust in companies’ AI implementation is low, with 35% expressing low trust. Organisations need training and robust policies to mitigate AI-related risks.
Fortifying the Weakest Link: How to Safeguard Against Supply Chain Cyber Attacks
Recent incidents have highlighted that vulnerabilities in widely-used IT and security tools are a top concern for organisations, with supply chain cyber attacks rising significantly between 2022 and 2023. Despite strengthening direct network defences, many organisations have yet to safeguard against third-party control failures. Key strategies include advanced supplier risk management, securing the software development pipeline, and implementing strong access controls. Adopting frameworks like the NIST cyber security framework and incorporating cyber security requirements into vendor contracts are essential. Without proactive measures, organisations remain vulnerable to significant reputational and operational damage from supply chain cyber attacks.
Underfunding and Leadership Gaps Weaken Cyber Security Defences
Trend Micro found that cyber security threats are the top concern for organisations, but many lack strategic leadership and investment. With 96% of IT leaders worried about the expanding attack surface, the report noted that despite blocking 161 billion threats in 2023, —a 10% increase from the previous year—nearly half of respondents said their leadership did not consider cyber security their responsibility. Only 36% can afford 24/7 coverage, leading to fragmented approaches. Over half believe their organisation’s attitude towards cyber security varies monthly, highlighting inconsistency in risk management. Cyber security is a boardroom issue, and neglecting it could have disastrous consequences.
Racist Network Rail Wi-Fi Hack was Work of Malicious Insider
A cyber attack on public Wi-Fi at 19 UK railway stations on 25 September blocked passengers from accessing the service, receiving racist and Islamophobic messages instead. The British Transport Police arrested an employee of GlobalReach Technology, the Wi-Fi provider, for suspected involvement. Although no personal data was compromised, the incident underscores the significant risks posed by malicious insiders. Telent, responsible for the network, aims to restore services by the weekend. This event highlights the need for robust insider threat mitigation strategies.
Sources:
https://www.jdsupra.com/legalnews/preparing-for-the-cybersecurity-and-3002248/
https://hackernoon.com/its-estimated-that-91percent-of-cyber-attacks-begin-with-phishing-emails
https://www.infosecurity-magazine.com/news/82-phishing-target-mobile-devices/
https://www.infosecurity-magazine.com/news/third-employees-sharing-work-info/
https://informationsecuritybuzz.com/underfunding-and-leadership-gaps-weaken-cybersecurity-defenses/
Governance, Risk and Compliance
84 percent of enterprises suffered security incidents in the last year (betanews.com)
AI threats pushing cyber pros to seek legal safeguards | Cybernews
Preparing to fail is a vital part of cyber security - Ian McGowan (scotsman.com)
AI Adoption Set to Unravel Years of Cyber Resilience - IT Security Guru
Brands are changing cyber security strategies due to AI threats (securityintelligence.com)
Underfunding And Leadership Gaps Weaken Cyber Security Defences (informationsecuritybuzz.com)
How Cyber-Risk & Business Risk Are the Same (darkreading.com)
Cyber threats top the 2024 Travelers Risk Index, fourth time in six years - Reinsurance News
New cyber security advisory highlights defence-in-depth strategies (securityintelligence.com)
How cyber compliance helps minimize the risk of ransomware infections - Help Net Security
What to do - and not to do - when you suffer a cyber-attack (businesscloud.co.uk)
Reporting cyber security posture and systemic risk to the board | CIO
How to give cyber security the priority treatment it deserves (moneymarketing.co.uk)
Balancing Risk and Innovation - A CISO Perspective | Security Magazine
Digital security is everyone's concern – Daily Business Magazine (dailybusinessgroup.co.uk)
Are You Sabotaging Your Cyber Security Posture? - Security Boulevard
Round-the-Clock Cyber Coverage Lacking in Many Orgs | MSSP Alert
Threats
Ransomware, Extortion and Destructive Attacks
Companies Often Pay Ransomware Attackers Multiple Times - Security Boulevard
Cyber security experts urge a stronger security posture in response to AI attacks - SiliconANGLE
ENISA Warns About Hacktivist, Ransomware Crossover (databreachtoday.co.uk)
UK firms are dangerously overconfident about paying ransoms to cyber criminals | ITPro
MFA bypass becomes a critical security issue as ransomware tactics advance - Help Net Security
Ransomware Task Force finds 73% attack increase in 2023 | TechTarget
How cyber compliance helps minimize the risk of ransomware infections - Help Net Security
Warnings After New Valencia Ransomware Group Strikes Businesses and Leaks Data | Tripwire
Two-Thirds of Healthcare Organisations Hit by Ransomware – (globenewswire.com)
Ransomware Victims
ICO Fine Software Provider £6M Following Ransomware Attack (nelsonslaw.co.uk)
Two-Thirds of Healthcare Organisations Hit by Ransomware – (globenewswire.com)
Cyber attack could cost Western Isles council more than £1m - BBC News
Lancaster Royal Grammar targeted by cyber ransom hackers - BBC News
AutoCanada says ransomware attack "may" impact employee data (bleepingcomputer.com)
US government agency confirms it was hit by major ransomware attack | TechRadar
Delaware Libraries confirms RansomHub cyber attack • The Register
Phishing & Email Based Attacks
It's Estimated That 91% Of Cyber Attacks Begin With Phishing Emails | HackerNoon
Phishing and deepfakes are leading AI-powered threats (betanews.com)
82% of Phishing Sites Now Target Mobile Devices - Infosecurity Magazine (infosecurity-magazine.com)
Enterprises suffer surge in mobile phishing attacks (betanews.com)
Europol Shuts Down Major Phishing Scheme Targeting Mobile Phone Credentials (thehackernews.com)
This Phishing Service Helped Criminals Break Into 1 Million+ Stolen Phones (pcmag.com)
Marko Polo hackers found to be running dozens of scams | SC Media (scmagazine.com)
One quarter of small business owners have been targeted by AI-driven scams (prnewswire.com)
75% of organisations say phishing poses the greatest AI risk | Security Magazine
Microsoft 365 Credentials Targeted by TikTok URL-Based Phishing | MSSP Alert
Other Social Engineering
Beware: fraud and smishing scams targeting students | Bournemouth University
US indicts two over socially engineered $230M+ crypto heist • The Register
How to Stop Getting Spam Calls? This Expert Weighs In. (dailydot.com)
Artificial Intelligence
These Are Cyber Chiefs' Biggest Fears About AI (investopedia.com)
Phishing and deepfakes are leading AI-powered threats (betanews.com)
AI threats pushing cyber pros to seek legal safeguards | Cybernews
AI Adoption Set to Unravel Years of Cyber Resilience - IT Security Guru
Brands are changing cybersecurity strategies due to AI threats (securityintelligence.com)
Less Than Half of AI Users Trained on Security and (globenewswire.com)
HackerOne: 48% of Security Professionals Believe AI Is Risky (techrepublic.com)
Hackers deploy AI-written malware in targeted attacks (bleepingcomputer.com)
One quarter of small business owners have been targeted by AI-driven scams (prnewswire.com)
Hacker plants false memories in ChatGPT to steal user data in perpetuity | Ars Technica
Are new gen AI tools putting your business at additional risk? (securityintelligence.com)
SANS Institute: Top 5 dangerous cyber attack techniques in 2024 (securityintelligence.com)
LinkedIn Halts AI Data Processing in UK Amid Privacy Concerns Raised by ICO (thehackernews.com)
Police are using AI to write crime reports. What could go wrong? | ZDNET
2FA/MFA
MFA bypass becomes a critical security issue as ransomware tactics advance - Help Net Security
New Chrome Alert After Hackers Claim 2FA Security Cracked In 10 Minutes (forbes.com)
Malware
AI’s Influence on Malware Attacks Tops IT Pros’ Concerns | MSSP Alert
Unique malware sample volumes seen surging | Computer Weekly
New MacOS Malware Let Attackers Control The Device Remotely (cybersecuritynews.com)
HP Spots a Malware Attack That Was Likely Built With Generative AI (pcmag.com)
RomCom Malware Resurfaces With SnipBot Variant (darkreading.com)
Infostealer malware bypasses Chrome’s new cookie-theft defences (bleepingcomputer.com)
This Windows malware is now evolving to target Linux systems | TechRadar
Move over, Cobalt Strike, there's a new post-exploit tool • The Register
Global infostealer malware operation targets crypto users, gamers (bleepingcomputer.com)
New PondRAT Malware Hidden in Python Packages Targets Software Developers (thehackernews.com)
Russia clings to malware as attacks on Ukraine persist • The Register
Bots/Botnets
65% of websites are unprotected against simple bot attacks - Help Net Security
Mobile
82% of Phishing Sites Now Target Mobile Devices - Infosecurity Magazine (infosecurity-magazine.com)
Mobile Phishing Attacks Targeting Enterprises Surge, Zimperium Researchers Find (prnewswire.com)
The NSA advises you to turn off your phone once a week - here's why | ZDNET
Europol Shuts Down Major Phishing Scheme Targeting Mobile Phone Credentials (thehackernews.com)
New Octo Android malware version impersonates NordVPN, Google Chrome (bleepingcomputer.com)
This Phishing Service Helped Criminals Break Into 1 Million+ Stolen Phones (pcmag.com)
New Android banking trojan Octo2 targets European banks (securityaffairs.com)
Victims lose $70k to Play Store wallet-draining app • The Register
Opinion | Israel’s Pager Attacks Have Changed the World - The New York Times (nytimes.com)
How Digital Forensics Experts Read Your Encrypted WhatsApp Messages (forbes.com)
Denial of Service/DoS/DDoS
DDoS overtakes ransomware as most active cyber threat in Europe | Cybernews
Austria subjected to pro-Russian DDoS intrusions | SC Media (scworld.com)
Internet of Things – IoT
3 tips for securing IoT devices in a connected world - Help Net Security
Hacking Kia cars made after 2013 using just their license plate (securityaffairs.com)
Data Breaches/Leaks
TfL sends letters to 5,000 cyber attack customers whose details were hacked | Evening Standard
'Harvest now, decrypt later': Why hackers are waiting for quantum computing | VentureBeat
Dell's Security Woes Deepen: Attackers Strike Twice In One Week (informationsecuritybuzz.com)
Harvey Nichols confirms cyber attack, says customer data leaked | TechRadar
Twilio Call Data Exposed | MSSP Alert
Over 90 million French records exposed: mysterious data hoarder leaves instances open | Cybernews
Data of 3,191 congressional staffers leaked in the dark web (securityaffairs.com)
Threat Actor IntelBroker Allegedly Claims Leak of Deloitte Data (cybersecuritynews.com)
US Capitol Hit by Massive Dark Web Cyber Attack - Newsweek
Hacker uses Telegram chatbots to leak data - Security - iTnews
AutoCanada says ransomware attack "may" impact employee data (bleepingcomputer.com)
Organised Crime & Criminal Actors
ENISA Warns About Hacktivist, Ransomware Crossover (databreachtoday.co.uk)
Why so many hackers are Russian | Cybernews
Why so many hackers are Russian: Vol 2 | Cybernews
Life imitates xkcd comic as Florida gang beats crypto password from retiree | Ars Technica
Cybersecurity Experts Closing in on Ticketmaster Hacker (digitalmusicnews.com)
Risk & Repeat: What's next for Telegram and Pavel Durov? | TechTarget
Telegram CEO Pavel Durov will hand over data to government (nypost.com)
Shocking poll: Half the world has fallen victim to cyber attacks (studyfinds.org)
Why Russia is a Hotbed of Cyber Crime | Intel471
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Life imitates xkcd comic as Florida gang beats crypto password from retiree | Ars Technica
Hackers stole over $44 million from Asian crypto platform BingX (securityaffairs.com)
Marko Polo hackers found to be running dozens of scams | SC Media (scmagazine.com)
An official OpenAI X account just got hacked by crypto scammers | Mashable
US indicts two over socially engineered $230M+ crypto heist • The Register
Global infostealer malware operation targets crypto users, gamers (bleepingcomputer.com)
Insider Risk and Insider Threats
Racist Network Rail Wi-Fi hack was work of malicious insider | Computer Weekly
Mandiant gives tips on catching North Korean IT operatives • The Register
The Importance of Cyber Security Awareness and Insider Threat Management - Security Boulevard
Why insider threats are cyber security’s next big challenge - Hindustan Times
Insurance
Cyber insurance price hikes stabilize as insurers expect more from CISOs | CSO Online
The surge in cyber insurance and what it means for your business - Help Net Security
Cyber Insurers Owe Millions for Attack, Transcription Firm Says (bloomberglaw.com)
Supply Chain and Third Parties
China's 'Salt Typhoon' Cooks Up Cyber Attacks on US ISPs (darkreading.com)
Cyber security: Remember, We Are All Connected (epsnews.com)
Evaluating embedded vulnerabilities and cyber security risks in procurement | TechRadar
CrowdStrike to Congress: 'Perfect storm' led to IT outage • The Register
Fortifying the Weakest Link: How to Safeguard Against Supply Chain Cyber Attacks - SecurityWeek
Cloud/SaaS
AWS says customers are turning back to on-prem | TechRadar
Microsoft Trims Cloud Cyber Attack Surface (darkreading.com)
Microsoft 365 Credentials Targeted by TikTok URL-Based Phishing | MSSP Alert
Ivanti's Cloud Service Attacked via Second Vuln (darkreading.com)
Outages
'Cyber security issue' blamed for MoneyGram's ongoing outage • The Register
CrowdStrike exec to apologize for faulty update that caused global IT outage (yahoo.com)
CrowdStrike to Congress: 'Perfect storm' led to IT outage • The Register
Identity and Access Management
Securing non-human identities: Why fragmented strategies fail - Help Net Security
Active Directory compromise: Cyber security agencies provide guidance - Help Net Security
Encryption
How to prepare for post-quantum computing security | TechTarget
'Harvest now, decrypt later': Why hackers are waiting for quantum computing | VentureBeat
G7 Cyber Expert Group warns financial sector of quantum computing | SC Media (scworld.com)
How Digital Forensics Experts Read Your Encrypted WhatsApp Messages (forbes.com)
Linux and Open Source
Doomsday 9.9 unauthenticated RCE bug affects 'all Linux' • The Register
Printer bug sends researchers into uproar, affects major Linux distros | CyberScoop
This Windows malware is now evolving to target Linux systems | TechRadar
New Mallox ransomware Linux variant based on leaked Kryptina code (bleepingcomputer.com)
Paid open-source maintainers spend more time on security - Help Net Security
FreeBSD Hypervisor Vulnerability Lets Attackers Execute Malicious Code (cybersecuritynews.com)
Passwords, Credential Stuffing & Brute Force Attacks
Why You Need a Longer Password (howtogeek.com)
Public Sector Compliance: Passwords and Credentials Matter - Security Boulevard
Social Media
Microsoft 365 Credentials Targeted by TikTok URL-Based Phishing | MSSP Alert
An official OpenAI X account just got hacked by crypto scammers | Mashable
LinkedIn Halts AI Data Processing in UK Amid Privacy Concerns Raised by ICO (thehackernews.com)
42% of daily X users have a negative view of it - losing the block feature won't help | ZDNET
X's first transparency report since Musk reveals a surprising contradiction | ZDNET
Malvertising
Training, Education and Awareness
STUDY: Less Than Half of AI Users Trained on Security and (globenewswire.com)
Combating phishing attacks through awareness and simulation | Cybernews
The Importance of Cyber Security Awareness and Insider Threat Management - Security Boulevard
Regulations, Fines and Legislation
ICO Fine Software Provider £6M Following Ransomware Attack (nelsonslaw.co.uk)
Rethinking the United Nations Cybercrime Treaty (justsecurity.org)
Cyber Security | UK Regulatory Outlook September 2024 - Osborne Clarke | Osborne Clarke
UK government's bank data sharing plan blasted by critics • The Register
Models, Frameworks and Standards
New NIST program focuses on AI cyber security and privacy | SC Media (scmagazine.com)
Backup and Recovery
Isolated Cyber Vaults: The last line of defence against billions of attacks | TechRadar
Data Protection
LinkedIn Halts AI Data Processing in UK Amid Privacy Concerns Raised by ICO (thehackernews.com)
Careers, Working in Cyber and Information Security
It’s Never Too Late: Transitioning to a Career in Cyber Security - IT Security Guru
Future-proofing cyber security: Why talent development is key - Help Net Security
Round-the-Clock Cyber Coverage Lacking in Many Orgs | MSSP Alert
Law Enforcement Action and Take Downs
Europol Shuts Down Major Phishing Scheme Targeting Mobile Phone Credentials (thehackernews.com)
This Phishing Service Helped Criminals Break Into 1 Million+ Stolen Phones (pcmag.com)
Telegram Agrees to Share User Data with Authorities for Criminal Investigations (thehackernews.com)
US indicts two over socially engineered $230M+ crypto heist • The Register
Risk & Repeat: What's next for Telegram and Pavel Durov? | TechTarget
Telegram CEO Pavel Durov will hand over data to government (nypost.com)
FBI raids government IT and cyber contractor Carahsoft - Nextgov/FCW
Misinformation, Disinformation and Propaganda
Fake UK news sites ‘spreading false stories’ about western firms in Ukraine | Russia | The Guardian
How Russia, China & Iran Are Targeting US Elections (darkreading.com)
China are the real hackers not us, Taiwan says after cyber accusations, Asia News - AsiaOne
Iranian-linked election interference operation shows signs of recent access | CyberScoop
Officials: Fake Kamala Harris Videos Part of Russian Influence Operations | MSSP Alert
China urges vigilance against Taiwanese cyber attacks - CNA (channelnewsasia.com)
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Developing an effective cyber warfare response plan - Help Net Security
Volt Typhoon: The real end game of evolving nation-state threats - SiliconANGLE
The Supply Chain Conspiracy: Cyber Attacks Behind the Lebanon Explosions - Security Boulevard
Nation State Actors
Bulk of data centre cyber attacks coming from hostile states, warn EU experts (irishexaminer.com)
How Russia, China & Iran Are Targeting US Elections (darkreading.com)
China
US ISPs targeted by new Chinese cyber espionage gang | SC Media (scworld.com)
China's Salt Typhoon cyber spies spotted deep inside US ISPs • The Register
Chinese hackers allegedly hacked US ISPs for cyber espionage | CSO Online
Noise Storms: Massive Amounts of Spoofed Web Traffic Linked to China - SecurityWeek
China's 'Salt Typhoon' Cooks Up Cyber Attacks on US ISPs (darkreading.com)
Chinese APT Earth Baxia target APAC by exploiting GeoServer flaw (securityaffairs.com)
Noise Storms: Mysterious massive waves of spoofed traffic observed since 2020 (securityaffairs.com)
China are the real hackers not us, Taiwan says after cyber accusations, Asia News - AsiaOne
China urges vigilance against Taiwanese cyber attacks - CNA (channelnewsasia.com)
Russia
Fake UK news sites ‘spreading false stories’ about western firms in Ukraine | Russia | The Guardian
Russia-backed Gamaredon still ‘most engaged’ hacker group in Ukraine (therecord.media)
Ukraine sees shift in Russian hacking tactics: more widespread, less severe | Cybernews
Officials: Fake Kamala Harris Videos Part of Russian Influence Operations | MSSP Alert
Why so many hackers are Russian | Cybernews
Why so many hackers are Russian: Vol 2 | Cybernews
Russia clings to malware as attacks on Ukraine persist • The Register
Why Russia is a Hotbed of Cyber Crime | Intel471
Hacktivist Group Twelve Targets Russian Entities with Destructive Cyber Attacks (thehackernews.com)
Kaspersky deletes itself, installs UltraAV antivirus without warning (bleepingcomputer.com)
Austria subjected to pro-Russian DDoS intrusions | SC Media (scworld.com)
Iran
UNC1860 provides Iran-linked APTs with access to Middle Eastern networks (securityaffairs.com)
Bulk of data centre cyber attacks coming from hostile states, warn EU experts (irishexaminer.com)
Concealed Fox Kitten infrastructure exposed | SC Media (scworld.com)
Sweden blames Iran for cyber-attack after Quran-burnings - BBC News
Iranian-linked election interference operation shows signs of recent access | CyberScoop
North Korea
Mandiant gives tips on catching North Korean IT operatives • The Register
Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence
Did Israel infiltrate Lebanese telecoms networks? (securityaffairs.com)
ENISA Warns About Hacktivist, Ransomware Crossover (databreachtoday.co.uk)
Tools and Controls
Preparing to fail is a vital part of cyber security - Ian McGowan (scotsman.com)
AI Adoption Set to Unravel Years of Cyber Resilience - IT Security Guru
Less Than Half of AI Users Trained on Security and (globenewswire.com)
MFA bypass becomes a critical security issue as ransomware tactics advance - Help Net Security
Cloud Exit: 42% of Companies Move Data Back On-Premises - Techopedia
Why threat intelligence is essential to consolidated security | SC Media (scmagazine.com)
Mastercard's Bet on Recorded Future a Win for CTI (darkreading.com)
New cyber security advisory highlights defence-in-depth strategies (securityintelligence.com)
Combating phishing attacks through awareness and simulation | Cybernews
Developing an effective cyber warfare response plan - Help Net Security
Active Directory compromise: Cyber Security agencies provide guidance - Help Net Security
Keep Tier-One Applications Out of Virtual Environments (darkreading.com)
Boredom Is the Silent Killer in Your IT Systems (darkreading.com)
When technical debt strikes the security stack | CSO Online
What Does Platformization Mean for MSSPs and MDRs? | MSSP Alert
What Is Cyber Threat Hunting? (techrepublic.com)
Bulk of data centre cyber attacks coming from hostile states, warn EU experts (irishexaminer.com)
65% of websites are unprotected against simple bot attacks - Help Net Security
CrowdStrike exec to apologize for faulty update that caused global IT outage (yahoo.com)
Securing non-human identities: Why fragmented strategies fail - Help Net Security
Kaspersky users shocked by automatic antivirus replacement without explicit permission | Cybernews
Offensive cyber operations are more than just attacks - Help Net Security
Privacy And API Security: What’s At Stake? (informationsecuritybuzz.com)
How automated red teaming can improve your cyber security | Tech Donut
Move over, Cobalt Strike, there's a new post-exploit tool • The Register
Other News
Small doesn’t mean safe: how SMEs are under attack (smh.com.au)
Digital security is everyone's concern – Daily Business Magazine (dailybusinessgroup.co.uk)
Microsoft Trims Cloud Cyber Attack Surface (darkreading.com)
How Microsoft Is Beefing Up Security With 34,000 Engineers (databreachtoday.co.uk)
Microsoft CEO to cyber team: Don’t tell me how great everything is | The Seattle Times
Are You Sabotaging Your Cyber Security Posture? - Security Boulevard
Cyber security threats target healthcare - SiliconANGLE
ISO - Healthcare cyber security: Diagnosing risks, prescribing solutions
5 Cyber Security Threats Every Startup Should Know | LevelBlue (att.com)
Google, Apple and the antitrust tipping point (ft.com)
10 security bugs put fuel storage tanks at risk of attacks • The Register
6 Cyber Security Headaches Sporting Events Suffer (darkreading.com)
A lesson in cyber threats: Building resilient networks in education | theHRD (thehrdirector.com)
Vulnerability Management
Microsoft ends development of Windows Server Update Services (WSUS) (bleepingcomputer.com)
Windows Server 2025 gets hotpatching option, without reboots - Help Net Security
Boredom Is the Silent Killer in Your IT Systems (darkreading.com)
When technical debt strikes the security stack | CSO Online
EPSS vs. CVSS: What's the Best Approach to Vulnerability Prioritization? (thehackernews.com)
60% of vulnerabilities were leveraged against Microsoft Exchange | Security Magazine
Vulnerabilities
Zero-Click MediaTek Bug Opens Phones, Wi-Fi to Takeover (darkreading.com)
Doomsday 9.9 unauthenticated RCE bug affects 'all Linux' • The Register
Critical Linux bug is CUPS-based remote-code execution hole • The Register
Cisco Patches High-Severity Vulnerabilities in IOS Software - SecurityWeek
Critical Ivanti vTM auth bypass bug now exploited in attacks (bleepingcomputer.com)
Third Recent Ivanti Vulnerability Exploited in the Wild - SecurityWeek
Citrix Releases Security Updates for XenServer and Citrix Hypervisor | CISA
HPE patches three critical flaws in Aruba software • The Register
Researcher reveals ‘catastrophic’ security flaw in the Arc browser - The Verge
Versa Networks Releases Advisory for a Vulnerability in Versa Director, CVE-2024-45229 | CISA
CERT/CC Warns of Unpatched Critical Vulnerability in Microchip ASF - SecurityWeek
ESET Patches Privilege Escalation Vulnerabilities in Windows, macOS Products - SecurityWeek
FreeBSD Hypervisor Vulnerability Lets Attackers Execute Malicious Code (cybersecuritynews.com)
60% of vulnerabilities were leveraged against Microsoft Exchange | Security Magazine
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.