Black Arrow Cyber Threat Briefing 30 August 2024
Welcome to this week’s Black Arrow Cyber Threat Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Top Cyber Stories of the Last Week
76% of Managed Service Providers (MSPs) Faced an Infrastructure Cyber Attack in Last 12 Months
A recent report by Netwrix highlights that 76% of Managed Service Providers (MSPs) experienced a cyber attack on their infrastructure in the past 12 months, mirroring the 79% seen across all organisations. Of those attacked, 51% incurred unplanned expenses to address security gaps, while 31% suffered a loss of competitive edge, and 27% faced compliance fines - higher than the averages in other sectors. Notably, nearly half (49%) of cloud security incidents involved user account compromises, while 46% of on-premises attacks were related to ransomware or other malware. These findings underscore the critical need for robust security measures in the MSP sector.
Third-Party Risk Management is Under the Spotlight
Recent research highlights a critical vulnerability in the financial sector's digital supply chain resilience, exposed by the recent CrowdStrike IT outage. Despite regulatory pressure from bodies such as the Bank of England and the EU's Digital Operational Resilience Act (DORA), only 20.8% of financial professionals report having stressed exit plans in most third-party agreements, crucial for managing risks from supplier disruptions. With DORA set to be implemented by January 2025, the findings are concerning, as less than 19% of respondents expressed complete confidence in their third-party exit strategies, underscoring the urgent need for improved operational resilience in financial services.
46% of Enterprises Experience Four or More Ransomware Attacks in a Single Year, Affecting ERP Applications and Systems 89% of the Time
Onapsis has revealed that 83% of organisations have faced at least one ransomware attack in the past year, with 46% experiencing four or more, and 14% facing ten or more attacks. Notably, 89% of these attacks impacted Enterprise Resource Planning (ERP) systems, leading to significant business disruptions, with 61% of attacks resulting in at least 24 hours of downtime. As AI-enhanced threats grow, the impact on ERP systems is expected to worsen. The research underscores the inadequacy of generic security solutions, with 93% of respondents agreeing on the need for dedicated ERP security to protect business-critical applications.
Cyber Security Spending is Going to Surge in 2025, and AI Threats are a Key Factor
Gartner's latest research predicts a significant rise in global cyber security spending, expected to reach $183.9 billion in 2024 and increase by 15.1% to $212 billion in 2025. This surge is driven by the adoption of generative AI tools, which are heightening investments in application, data, and infrastructure security. The use of large language models (LLMs) in large-scale social engineering attacks is anticipated to contribute to 17% of cyber attacks or data leaks by 2027. Additionally, the growing shift to cloud services is expected to boost demand for cloud security solutions, with the Cloud Access Security Broker (CASB) and Cloud Workload Protection Platform (CWPP) market projected to hit $8.7 billion by 2025.
Aggressively Monitoring for Changes Is a Key Aspect of Cyber Security
Effective cyber security relies on multiple layers of defence, with file integrity monitoring and change detection being two of the most crucial. These layers are managed through an organisation's change management programme, which ensures that changes are carefully planned, tested, documented, and approved. In the past, making undocumented changes without oversight was common, but today, such practices are a fast track to unemployment. Modern change management involves detailed coordination and approval processes, often by committees, to minimise risks and prevent disruptions to business operations. These layers, while essential, underscore that no system is entirely risk-free.
Half of Enterprises Suffer Breaches Despite Heavy Security Investments
Recent reports indicate a sharp rise in data breach frequency and costs, with the average breach now costing $4.88 million, a 10% increase from the previous year. Notably, 40% of breaches involve data spread across multiple environments, including cloud and on-premises, taking an average of 283 days to identify and contain. Despite having extensive security measures, 51% of enterprises still reported breaches in the last 24 months, with 93% experiencing significant disruptions. Human error remains a critical factor, contributing to 68% of breaches. Additionally, 98% of businesses are linked to breaches through third-party relationships, highlighting the need for robust security across the supply chain.
Why the 80-20 Rule No Longer Works for Cyber Security
A recent analysis challenges the application of the Pareto Principle in cyber security, highlighting that monitoring only 80% of assets leaves organisations significantly exposed. The report reveals that over 90% of CISOs acknowledge breaches are more likely to originate from unknown or unmanaged assets rather than well-monitored ones. Using the metaphor of a ship with unchecked sections, the study emphasises that neglecting even a small percentage of assets can lead to catastrophic outcomes. It questions why some security leaders persist with this approach, given that the unmonitored 20% often contains the most exploitable vulnerabilities. The findings underscore the critical need for comprehensive asset management to effectively mitigate cyber risks.
Deepfakes: Seeing is No Longer Believing
The rising threat of deepfakes is significantly impacting organisations and public trust, with 47% of companies having encountered deepfakes and 70% believing these AI-generated attacks could heavily affect them. Despite 73% of organisations implementing measures against deepfakes, confidence in these defences remains low, with 62% fearing their efforts are insufficient. Public concern is also high, with 81% of Americans worried about the impact of deepfakes on election integrity. However, many people overestimate their ability to detect deepfakes, with 60% believing they could identify one, despite the increasing sophistication of these AI-generated threats.
Online Scam Cycles are Getting Shorter and More Effective
A recent Chainalysis mid-year report highlights that online scam cycles have become significantly shorter and more effective, with cyber criminals increasingly favouring smaller, faster, and more targeted campaigns. The report reveals that 43% of scam revenues on the blockchain were sent to wallets created within the past year, a sharp rise from 29.9% in 2022. This shift indicates a surge in newly launched scams, with the average duration of scams dropping from 271 days in 2020 to just 42 days in 2024. This trend underscores the growing agility and sophistication of cyber criminals in executing their fraudulent activities.
Cyber Attacks on Critical Infrastructure Increased by 30% in One Year
A recent report from KnowBe4 reveals a significant 30% increase in cyber attacks on critical infrastructure, amounting to over 420 million attacks between January 2023 and 2024, or approximately 13 attacks every second. Globally, the weekly average of cyber incidents has quadrupled since 2020, with a doubling just in 2023. The report also highlights growing vulnerabilities in the US power grid, with around 60 new vulnerable points emerging daily, raising the total from 21,000 in 2022 to approximately 24,000. These findings underscore the escalating risks facing critical infrastructure and the urgent need for enhanced security measures.
Russia is Signalling It Could Take Out the West's Internet and GPS. There's No Good Backup Plan
NATO intelligence officials have raised concerns that Russia may disrupt global internet and GPS networks, with recent reports suggesting that Russia is mapping undersea fibre optic cables, which carry 95% of international data. Russia's deputy chairman of the Security Council, Dmitry Medvedev, issued a stark warning after the Nord Stream 2 pipeline attack, suggesting Russia could target these vital communications links. Incidents such as the disruption of telecommunications between Sweden and Estonia in 2023 and the grounding of flights due to GPS interference highlight the growing threat. NATO is increasing surveillance, but experts stress the urgent need for resilient backup systems to protect against potential cyber attacks on this critical infrastructure.
Cyber Attacks on UK Law Firms Surge by 77% Amid Rising Ransomware Threat
A recent study has revealed a 77% increase in successful cyber attacks on UK law firms over the past year, rising from 538 to 954 incidents. Law firms are particularly attractive targets for cyber criminals due to the sensitive and valuable data they hold, leading to frequent ransomware attacks and blackmail attempts. According to a report by the UK’s National Cyber Security Centre, nearly three-quarters of the UK’s top 100 law firms have been impacted by cyber-attacks. The average ransom demand following an attack is $2.47 million, with firms typically paying $1.65 million. Despite the escalating threat, 35% of UK law firms still lack a cyber mitigation plan. Experts recommend stronger cyber defences, including data segregation, to better protect against these attacks.
Sources:
https://www.helpnetsecurity.com/2024/08/29/third-party-risk-management-spotlight/
https://www.helpnetsecurity.com/2024/08/27/data-breach-trends/
https://www.scmagazine.com/perspective/why-the-80-20-rule-no-longer-works-for-cybersecurity
https://www.helpnetsecurity.com/2024/08/29/deepfakes-technology-threat/
https://cyberscoop.com/online-scamming-cycles-shorter-more-effective-chainalysis/
https://www.businessinsider.com/russia-could-take-out-west-internet-gps-back-up-plan-2024-8
https://informationsecuritybuzz.com/cyberattacks-uk-law-firms-ransomware/
Governance, Risk and Compliance
How hard is it to navigate and comply with global cyber security regulations? | Business Wire
Cyber attacks on law firms jumped by 77% over the past year | Law Gazette
Half of enterprises suffer breaches despite heavy security investments - Help Net Security
Why the 80-20 rule no longer works for cyber security | SC Media (scmagazine.com)
Evolving Cyber Security: Aligning Strategy with Business Growth - Security Boulevard
Global Cyber Security spending to surge by 15% next year (electronicspecifier.com)
Cyber security spending is going to surge in 2025 – and AI threats are a key factor | ITPro
Resilience blueprint: Strategic steps to build operational resiliency (betanews.com)
Third-party risk management is under the spotlight - Help Net Security
European Agencies are Taking Cyber Security Seriously and Your Business Should, Too | Entrepreneur
Why cyber risk quantification is ‘becoming more mainstream’ - Security - CRN Australia
Boards Need a New Approach to Technology
If you’re a CISO without D&O insurance, you may need to fight for it | CSO Online
Cyber Security Maturity: A Must-Have on the CISO’s Agenda - SecurityWeek
Business leaders are losing faith in IT, according to this IBM study. Here's why | ZDNET
Cyber Hygiene: Constant Defence Against Evolving B2B Threats (pymnts.com)
6 hot cyber security trends — and 2 going cold | CSO Online
US firms see spike in cyber security services as data breaches increase: ISG - Reinsurance News
Why Companies Need Real-Time Compliance (informationsecuritybuzz.com)
Two strategies to protect your business from the next large-scale tech failure - Help Net Security
Threats
Ransomware, Extortion and Destructive Attacks
BlackSuit Ransomware Threat Actors Demand Up To $500 Million - Security Boulevard
BlackSuit Ransomware Deployed After 15 Days From Initial Access (cybersecuritynews.com)
Ransomware Attacks, Demands, And Payments Rise In Q2 (informationsecuritybuzz.com)
Lateral movement: Clearest sign of unfolding ransomware attack - Help Net Security
Ransomware Group Defences Are Better Than Fortune 100 Firms (govinfosecurity.com)
FBI: RansomHub ransomware breached 210 victims since February (bleepingcomputer.com)
Russian laundering millions for Lazarus hackers arrested in Argentina (bleepingcomputer.com)
Threat Group 'Bling Libra' Pivots to Extortion for Cloud Attacks (darkreading.com)
BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave (thehackernews.com)
Pioneer Kitten: Iranian hackers partnering with ransomware affiliates - Help Net Security
PoorTry Windows driver evolves into a full-featured EDR wiper (bleepingcomputer.com)
Ransomware attacks increasingly target ERP systems (securitybrief.co.nz)
'Big-game hunting' - Ransomware gangs are focusing on more lucrative attacks - Exponential-e Blog
77% of Educational Institutions Spotted a Cyber Attack Within the Last 12 Months (darkreading.com)
Ransomware Victims
US oil giant Halliburton confirms cyber attack behind systems shutdown (bleepingcomputer.com)
BlackSuit ransomware stole data of 950,000 from software vendor (bleepingcomputer.com)
Hunters International ransomware gang threatens to leak US Marshals data | SC Media (scmagazine.com)
Blood donation: NHS stocks are still in short supply after June cyber attack | The BMJ
Cyber attack disrupts Seattle’s Tacoma International Airport and seaport - The Hindu
Ransomware Gang Leaks Data Allegedly Stolen From Microchip Technology - SecurityWeek
77% of Educational Institutions Spotted a Cyber Attack Within the Last 12 Months (darkreading.com)
Patelco confirms thousands of customers hit in ransomware attack | TechRadar
McLaren Health Care restores network weeks after ransomware attack | Healthcare Dive
Play ransomware hackers claim attack on US manufacturer Microchip Technology (therecord.media)
Phishing & Email Based Attacks
Widespread QR Code Phishing Targeted Microsoft 365 Credentials | MSSP Alert
File sharing phishing attacks increase 350 percent (betanews.com)
PSA: Watch out for phishing attacks with fake banking app updates - 9to5Mac
Attackers exploiting trust in VPNs for phishing attacks | Cybernews
How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back (thehackernews.com)
Spoofing: What It Is And How To Spot It | HuffPost Life
2.5 Million Reward Offered For Cyber Criminal Linked To Notorious Angler Exploit Kit | Tripwire
Other Social Engineering
Scammers are increasingly using messaging and social media apps to attack | ZDNET
AI voice generators: What they can do and how they work | ZDNET
Deepfakes: Seeing is no longer believing - Help Net Security
Powerful Spyware Exploits Enable a New String of 'Watering Hole' Attacks | WIRED
Don’t call it quishing but, please, do take it seriously | TechFinitive
Spoofing: What It Is And How To Spot It | HuffPost Life
How Telecom Vulnerabilities Can Be a Threat to Cyber Security Posture (darkreading.com)
Widespread QR Code Phishing Targeted Microsoft 365 Credentials | MSSP Alert
Threat actor lures victims to malware-laden VPN page via call, text | SC Media (scmagazine.com)
Artificial Intelligence
AI voice generators: What they can do and how they work | ZDNET
Deepfakes: Seeing is no longer believing - Help Net Security
Cyber security spending is going to surge in 2025 – and AI threats are a key factor | ITPro
1 in 5 top companies mention generative AI in their financial reports, but not in a good way | ZDNET
Why LLMs Are Just the Tip of the AI Security Iceberg (darkreading.com)
News Desk 2024: Hacking Microsoft Copilot Is Scary Easy (darkreading.com)
6 hot cyber security trends — and 2 going cold | CSO Online
OpenAI and Anthropic to collaborate with US government on AI safety | ZDNET
2FA/MFA
How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back (thehackernews.com)
How Telecom Vulnerabilities Can Be a Threat to Cyber Security Posture (darkreading.com)
Malware
Hackers infect ISPs with malware that steals customers’ credentials | Ars Technica
A new macOS data stealer is going after Apple users | TechRadar
Cthulhu Stealer malware aimed to take macOS user data (appleinsider.com)
New Linux Malware 'sedexp' Hides Credit Card Skimmers Using Udev Rules (thehackernews.com)
MacOS Malware Mimicked Popular Apps to Steal Passwords, Crypto Wallets (pcmag.com)
Microsoft: Exchange Online mistakenly tags emails as malware (bleepingcomputer.com)
This sneaky Linux malware went undetected for years, and is using all-new attack tactics | TechRadar
New vulnerabilities, infostealer compromise on the rise | SC Media (scmagazine.com)
Hackers linked to Russian government found using some very familiar malware tools | TechRadar
Fake Palo Alto GlobalProtect used as lure to backdoor enterprises (bleepingcomputer.com)
Threat actor lures victims to malware-laden VPN page via call, text | SC Media (scmagazine.com)
New Tickler malware used to backdoor US govt, defence orgs (bleepingcomputer.com)
Hackers Exploited Digital Marketing Tools to Launch Malicious Campaigns (cybersecuritynews.com)
New Cyber Attack Targets Chinese-Speaking Businesses with Cobalt Strike Payloads (thehackernews.com)
Mobile
Attackers draining bank accounts using new Android card cloning malware | Cybernews
PSA: Watch out for phishing attacks with fake banking app updates - 9to5Mac
Denial of Service/DoS/DDOS
Mind the Geopolitical Bot: Defending Digitalisation in an Era of Mass Disruption (institute.global)
Internet of Things – IoT
Unpatchable 0-day in surveillance cam is being exploited to install Mirai | Ars Technica
Data Breaches/Leaks
A third of companies hit by data breach amid rising concerns (securitybrief.co.nz)
5 Of The Biggest Security Breaches To Ever Hit Microsoft (slashgear.com)
NHS staff mobile numbers revealed in data breach - BBC News
Scottish health boards hit by cyber-attack (holyrood.com)
500k Impacted by Texas Dow Employees Credit Union Data Breach - SecurityWeek
AMD data reportedly offered for sale on dark web souk • The Register
Hackers claim to have hit US Marshals Service with a major cyber attack | TechRadar
Park’N Fly notifies 1 million customers of data breach (bleepingcomputer.com)
Patelco confirms thousands of customers hit in ransomware attack | TechRadar
DICK’s Sporting Goods says confidential data exposed in cyber attack (bleepingcomputer.com)
Staff details stolen in Banham Poultry cyber attack - BBC News
Watchdog warns FBI is very sloppy on safe data storage • The Register
Organised Crime & Criminal Actors
Ransomware Group Defences Are Better Than Fortune 100 Firms (govinfosecurity.com)
Greasy Opal's CAPTCHA solver still serving cyber crime after 16 years (bleepingcomputer.com)
Telegram: Why Extremists, Criminal Activity Thrive on Chat App - Bloomberg
Hacker USDoD Sheds Light on Identity | MSSP Alert
Adversaries love bots, short-lived IP addresses, out-of-band domains - Help Net Security
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
MacOS Malware Mimicked Popular Apps to Steal Passwords, Crypto Wallets (pcmag.com)
Attackers Exploit Critical Atlassian Confluence Flaw for Cryptojacking (darkreading.com)
Crypto scammers who hacked McDonald's Instagram account say they stole $700,000 (bitdefender.com)
Insider Risk and Insider Threats
Microsoft security tools probed for workplace surveillance • The Register
Insurance
Meeting The New Cyber Insurance Requirements (informationsecuritybuzz.com)
If you’re a CISO without D&O insurance, you may need to fight for it | CSO Online
Cyber Insurance: A Few Security Technologies, a Big Difference in Premiums (darkreading.com)
Insurer Seeks to Rescind Policy Over Privacy Law Compliance (bloomberglaw.com)
Supply Chain and Third Parties
Resilience blueprint: Strategic steps to build operational resiliency (betanews.com)
Third-party risk management is under the spotlight - Help Net Security
76% of MSPs faced an infrastructure cyber attack in last 12 months | Security Magazine
BlackSuit ransomware stole data of 950,000 from software vendor (bleepingcomputer.com)
Supply Chain Security for FinServ - ActiveState
Two strategies to protect your business from the next large-scale tech failure - Help Net Security
Cloud/SaaS
File sharing phishing attacks increase 350 percent (betanews.com)
SaaS security woes continue to haunt cyber teams | ITPro
How to Strengthen Your SaaS Security Posture Management - Security Boulevard
Threat Group 'Bling Libra' Pivots to Extortion for Cloud Attacks (darkreading.com)
Enterprise SaaS apps are still a major security risk | TechRadar
When Convenience Costs: CISOs Struggle With SaaS Security Oversight - SecurityWeek
Cyber criminals capitalize on travel industry's peak season - Help Net Security
Outages
Resilience blueprint: Strategic steps to build operational resiliency (betanews.com)
Third-party risk management is under the spotlight - Help Net Security
Supply Chain Security for FinServ - ActiveState
Two strategies to protect your business from the next large-scale tech failure - Help Net Security
Identity and Access Management
Why ransomware attackers target Active Directory - Help Net Security
The Evolving Landscape Of Identity And Access Management In 2024 (informationsecuritybuzz.com)
Encryption
Denmark wants to ban encrypted Telegram, Signal chats | Cybernews
Linux and Open Source
New Linux Malware 'sedexp' Hides Credit Card Skimmers Using Udev Rules (thehackernews.com)
Linux malware sedexp uses udev rules for persistence and evasion (securityaffairs.com)
This sneaky Linux malware went undetected for years, and is using all-new attack tactics | TechRadar
Passwords, Credential Stuffing & Brute Force Attacks
MacOS Malware Mimicked Popular Apps to Steal Passwords, Crypto Wallets (pcmag.com)
Widespread QR Code Phishing Targeted Microsoft 365 Credentials | MSSP Alert
If You're Still Using This Insecure Password Method, It's Time to Stop (makeuseof.com)
Social Media
Scammers are increasingly using messaging and social media apps to attack | ZDNET
Telegram Founder Pavel Durov Arrested in France for Content Moderation Failures (thehackernews.com)
Malvertising
Hackers Exploited Digital Marketing Tools to Launch Malicious Campaigns (cybersecuritynews.com)
Regulations, Fines and Legislation
Uber Hit With €290m GDPR Fine - Infosecurity Magazine (infosecurity-magazine.com)
UK Labour Party reprimanded over cyber attack backlog by privacy regulator (therecord.media)
The NIS2 Directive: How far does it reach? - Help Net Security
Cyber law reform should be top of Labour's policy list | Computer Weekly
Lawmakers must incentivize cyber protection for critical infrastructure | CyberScoop
Models, Frameworks and Standards
The NIS2 Directive: How far does it reach? - Help Net Security
NIS2 Directive: Focusing on Critical Infrastructure Security (govinfosecurity.com)
5 open source Mitre ATT&CK tools | TechTarget
Data Protection
Uber Hit With €290m GDPR Fine - Infosecurity Magazine (infosecurity-magazine.com)
UK Labour Party reprimanded over cyber attack backlog by privacy regulator (therecord.media)
Watchdog reprimands Labour following data protection breach - BBC News
Law Enforcement Action and Take Downs
Telegram Founder Pavel Durov Arrested in France for Content Moderation Failures (thehackernews.com)
Russian laundering millions for Lazarus hackers arrested in Argentina (bleepingcomputer.com)
Telegram CEO arrest is fuzzy warning to Big Tech | Reuters
Stakes high for European Union after arrest of Telegram co-founder | European Union | The Guardian
Russia-France ties hit new low after Telegram boss' arrest, Moscow says | Reuters
Telegram is a bigger headache than Elon Musk’s X for the EU – POLITICO
2.5 Million Reward Offered For Cyber Criminal Linked To Notorious Angler Exploit Kit | Tripwire
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
The New Frontiers of Cyber-Warfare: Insights From Black Hat 2024 (itprotoday.com)
Ramping Up Cyber Defences Against Adversarial States | AFCEA International
Military 'silent hangar' to help protect against foreign GPS jamming - GOV.UK
Nation State Actors
China
Hackers infect ISPs with malware that steals customers’ credentials | Ars Technica
Chinese government hackers infiltrate at least two top US ISPs | TechRadar
Chinese Volt Typhoon hackers exploited Versa zero-day to breach ISPs, MSPs (bleepingcomputer.com)
Chinese cyber attacks hit nearly half of German firms, study – DW – 08/28/2024
Cyber crime and sabotage cost German firms $300 bln in past year | Reuters
Hackers Use Rare Stealth Techniques to Down Asian Military, Gov't Orgs (darkreading.com)
US efforts to stop Chinese hackers haven’t been fully effective, FBI official says - Nextgov/FCW
Russia
Russia Could Take Out West's Internet, No Good Back up Plan - Business Insider
Russian Hackers Exploit Safari and Chrome Flaws in High-Profile Cyber Attack (thehackernews.com)
In Russia, questions swirl over Telegram CEO's arrest - BBC News
The bewildering politics of Telegram - POLITICO
Russia's APT29 using spyware exploits in new campaigns | TechTarget
Powerful Spyware Exploits Enable a New String of 'Watering Hole' Attacks | WIRED
Latvia and Ukraine sign memorandum of understanding on cyber security | Ukrainska Pravda
Russian laundering millions for Lazarus hackers arrested in Argentina (bleepingcomputer.com)
Iran
Tehran’s state-sponsored hackers helping cybergangs deploy ransomware | Cybernews
Pioneer Kitten: Iranian hackers partnering with ransomware affiliates - Help Net Security
New Tickler malware used to backdoor US govt, defence orgs (bleepingcomputer.com)
Meta Exposes Iranian Hacker Group Targeting Global Political Figures on WhatsApp (thehackernews.com)
Iran hunts down double agents with fake recruiting sites • The Register
Notorious Iranian Hackers Have Been Targeting the Space Industry With a New Backdoor | WIRED
North Korea
South Korean Spies Exploit WPS Office Zero-Day - Infosecurity Magazine (infosecurity-magazine.com)
North Korean Hackers Target Developers with Malicious npm Packages (thehackernews.com)
Russian laundering millions for Lazarus hackers arrested in Argentina (bleepingcomputer.com)
Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence
Telegram: Why Extremists, Criminal Activity Thrive on Chat App - Bloomberg
Cyber Attacks Deployed in Retaliation to Telegram CEO Arrest | MSSP Alert
Tools and Controls
Resilience blueprint: Strategic steps to build operational resiliency (betanews.com)
Aggressively Monitoring for Changes Is a Key Aspect of Cyber Security (darkreading.com)
Global Cyber Security spending to surge by 15% next year (electronicspecifier.com)
Third-party risk management is under the spotlight - Help Net Security
Is the vulnerability disclosure process glitched? How CISOs are being left in the dark | CSO Online
How to Strengthen Your SaaS Security Posture Management - Security Boulevard
Remote Work: A Ticking Time Bomb Waiting to be Exploited (bleepingcomputer.com)
When Convenience Costs: CISOs Struggle With SaaS Security Oversight - SecurityWeek
Combating alert fatigue by prioritizing malicious intent | SC Media (scmagazine.com)
Attackers exploiting trust in VPNs for phishing attacks | Cybernews
Ransomware attacks increasingly target ERP systems (securitybrief.co.nz)
How AitM Phishing Attacks Bypass MFA and EDR—and How to Fight Back (thehackernews.com)
Why cyber risk quantification is ‘becoming more mainstream’ - Security - CRN Australia
Cyber Insurance: A Few Security Technologies, a Big Difference in Premiums (darkreading.com)
Cyber Hygiene: Constant Defence Against Evolving B2B Threats (pymnts.com)
Supply Chain Security for FinServ - ActiveState
Two strategies to protect your business from the next large-scale tech failure - Help Net Security
Why Every Business Should Prioritize Confidential Computing (darkreading.com)
How Security Teams are Strengthening Their Threat Hunting - Security Boulevard
Why Companies Need Real-Time Compliance (informationsecuritybuzz.com)
10 key steps for crafting a robust business continuity plan (networkingplus.co.uk)
Focus on What Matters Most: Exposure Management and Your Attack Surface (thehackernews.com)
After cyber security lab wouldn’t use AV software, US accuses Georgia Tech of fraud | Ars Technica
How to use the NIST CSF and AI RMF to address AI risks | TechTarget
5 open source Mitre ATT&CK tools | TechTarget
Inside the role of a ransomware negotiator - CBS News
The art and science behind Microsoft threat hunting: Part 3 | Microsoft Security Blog
Other News
Cyber attacks on critical infrastructure increase 30 percent (betanews.com)
Cyber attacks on law firms jumped by 77% over the past year | Law Gazette
Why the 80-20 rule no longer works for cyber security | SC Media (scmagazine.com)
Evolving Cyber Security: Aligning Strategy with Business Growth - Security Boulevard
Types of hackers: Black hat, white hat, red hat and more | TechTarget
6 hot cyber security trends — and 2 going cold | CSO Online
Cyber Security Maturity: A Must-Have on the CISO’s Agenda - SecurityWeek
Top Travel Sites Have Some First-Class Security Issues to Clean Up (darkreading.com)
A macro look at the most pressing cyber security risks - Help Net Security
Cyber Accountability: US Strategy Puts Onus on Big Tech (inforisktoday.com)
Microsoft hosts a closed security summit? How transparent • The Register
Nothing to Smile About: Hacks on Dental Practices Swell (databreachtoday.co.uk)
Threat Actors Target the Middle East Using Fake Palo Alto GlobalProtect Tool | Trend Micro (US)
Cyber threats that shaped the first half of 2024 - Help Net Security
A coherent Labour cyber strategy depends on consistency | Computer Weekly
Vulnerability Management
Vulnerabilities rise in first half of 2024 (betanews.com)
Is the vulnerability disclosure process glitched? How CISOs are being left in the dark | CSO Online
New vulnerabilities, infostealer compromise on the rise | SC Media (scmagazine.com)
How to make Windows updates less annoying, in three easy steps | ZDNET
Windows 11 updates are about to become a lot easier with hotpatching | PCWorld
Cyber criminals capitalise on travel industry's peak season - Help Net Security
Vulnerabilities
SonicWall Patches Critical SonicOS Vulnerability - SecurityWeek
Chrome just patched some high-risk security flaws, so go update now | PCWorld
Microsoft Edge RCE Vulnerability Let Attackers Take Control of the System (cybersecuritynews.com)
CISA Flags Critical Apache OFBiz Flaw Amid Active Exploitation Reports (thehackernews.com)
PoC Exploit for Zero-Click Vulnerability Made Available to the Masses (darkreading.com)
BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave (thehackernews.com)
3CX Phone System Local Privilege Escalation Vulnerability - Security Boulevard
Attackers Exploit Critical Atlassian Confluence Flaw for Cryptojacking (darkreading.com)
Cisco Patches Multiple NX-OS Software Vulnerabilities - SecurityWeek
Update Windows now, there are some worrying security hacks on the way | TechRadar
Second Apache OFBiz Vulnerability Exploited in Attacks - SecurityWeek
WordPress Elementor Widgets Add-On Vulnerability (searchenginejournal.com)
Critical Fortra FileCatalyst Workflow vulnerability patched (CVE-2024-6633) - Help Net Security
South Korean Spies Exploit WPS Office Zero-Day - Infosecurity Magazine (infosecurity-magazine.com)
Still have a Windows 10 PC? You have 5 options before support ends next year | ZDNET
3 easy ways to make Windows updates less annoying | ZDNET
Critical Flaws in Traccar GPS System Expose Users to Remote Attacks (thehackernews.com)
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
As usual, contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.