Black Arrow Cyber Threat Intelligence Briefing 31 January 2025
Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Executive Summary
Looking at open source reporting this week, and indeed from our own work, it is clear that UK businesses are facing an alarming rise in cyber attacks, with over half experiencing an incident in 2024. Despite this, only a minority have structured risk assessments or incident response plans in place. AI-driven phishing attacks have surged by over 4,000%, yet just 17% of organisations invest in cyber security training. Meanwhile, the rapid adoption of generative AI is both strengthening defences and empowering attackers. Tools like GhostGPT, available for as little as $50 per week, are automating malware development and phishing campaigns, reducing the technical barrier for cyber criminals. The time from initial breach to full compromise has shrunk to just 48 minutes, highlighting the need for faster response times and automated defences.
Cyber security is no longer just a technical challenge but a critical business issue requiring C-suite engagement. CEOs must integrate security into corporate strategy, particularly for mid-market firms where breaches threaten growth and innovation. The escalating ransomware crisis has led to 58% of victims shutting down operations, yet only 13% fully recover their data, exposing gaps in resilience. The surge in SaaS breaches, up 300% in the past year, further underscores the importance of identity protection and continuous monitoring to mitigate risk.
As cyber threats intensify, Black Arrow Cyber advises organisations to prioritise crisis simulations, proactive investment, and cross-functional collaboration. With 74% of CISOs increasing crisis simulation budgets and AI reshaping the threat landscape, businesses must act now to build resilience. Strengthening mobile security, enforcing least privilege access, and rapidly addressing vulnerabilities are crucial to preventing financial and reputational harm. The cyber security clock is ticking, and businesses must move swiftly to stay ahead of evolving threats.
Top Cyber Stories of the Last Week
More Than Half of UK Workplaces Faced Cyber Attacks Last Year
More than half of UK businesses experienced a cyber attack in 2024, yet only 31% had conducted a cyber risk assessment, and just 15% had a formal incident response plan. Phishing attacks, fuelled by AI advancements, have surged by over 4,000% since 2022, making cyber resilience essential. Despite the evolving threat landscape, only 17% of businesses provide cyber security training to staff. Organisations must prioritise continuous monitoring, attack simulations, and structured incident response plans to mitigate risks. A strong cyber resilience strategy ensures businesses can not only prevent attacks but also respond effectively, minimising disruption and financial impact.
Cyber Security Responsibilities Across the C-Suite: A Breakdown for Every Executive
Cyber security is a core business concern requiring engagement from the entire C-suite, not just the Chief Information Security Officer (CISO). With cyber threats growing in complexity and regulations becoming stricter, organisations must integrate security into their business strategies. A single cyber attack can cause severe financial losses, operational disruption, and reputational damage. Every member of the C-suite plays a key role: CEOs set strategic business priorities that require a secure business environment, CFOs manage financial risks, and a good CISO establishes security defences across people, operations and technology with the CHRO, COO, and CIO. Cross-functional collaboration is essential, ensuring cyber security is embedded in operations, innovation, and culture to protect the organisation’s future.
Hackers Use Generative AI to Attack More Frequently and Effectively
The latest Splunk CISO Report highlights the growing role of Generative AI (GenAI) in cyber security, with over half (52%) of CISOs prioritising emerging technologies. However, only a third (33%) of board members share this view, exposing a strategic gap. Attackers are leveraging GenAI to enhance the effectiveness (32%) and volume (28%) of cyber attacks, making AI-driven threats a top concern for 36% of CISOs. Budget constraints remain an issue, with 64% of CISOs linking underfunding to increased cyber risks.
74% of Organisations are Increasing Crisis Simulation Budgets
Following a series of high-profile cyber incidents in 2024, CISOs are increasing investment in crisis simulations to strengthen organisational resilience. A report by Hack The Box found that 74% of CISOs are raising budgets for crisis preparedness in 2025, with 16% of security budgets being reallocated to these exercises. Key drivers include the growing frequency of cyber incidents (31%) and gaps in incident response planning (20%). With AI reshaping the cyber threat landscape, organisations are prioritising realistic, stress-tested simulations to ensure both technical and non-technical teams can respond decisively to evolving threats.
Only 13% of Organisations Fully Recover Data After a Ransomware Attack
Ransomware attacks are becoming more disruptive, with 58% of organisations forced to shut down operations, up from 45% in 2021. Business impacts are severe: 40% reported revenue losses, 41% lost customers, and 35% suffered significant brand damage. Despite 29% of IT budgets allocated to ransomware defences, 88% of organisations have been victims, with only 13% fully recovering their data. Poor visibility in hybrid environments and unpatched systems are key vulnerabilities. With only 27% adopting microsegmentation, organisations must prioritise containment strategies to protect critical systems and avoid the rising costs of downtime, lost business, and reputational harm.
Cyber Security Threats Hit Mid-Market Firms Where It Hurts: The Bottom Line
Middle-market firms, especially those facing high uncertainty due to fluctuating demand, supply chain disruptions, or macroeconomic volatility, face growing cyber security threats that directly impact their financial stability and innovation. According to PYMNTS Intelligence’s 2025 Certainty Project, 72% of firms are concerned about financial losses due to cyber incidents, rising to 88% for those experiencing heightened uncertainty. High-uncertainty firms are also 81% more likely to delay or cancel technology initiatives, stalling growth. Despite constrained resources, CFOs are shifting cyber security from an IT concern to a business priority, recognising its role in resilience and competitive advantage. As cyber threats escalate, proactive investment in security is essential to safeguard operations and drive innovation.
GhostGPT Can Write Malicious Code, Create Malware, and Create Convincing Phishing Emails for Just $50/Week
Hackers are using an AI chatbot, GhostGPT, to automate cyber attacks, enabling them to write malware, craft phishing emails, and develop exploits with ease. Unlike mainstream AI tools, GhostGPT lacks ethical safeguards and is marketed openly on cyber crime forums. Available as a Telegram bot for as little as $50 per week, it lowers the barrier for attackers with minimal technical skills. Security researchers warn that AI-driven threats like GhostGPT will make cyber attacks more sophisticated and harder to detect, underscoring the need for organisations to adapt their defences to counter AI-enabled cyber crime.
New Phishing Campaign Targets Mobile Devices with Malicious PDFs
A newly discovered phishing campaign is targeting mobile users by impersonating known brands and delivering malicious PDF files via SMS. Researchers uncovered over 20 malicious PDFs and 630 phishing pages, highlighting a large-scale operation spanning more than 50 countries. The campaign employs a sophisticated obfuscation technique to bypass detection, tricking users into providing sensitive information. As mobile phishing threats grow, organisations must prioritise mobile security investments, implement multi-factor authentication and adopt a layered security approach to mitigate risks posed by increasingly advanced social engineering tactics.
The Clock is Ticking: Hackers Can Take You Down in 48 Minutes
Hackers are accelerating their attacks, with the average time from initial access to lateral movement now just 48 minutes; 22% faster than last year. The quickest observed incident took only 27 minutes. A key driver is the rise of information-stealing malware, aiding initial access brokers in expediting attacks. Additionally, the ransomware-as-a-service ecosystem has become more efficient, and AI is enhancing hacking tools. Alarmingly, the time from vulnerability discovery to exploitation has dropped from 47 days to just 18 days; a 62% decrease. Automated defences and rapid patching are critical to mitigating these evolving threats.
Security Threats Top Concerns for UK SMEs
JumpCloud’s latest report highlights that 61% of UK SMEs see security as their top challenge in 2025, with 45% having suffered a cyber security attack, and phishing accounting for 53% of incidents. IT teams are under pressure, with 90% concerned about unauthorised apps expanding their attack surface, and 60% fearing AI threats will outpace their defences. Despite security concerns, nearly half (48%) hesitate to strengthen protections due to user experience trade-offs. Tool sprawl remains an issue, driving 83% to seek unified platforms. Budgets are increasing, with 76% expecting cyber security investment to rise and MSP adoption growing to 79%.
SaaS (Cloud) Breaches Skyrocket 300% as Traditional Defences Fall Short
Software-as-a-Service (SaaS) breaches have surged by 300% in the past year as cyber criminals and nation-state actors increasingly target these platforms. A report by Obsidian Security found that 85% of incidents stemmed from compromised identities, with adversary-in-the-middle attacks accounting for 39%. The healthcare sector was the most affected (14%), followed by government (13%) and financial services (11%). Traditional security tools are struggling to protect SaaS environments, with MFA failing in 84% of cases due to weak implementation or adversary-in-the-middle (AiTM) techniques. To mitigate risk, firms must enhance visibility over SaaS usage, enforce least privilege access controls, and implement continuous monitoring to detect and respond to threats swiftly.
Rise of AI is Causing Many Firms to Worry About Their Cyber Security
A Sophos report highlights growing concerns about AI's impact on cyber security, with 89% of IT leaders fearing flaws in generative AI could weaken defences. Despite this, 99% now see AI as essential when selecting a cyber security provider. While AI enhances threat capabilities, one in five IT leaders hopes it will strengthen protection, and 14% hope it will relieve employee burnout. However, four in five anticipate rising costs, though 87% expect long-term savings. With 98% already embedding AI in security solutions, firms are urged to adopt a human-first approach and carefully assess AI vendors for data quality and effectiveness.
Sources:
https://www.techradar.com/pro/security/hackers-use-genai-to-attack-more-frequently-and-effectively
https://www.helpnetsecurity.com/2025/01/28/cisos-crisis-simulation-budgets/
https://www.helpnetsecurity.com/2025/01/29/ransomware-attacks-business-operations-disruption/
https://www.infosecurity-magazine.com/news/phishing-campaign-targets-mobile/
https://pcr-online.biz/2025/01/29/security-threats-top-concerns-for-uk-smes/
https://www.infosecurity-magazine.com/news/saas-breaches-defenses-short/
Governance, Risk and Compliance
CISOs boost board presence by 77% over two years | Computer Weekly
CISOs are gaining more influence in the boardroom, and it’s about time | ITPro
74% of CISOs are increasing crisis simulation budgets - Help Net Security
Rise of AI is causing many firms to worry about their cyber security | TechRadar
Hackers Are Getting Faster—48 Minutes And You’re Cooked
Cyber security crisis in numbers - Help Net Security
Cyber security Threats Hit Mid-Market Firms in the Bottom Line
CISOs Are Gaining C-Suite Swagger
88% of High-Uncertainty Firms Report Cyber Security Risks
UK Organisations Boosting Cyber Security Budgets - Infosecurity Magazine
UK's small businesses underestimating risk of cyber attacks
Security threats top concerns for UK SMEs – PCR
It’s time to catch up with cyber attackers | TechRadar
More than half of UK workplaces faced cyber attacks last year | theHRD
How to improve cyber resilience across your workforce | theHRD
Cyber Resilience: Sorry Vendors, It’s About Leadership, Not Tech
Crisis Simulation: The New Frontier for CISOs in 2025
How CISOs can forge the best relationships for cyber security investment | CSO Online
Old Ways of Vendor Risk Management Are No Longer Enough
We're losing the battle against complexity, and AI may or may not help | ZDNET
Revealed – top emerging threats for banks and insurers | Insurance Business America
Acronis Data Privacy Survey Reveals 64% of Global Consumers
Cyber trends set to influence business strategies - Help Net Security
Threats
Ransomware, Extortion and Destructive Attacks
TRIPLESTRENGTH Operation Targets Major Cloud Platforms | MSSP Alert
Don't count on ransomware insurance to save you - Tech Monitor
Survey Surfaces Extent of Financial Damage Caused by Ransomware Scourge - Security Boulevard
58% of Ransomware Victims Forced to Shut Down Operations - Infosecurity Magazine
Illumio Research Reveals 58% of Companies Hit With
Only 13% of organisations fully recover data after a ransomware attack - Help Net Security
Another banner year for ransomware gangs • The Register
Ransomware Gangs Linked by Shared Code and Ransom Notes - Infosecurity Magazine
The rising tide of ransomware and what it means for small and medium-sized businesses [Q&A]
Lynx Ransomware Infrastructure To Attack Windows, Linux, ESXi & Affiliate Panel Uncovered
Baguettes bandits strike again with ransomware, humiliation • The Register
New Hellcat Ransomware Gang Employs Humiliation Tactics - Infosecurity Magazine
Revealed – top emerging threats for banks and insurers | Insurance Business America
How Interlock Ransomware Infects Healthcare Organisations
What we know about the AI-powered ransomware group, FunkSec - Raconteur
UK: Consultation on Ransomware payments | DLA Piper - JDSupra
Lynx ransomware infiltration reveals affiliate panel details | SC Media
Ransomware gang uses SSH tunnels for stealthy VMware ESXi access
Ransomware Victims
MGM to pay $45m to data breach and ransomware victims
152,000 Impacted by Data Breach at Berman & Rabin - SecurityWeek
Healthcare Sector Charts 2 More Ransomware Attacks
Ransomware Attack Disrupts Blood Donation Services in US - Infosecurity Magazine
Smiths Group Scrambling to Restore Systems Following Cyber Attack - SecurityWeek
Phishing & Email Based Attacks
New Phishing Campaign Targets Mobile Devices with Malicious PDFs - Infosecurity Magazine
The top 10 brands exploited in phishing attacks - and how to protect yourself | ZDNET
Hidden Text Salting Disrupts Brand Name Detection Systems - Infosecurity Magazine
Hidden in Plain Sight: PDF Mishing Attack - Security Boulevard
Threat Actors Exploit Government Websites for Phishing - Infosecurity Magazine
Phishing Campaign Baits Hook With Malicious Amazon PDFs
Nine out of ten emails are spam - Help Net Security
Other Social Engineering
New Phishing Campaign Targets Mobile Devices with Malicious PDFs - Infosecurity Magazine
Scammers Are Creating Fake News Videos to Blackmail Victims | WIRED
DoJ Busts Up Another Multinational DPRK IT Worker Scam
Don't Fall For These Reddit Scam Pages Waiting to Install Malware On Your Computer
Reddit, WeTransfer pages spoofed in Lumma Stealer campaign | SC Media
British Vishing-as-a-Service Trio Sentenced - Infosecurity Magazine
Artificial Intelligence
Prompt Injection Tricks AI Into Downloading And Executing Malware | Hackaday
Hackers use GenAI to attack more frequently and effectively | TechRadar
Rise of AI is causing many firms to worry about their cyber security | TechRadar
Google: Over 57 Nation-State Threat Groups Using AI for Cyber Operations
DeepSeek's popularity exploited by malware peddlers, scammers - Help Net Security
AI-powered Chrome extensions are watching you…
AI security posture management will be needed before agentic AI takes hold - Help Net Security
DeepSeek’s Popular AI App Is Explicitly Sending US Data to China | WIRED
DeepSeek Blames Disruption on Cyber Attack as Vulnerabilities Emerge - SecurityWeek
The Wiretap: DeepSeek Turned Into Evil Malware Maker, Researchers Find
Nation-State Hackers Abuse Gemini AI Tool - Infosecurity Magazine
What we know about the AI-powered ransomware group, FunkSec - Raconteur
The 10 worst software disasters of 2024: cyber attacks, malicious AI, and silent threats | TechRadar
DeepSeek database left open, exposing sensitive info • The Register
Hackers Are Using Google's AI Chatbot to Make Attacks More Efficient - Business Insider
Time Bandit ChatGPT jailbreak bypasses safeguards on sensitive topics
Risk Matters: Cyber Risk and AI – The Changing Landscape | Newswise
Preparing financial institutions for the next generation of cyber threats - Help Net Security
Meta's Llama Framework Flaw Exposes AI Systems to Remote Code Execution Risks
2FA/MFA
How hackers bypass MFA – and what to do about it | ITPro
Malware
Over a billion credentials stolen were stolen in malware attacks in 2024 | TechRadar
Prompt Injection Tricks AI Into Downloading And Executing Malware | Hackaday
Hacker infects 18,000 "script kiddies" with fake malware builder
Russian Scammers Target Crypto Influencers with Infostealers - Infosecurity Magazine
MintsLoader Delivers StealC Malware and BOINC in Targeted Cyber Attacks
Phishing Campaign Baits Hook With Malicious Amazon PDFs
Don't Fall For These Reddit Scam Pages Waiting to Install Malware On Your Computer
Reddit, WeTransfer pages spoofed in Lumma Stealer campaign | SC Media
18,459 Devices Compromised Worldwide Via XWorm RAT Builder | MSSP Alert
Cyber Insights 2025: Malware Directions - SecurityWeek
Secondary payloads delivered via MintsLoader attacks | SC Media
The Wiretap: DeepSeek Turned Into Evil Malware Maker, Researchers Find
PureCrypter Deploys Agent Tesla and New TorNet Backdoor in Ongoing Cyber Attacks
Phishing campaign in Poland and Germany deploys TorNet backdoor | SC Media
What Happens When Students Bring Malware to Campus? | EdTech Magazine
Bots/Botnets
Aquabot Botnet Targeting Vulnerable Mitel Phones - SecurityWeek
Mobile
New Phishing Campaign Targets Mobile Devices with Malicious PDFs - Infosecurity Magazine
Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More
Google Play security teams used AI in 92% of app reviews in 2024 - Android Authority
Google blocked 2.36 million risky Android apps from Play Store in 2024
Denial of Service/DoS/DDoS
Internet of Things – IoT
Cyber Security Threats To Modern Cars: How Hackers Are Taking Control
Data Breaches/Leaks
MGM to pay $45m to data breach and ransomware victims
TalkTalk confirms data breach involving a third-party platform
UK telco TalkTalk launches probe into alleged data grab • The Register
1 in 2 Americans affected by UnitedHealth cyber attack, new disclosure shows | Rock Hill Herald
UnitedHealth estimates 190M people impacted by Change Healthcare cyber attack – DataBreaches.Net
Mega Data Breaches Push US Victim Count to 1.7 Billion - Infosecurity Magazine
Millions of airline customers possibly affected by OAuth security flaw | TechRadar
DeepSeek database left open, exposing sensitive info • The Register
312% Surge in Breach Notices That Could Have Been Prevented
PowerSchool starts notifying victims of massive data breach
Reporting a Breach? Make Sure Your Lawyer's on Call
152,000 Impacted by Data Breach at Berman & Rabin - SecurityWeek
Organised Crime & Criminal Actors
Cyber security crisis in numbers - Help Net Security
Hackers Are Getting Faster—48 Minutes And You’re Cooked
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
TRIPLESTRENGTH Operation Targets Major Cloud Platforms | MSSP Alert
Russian Scammers Target Crypto Influencers with Infostealers - Infosecurity Magazine
What's Yours is Mine: Is Your Business Ready for Cryptojacking Attacks?
Insider Risk and Insider Threats
How to improve cyber resilience across your workforce | theHRD
British Museum says ex-contractor 'shut down' IT systems • The Register
HR Magazine - Former employee shuts down British Museum IT systems
CrowdStrike Highlights Magnitude of Insider Risk
Insurance
Don't count on ransomware insurance to save you - Tech Monitor
Cyber Insights 2025: Cyberinsurance – The Debate Continues - SecurityWeek
Supply Chain and Third Parties
TalkTalk confirms data breach involving a third-party platform
Revealed – top emerging threats for banks and insurers | Insurance Business America
How Lazarus Group built a cyber espionage empire - Help Net Security
Third-Party Vendors Are the Supply Chain’s Ignored Vulnerability | HackerNoon
Building Resilience Against Zero-Day Threats In Third-Party Risk Management
Old Ways of Vendor Risk Management Are No Longer Enough
Companies told to enhance third party cyber security efforts
GoDaddy’s Cyber Security Called Into Question
Cloud/SaaS
TRIPLESTRENGTH Operation Targets Major Cloud Platforms | MSSP Alert
SaaS Breaches Skyrocket 300% as Traditional Defences Fall Short - Infosecurity Magazine
MITRE's Latest ATT&CK Simulations Tackles Cloud Defences
Microsoft investigates Microsoft 365 outage affecting users, admins
Outages
Microsoft investigates Microsoft 365 outage affecting users, admins
Identity and Access Management
Hackers use Windows RID hijacking to create hidden admin account
Staying Ahead with Enhanced IAM Protocols - Security Boulevard
Microsoft Details Key Strategies for Proactive Identity Management
Encryption
Linux and Open Source
Lynx Ransomware Infrastructure To Attack Windows, Linux, ESXi & Affiliate Panel Uncovered
Lazarus Group's latest heist hits hundreds globally • The Register
Passwords, Credential Stuffing & Brute Force Attacks
Over a billion credentials stolen were stolen in malware attacks in 2024 | TechRadar
Multiple Git flaws led to credentials compromise
Social Media
Microsoft Eyes TikTok’s US Operations Amid National Security Concerns - gHacks Tech News
facebook flags Linux topics as threats
Trump’s bigger China cyber threat isn’t TikTok - The Japan Times
Malvertising
Security Bite: How hackers are still using Google Ads to spread malware - 9to5Mac
Training, Education and Awareness
How to improve cyber resilience across your workforce | theHRD
Regulations, Fines and Legislation
National security risks in routers, modems targeted in bipartisan Senate bill | CyberScoop
SEC and FCA fines: Issues jump - Help Net Security
312% Surge in Breach Notices That Could Have Been Prevented
UK: Consultation on Ransomware payments | DLA Piper - JDSupra
Strengthening National Security in the AI Era
Trump Administration Faces Security Balancing Act in Borderless Cyber Landscape - SecurityWeek
Gutting US cyber advisory boards 'foolish' • The Register
Models, Frameworks and Standards
MITRE's Latest ATT&CK Simulations Tackles Cloud Defences
Careers, Working in Cyber and Information Security
Hackers allegedly stole $69M from cryptocurrency platform Phemex
Nine human-centric strategies that strengthen security teams | SC Media
How to make sure you’ve got the cyber security people you need
Law Enforcement Action and Take Downs
Another banner year for ransomware gangs • The Register
British Vishing-as-a-Service Trio Sentenced - Infosecurity Magazine
Brit fraudsters sentenced over account takeover operation • The Register
Authorities Seize Domains of Popular Hacking Forums in Major Cyber Crime Crackdown
Nulled, Other Cyber Crime Websites Seized by Law Enforcement - SecurityWeek
FBI seizes Cracked.io, Nulled.to hacking forums in Operation Talent
Law enforcement continues efforts to disrupt cyber crime forums and services – DataBreaches.Net
Misinformation, Disinformation and Propaganda
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Google: Over 57 Nation-State Threat Groups Using AI for Cyber Operations
The Private Sector on the Front Line | Foreign Affairs
Nation State Actors
China
Vessel seized on suspicion of cutting Baltic internet cable
Latvia: Undersea cable likely damaged by external influence – DW – 01/27/2025
DeepSeek’s Popular AI App Is Explicitly Sending US Data to China | WIRED
Inside China's 'hacking capital' that has ignited global cyber security alarms | ITV News
Are We Serious About Chinese Spying? - SMERCONISH
DeepSeek Blames Disruption on Cyber Attack as Vulnerabilities Emerge - SecurityWeek
National security risks in routers, modems targeted in bipartisan Senate bill | CyberScoop
The Wiretap: DeepSeek Turned Into Evil Malware Maker, Researchers Find
Hackers Are Using Google's AI Chatbot to Make Attacks More Efficient - Business Insider
Baltic undersea pipes and cables keep getting damaged. What’s going on? | CNN Business
Trump’s bigger China cyber threat isn’t TikTok - The Japan Times
UK launches inquiry into threats to subsea cable systems
Sweden seizes vessel after another undersea cable damaged • The Register
DeepSeek's popularity exploited by malware peddlers, scammers - Help Net Security
Gutting US cyber advisory boards 'foolish' • The Register
Microsoft Eyes TikTok’s US Operations Amid National Security Concerns - gHacks Tech News
Russia
Vessel seized on suspicion of cutting Baltic internet cable
Latvia: Undersea cable likely damaged by external influence – DW – 01/27/2025
Cross-Party Inquiry Examines Threats to Undersea UK Internet Cables - ISPreview UK
Nation-State Hackers Abuse Gemini AI Tool - Infosecurity Magazine
Baltic undersea pipes and cables keep getting damaged. What’s going on? | CNN Business
UK launches inquiry into threats to subsea cable systems
Sweden seizes vessel after another undersea cable damaged • The Register
Russian Scammers Target Crypto Influencers with Infostealers - Infosecurity Magazine
European Union Sanctions Russian Nationals for Hacking Estonia - SecurityWeek
GamaCopy Mimics Gamaredon Tactics in Cyber Espionage Targeting Russian Entities
Iran
Google details nefarious Gemini use by Iranian spies • The Register
North Korea
How Lazarus Group built a cyber espionage empire - Help Net Security
DoJ Busts Up Another Multinational DPRK IT Worker Scam
Lazarus Group's latest heist hits hundreds globally • The Register
Lazarus Group Uses React-Based Admin Panel to Control Global Cyber Attacks
Tools and Controls
74% of CISOs are increasing crisis simulation budgets - Help Net Security
Crisis Simulations: A Top 2025 Concern for CISOs
CISOs Boost Crisis Simulation Budgets Amid High-Profile Cyber-Attacks - Infosecurity Magazine
Crisis Simulation: The New Frontier for CISOs in 2025
How to improve cyber resilience across your workforce | theHRD
Attackers exploit SimpleHelp RMM Software flaws for initial access
Building Resilience Against Zero-Day Threats In Third-Party Risk Management
Hackers exploiting flaws in SimpleHelp RMM to breach networks
Risk Matters: Cyber Risk and AI – The Changing Landscape | Newswise
UK Organisations Boosting Cyber Security Budgets - Infosecurity Magazine
PrintNightmare Aftermath: Windows Print Spooler is Better. What's Next?
Old Ways of Vendor Risk Management Are No Longer Enough
Cyber Resilience: Sorry Vendors, It’s About Leadership, Not Tech
How CISOs can forge the best relationships for cyber security investment | CSO Online
Microsoft Teams phishing attack alerts coming to everyone next month
How to Choose the Right Cyber Security Software: A Comprehensive Guide - Security Boulevard
Remote Monitoring and Management (RMM) Abuse | Intel 471
Staying Ahead with Enhanced IAM Protocols - Security Boulevard
We're losing the battle against complexity, and AI may or may not help | ZDNET
WFH with privacy? 85% of Brit bosses are snooping on staff • The Register
Fragmented cyber security is costing businesses billions, and putting them at risk | TechRadar
Other News
World Economic Forum 2025: Navigating Cyber Security in an Era of Complexity
Vulnerabilities in Telecom Networks Let Hackers Gain Access to 3,000 Companies
Cross-Party Inquiry Examines Threats to Undersea UK Internet Cables - ISPreview UK
Cyber security crisis in numbers - Help Net Security
The 10 worst software disasters of 2024: cyber attacks, malicious AI, and silent threats | TechRadar
UK government is facing a “severe” cyber threat, report
NAO blasts UK gov over litany of cyber resilience failures • The Register
It’s time to catch up with cyber attackers | TechRadar
UK launches inquiry into threats to subsea cable systems
Sweden seizes vessel after another undersea cable damaged • The Register
SMEs to ramp up tech investments in 2025 | Mortgage Professional Australia
Remote Monitoring and Management (RMM) Abuse | Intel 471
Vulnerability Management
Building Resilience Against Zero-Day Threats In Third-Party Risk Management
NCSC Calls on Vendors to Eradicate “Unforgivable” Vulnerabilities - Infosecurity Magazine
Microsoft to deprecate WSUS driver synchronization in 90 days
The 10 worst software disasters of 2024: cyber attacks, malicious AI, and silent threats | TechRadar
UK’s NCSC Proposes New Vulnerability Classification System | MSSP Alert
Vulnerabilities
Fortinet Zero-Day Gives Attackers Super-Admin Privileges
TeamViewer Patches High-Severity Vulnerability in Windows Applications - SecurityWeek
RANsacked: Over 100 Security Flaws Found in LTE and 5G Network Implementations
Palo Alto Networks firewalls have UEFI flaws, Secure Boot bypasses | CSO Online
LTE, 5G Vulnerabilities Could Cut Entire Cities From Cellular Connectivity - SecurityWeek
Vulnerabilities in Telecom Networks Let Hackers Gain Access to 3,000 Companies
Apple Patches Actively Exploited Zero-Day Affecting iPhones, Macs, and More
SonicWall says hackers are exploiting a new zero-day bug to breach customer networks | TechCrunch
Aquabot Botnet Targeting Vulnerable Mitel Phones - SecurityWeek
Multiple Git flaws led to credentials compromise
Apple Silicon flaws could make your private data vulnerable
Broadcom Warns of High-Severity SQL Injection Flaw in VMware Avi Load Balancer
Apple's in-house chips have security flaws that could expose your Gmail inbox to attackers
Broadcom Patches VMware Aria Flaws – Exploits May Lead to Credential Theft
VMware plugs credential-leaking bugs in Cloud Foundation • The Register
TeamViewer fixed a bug in Windows client and host applications
Hackers exploiting flaws in SimpleHelp RMM to breach networks
Millions of airline customers possibly affected by OAuth security flaw | TechRadar
Critical remote code execution bug found in Cacti framework
Zyxel CPE Devices Face Active Exploitation Due to Unpatched CVE-2024-40891 Vulnerability
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.