Threat Intelligence Blog

Contact us to discuss any insights from our Blog, and how we can support you in a tailored threat intelligence report.
Spaces available on our next open Cyber Security User Education and Awareness Training Wednesday 23 February 2022 9:00am - 12:00pm £150 per person
Spaces available on our next open Cyber Security User Education and Awareness Training
Wednesday 23 February 2022 9:00am - 12:00pm
£150 per person
Spaces available on our next open Cyber Security User Education and Awareness Training
Wednesday 23 February 2022 9:00am - 12:00pm
£150 per person
Our interactive training events are always well received. Our training sessions are run by our cyber experts, who work with firms day in and day out to help businesses protect themselves against the latest threats.
We demystify cyber security and help your employees to understand the risks they face in their working lives and how to protect your company.
Places are now available for firms to send from one to twelve employees, joining employees from other local businesses.
Ideal for new starters and longer serving employees to help keep security in the forefront of their mind.
Feedback from our customers on our training
•The training was great. I liked how they used real life examples.
•They were able to explain in a way that made sense and avoided the usual IT gibberish that some companies use.
•It was well run, interesting and informative, and I didn’t yawn once!
Open sessions are £150 per person. Contact or call 711 988 to book places.
Now we can hold in person events again our next open cyber education and awareness session is on 14 February - Valentines Day!
Now we can hold in person events again our next open cyber education and awareness session is on 14 February - Valentines Day!
Open sessions are £150 per person and firms can send 1-14 members of staff along. Ideal for new starters, someone who would benefit from refresher training or any other staff that would benefit.
Contact or call 711 988 to book places.
Now we can hold in person events again our next open cyber education and awareness session is on 14 February - Valentines Day!
Open sessions are £150 per person and firms can send 1-14 members of staff along. Ideal for new starters, someone who would benefit from refresher training or any other staff that would benefit.
Contact or call 711 988 to book places.
Black Arrow January Sale: Cyber Security training for £700 per session*
Black Arrow January Sale: Cyber Security training for £700 per session*
Relying only on your IT protection is leaving you exposed to significant cyber risks.
When your technology allows that malicious email to reach your employees, you need your staff to enforce your people and operational controls. It is your last opportunity to stop an incident.
Our January Sale is an exceptional opportunity to learn from world class qualified experts in managing Cyber Security across people, operations and technology.
You will be trained by experts who support clients in incident management and strategy implementation.
Relying only on your IT protection is leaving you exposed to significant cyber risks.
When your technology allows that malicious email to reach your employees, you need your staff to enforce your people and operational controls. It is your last opportunity to stop an incident.
Our January Sale is an exceptional opportunity to learn from world class qualified experts in managing Cyber Security across people, operations and technology.
You will be trained by experts who support clients in incident management and strategy implementation.
Feedback from our customers on our training
•The training was great. I liked how they used real life examples.
•They were able to explain in a way that made sense and avoided the usual IT gibberish that some companies use.
•It was well run, interesting and informative, and I didn’t yawn once!
* One interactive training event for up to 20 employees/contractors, delivered by video due to Covid restrictions; in-person training will resume when possible. Training paid before end January 2022 and delivered by June 2022.
Feedback from our most recent training course for a client
Feedback from our most recent training course for a client:
-"I thought the training was great. I liked how they used real life examples and there were regular breaks in the presentation for case studies. It was very engaging and I came away with some good tips."
-"I thought it was really interesting. It was good that they used lots of examples to keep it engaging"
-"I thought they were really good, I liked the fact that they had good examples and it was interactive"
Feedback from our most recent training course for a client:
-"I thought the training was great. I liked how they used real life examples and there were regular breaks in the presentation for case studies. It was very engaging and I came away with some good tips."
-"I thought it was really interesting. It was good that they used lots of examples to keep it engaging"
-"I thought they were really good, I liked the fact that they had good examples and it was interactive"
-"I found it very informative and they gave good examples. They were able to explain things in a way that made sense and often avoided using the usual IT gibberish that you find some companies use."
-"I think it was well run, interesting and informative, and I didn’t yawn once!"
Training for your staff is critically important, you can have the best technical controls in the world but attackers bypass these by going after your people.
In our work with clients we have seen the value of ensuring your employees understand not only the people and operational controls you have in place to protect your company, but also why those controls are in place, in order that they will uphold them for you to keep your business safe.
Our modern, bright and airy dedicated cyber training suite right in the heart of town is now taking bookings.
Our modern, bright and airy dedicated cyber training suite right in the heart of town is now taking bookings.
We offer open courses, where firms can send anywhere from 1 to 16 members of staff along for User Education and Awareness Training, or we run closed courses for firms tailored specifically to your needs.
Our flexible training suite, comprising two separate training rooms can accommodate:
-Training Room 1:
max 24 auditorium style or 16 cabaret style
-Training Room 2:
max 12 auditorium style or 8 cabaret style
Contact us today for discuss your training requirements for cost effective and flexible training to suit your needs, conveniently located right in the heart of town.
Contact us on 01481 711988 or email to book or discuss your needs
Black Arrow move to dedicated offices in the Pollet, over three floors with Guernsey's only dedicated cyber training suite, in the centre of Town
Black Arrow are pleased to announce we are now in our new dedicated offices at 31-33 Le Pollet, St Peter Port, Guernsey, GY1 1WQ. Spread over three floors, and with Guernsey's only dedicated cyber training suite, right in the the centre of Town. Talk to us today to discuss your user education and awareness training needs or any of the other services we offer to see how we can help you:
-Cyber Security Strategy
-Cyber Risk Management
-Incident Response
-Threat Intelligence
-Cyber Security Gap Analysis
-Virtual Chief Information Security Office (vCISO)
-Cyber Readiness Exercises and Simulations
Black Arrow Cyber Threat Briefing 16 July 2021
Black Arrow Cyber Threat Briefing 16 July 2021: 84% Of Orgs Experienced Phishing Or Ransomware Attacks In The Last Year; Phishing continues to be one of the easiest paths for ransomware; Only Half Of Orgs Can Defend Against Ransomware; MI5 Chief Warns Public Of Cyber-Threat From Hostile States Such As China & Russia; Almost All Orgs Suffered Insider Data Breaches; Cyber Crime Costs Orgs Nearly $1.79 Million Per Minute; Sonicwall Releases Urgent Notice About 'Imminent' Ransomware Targeting Firmware; Google Finds Zero-Day Security Flaws In All Your Favourite Browsers
Welcome to this week’s Black Arrow Cyber Threat Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Top Cyber Stories of the Last Week
84% Of Organisations Experienced Phishing Or Ransomware Attacks In The Last Year
A new report from Trend Micro has found that 84% of organisations have reported phishing or ransomware security incidents in the last 12 months.
The findings come from an Osterman Research study commissioned by Trend Micro that was compiled from interviews with cyber security professionals in midsize and large organisations nationwide. The research also found that half of organisations are not effective at countering phishing and ransomware threats.
Phishing continues to be one of the easiest paths for ransomware
Ransomware gangs are still using phishing as one of the main ways to attack an organisation, according to a new survey from Cloudian featuring the insights of 200 IT decision-makers who experienced a ransomware attack over the last two years.
More than half of all respondents have held anti-phishing training among employees, and 49% had perimeter defenses in place when they were attacked.
Nearly 25% of all survey respondents said their ransomware attacks started through phishing, and of those victims, 65% had conducted anti-phishing training sessions. For enterprises with fewer than 500 employees, 41% said their attacks started with phishing. About one-third of all victims said their public cloud was the entry point ransomware groups used to attack them.
Ransomware: Only Half Of Organisations Can Effectively Defend Against Attacks, Warns Report
Around half of firms don't have the technology to prevent or detect ransomware attacks, according to research by cybersecurity company Trend Micro. It suggests that many organisations don't have the cybersecurity capabilities required to prevent ransomware attacks, such as the ability to detect phishing emails, remote desktop protocol (RDP) compromise or other common techniques deployed by cyber attackers during ransomware campaigns.
For example, the report warns that many organisations struggle with detecting the suspicious activity associated with ransomware and attacks that could provide early evidence that cyber criminals have compromised the network. That includes failing to identify unusual lateral movement across corporate networks, or being able to spot unauthorised users gaining access to corporate data.
MI5 Chief Warns Public Of Cyber-Threat From Hostile States Such As China & Russia
Head of Britain's MI5, Ken McCallum, is urging the public to be as vigilant about threats from "hostile states" as from terrorism.
These include disruptive cyber-attacks, misinformation, espionage and interference in politics - and are usually linked to Russia and China.
McCallum is warning that "less visible threats... have the potential to affect us all," affecting UK jobs and public services and could even lead to a loss of life.
The head of the Security Service wants to challenge the idea that activity by so-called "hostile states", usually taken to mean primarily Russia and China, only affects governments or certain institutions.
Instead, he is to argue in an annual threat update, that the British public are not immune to the "tentacles" of covert action by other states.
In the speech at MI5's Thames House headquarters, Mr McCallum will warn the "consequences range from frustration and inconvenience, through loss of livelihood, potentially up to loss of life".
Almost All Organisations Have Suffered Insider Data Breaches
Egress’ Insider Data Breach Survey 2021 claims that 94 percent of organisations have experienced insider data breaches in the last year. Human error was the top cause of serious incidents, according to 84 percent of IT leaders surveyed.
However, IT leaders are more concerned about malicious insiders, with 28 percent indicating that intentionally malicious behaviour is their biggest fear. Despite causing the most incidents, human error came bottom of the list, with just over one-fifth (21 percent) saying that it’s their biggest concern.
Additionally, almost three-quarters (74 percent) of organisations have been breached because of employees breaking security rules, and 73 percent have been the victim of phishing attacks.
The survey, independently conducted by Arlington Research on behalf of Egress, surveyed 500 IT leaders and 3,000 employees in the US and UK across vertical sectors including financial services, healthcare and legal.
Cyber Crime Costs Organisations Nearly $1.79 Million Per Minute
Cybercrime costs organisations an incredible $1.79m every minute, according to RiskIQ’s 2021 Evil Internet Minute Report.
The study, which analysed the volume of malicious activity on the internet, laid bare the scale and damage of cyber-attacks in the past year, finding that 648 cyber-threats occurred every minute.
The researchers calculated that the average cost of a breach is $7.2 per minute, while the overall predicted cybersecurity spend is $280,060 every minute.
E-commerce has been heavily hit by online payment fraud in the past year, with cyber-criminals taking advantage of the shift to online shopping during the COVID-19 pandemic. While the e-commerce industry saw a record $861.1bn in sales, it lost $38,052 to online payment fraud every minute.
Phishing, Ransomware Driving Wave of Data Breaches
Data compromises have increased every month this year except May.
If that trend continues, or even if there is only an average of 141 new compromises per month for the next six months, the total will still exceed the previous high of 1,632 breaches set in 2017.
These were among the findings of the nonprofit organization Identity Theft Resource Center’s (ITRC) latest data breach analysis report, which revealed publicly reported U.S. data breaches are up 38% in the second quarter of 2021, for a total of 491 compromises, compared to Q1.
Top CVEs Trending with Cybercriminals
An analysis of criminal forums reveal what publicly known vulnerabilities attackers are most interested in.
Criminal small talk in underground forums offer critical clues about which known Common Vulnerabilities and Exposures (CVEs) threat actors are most focused on. This, in turn, offers defenders clues on what to watch out for.
An analysis of such chatter, by Cognyte, examined 15 cybercrime forums between Jan. 2020 and March 2021. In its report, researchers highlight what CVEs are the most frequently mentioned and try to determine where attackers might strike next.
“Our findings revealed that there is no 100 percent correlation between the two parameters, since the top five CVEs that received the highest number of posts are not exactly the ones that were mentioned on the highest number of Dark Web forums examined,” the report said. “However, it is still enough to understand which CVEs were popular among threat actors on the Dark Web during the time examined.”
Sonicwall Releases Urgent Notice About 'Imminent' Ransomware Targeting Firmware
Networking device maker SonicWall sent out an urgent notice to its customers about "an imminent ransomware campaign using stolen credentials" that is targeting Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) products running unpatched and end-of-life 8.x firmware.
In addition to the notice posted to its website, SonicWall sent an email to anyone using SMA and SRA devices, urging some to disconnect their devices immediately. They worked with Mandiant and other security companies on the issue, according to the release.
Google Finds Zero-Day Security Flaws In All Your Favourite Browsers
Researchers at Google have shared insight into four zero-day security vulnerabilities in popular web browsers which were exploited in the wild earlier this year.
DIscovered by Google's Threat Analysis Group (TAG), the four vulnerabilities in Google Chrome, Internet Explorer, and WebKit, the browser engine used by Apple's Safari, were used as a part of three different campaigns.
Ransomware attackers are growing bolder and using new extortion methods
REvil ransomware gang's websites vanish soon after Kaseya fiasco, Uncle Sam threatens retaliation
What it's really like to negotiate with ransomware attackers
This ransomware gang hunts for evidence of crime to pressure victims into paying a ransom
Other Social Engineering
Trickbot Malware Rebounds with Virtual-Desktop Espionage Module
Hackers Spread BIOPASS Malware via Chinese Online Gambling Sites
Microsoft July 2021 Patch Tuesday: 117 vulnerabilities, Pwn2Own Exchange Server bug fixed
SonicWall vulnerability allows attackers to obtain full control of device and underlying OS
Microsoft's Emergency Patch Fails to Fully Fix PrintNightmare RCE Vulnerability
Serious Security Vulnerability Hits DrayTek’s UK Fibre Routers
Kaseya issues patch for on-premise customers, SaaS rollout underway
Data Breaches
Morgan Stanley suffered data breach of customers after supply chain hack
Fashion retailer Guess discloses data breach after ransomware attack
Insurance giant CNA reports data breach after ransomware attack
Organised Crime & Criminal Actors
SolarWinds 0-day gave Chinese hackers privileged access to customer servers
Magecart hackers hide stolen credit card data into images and bogus CSS files
Insider Threats
Dark Web
Supply Chain
Vulnerability in Schneider Electric PLCs allows for undetectable remote takeover
Unpatched Critical RCE Bug Allows Industrial, Utility Takeovers
Nation State Actors
User Education, Awareness and Training
Other News
Kaseya's Staff Sounded the Alarm About Security Flaws for Years Before Ransomware Attack
Israeli Firm Helped Governments Target Journalists, Activists with 0-Days and Spyware
Endpoint Detection (alone) won’t protect your organisation from advanced hacking groups
Kaseya hack proves we need better cyber metrics
Instagram's Security Checkup will help users secure their accounts after a hack
79% of organisations identify threat modelling as a top priority in 2021
As usual, contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our weekly ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.