Black Arrow Cyber Threat Intelligence Briefing 02 May 2025
Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Exec Summary
Our review this week starts with the high-profile breach at UK retailer Marks & Spencer, which has severely impacted operations and employees for over a week, with reports that the organisation had not tested their cyber incident plan. Similar issues are evident across other sectors, with over 60% of firms globally reporting poor readiness for cyber, geopolitical, and AI-related threats.
Cyber resilience is a recurring theme in this week’s threat intelligence review. At Black Arrow Cyber, we recommend organisations test their response plan, such as through our simulation exercises where impartial experts help the leadership team to uncover and address misconceptions regarding IT provision or operational resilience. Such exercises are required by many cyber frameworks and regulations, including the UK’s Cyber Governance Code of Practice.
We also report on attack types including ransomware, account takeover, and AI-fuelled scams that produce fake receipts indistinguishable from the real thing. These developments strain traditional defences and expose critical gaps in resilience. The growing concern around insider risk, particularly the infiltration of major firms by North Korean operatives, reminds business leaders that threats are not always external.
Encouragingly, board-level awareness is growing, with more organisations recognising that cyber resilience must be embedded into company culture and governance. Black Arrow believes the growing prominence of roles like the Business Information Security Officer (BISO), which many of our services emulate, signals a necessary shift toward strategic, business-aligned security leadership and greater resilience against cyber incidents.
Top Cyber Stories of the Last Week
M&S ‘Had No Plan’ for Cyber Attacks, with Staff Sleeping in the Office Amid ‘Paranoia’ and ‘Chaos’
UK retailer Marks & Spencer continues to grapple with a severe cyber attack that has disrupted online orders and recruitment for over a week, with insiders warning full recovery may take months. Reports indicate the retailer lacked a cyber attack or business continuity plan, leaving staff to respond reactively, with some staff describing sleeping in offices and using personal devices amid confusion and shifting internal guidance. The situation has led to significant operational disruption and employee concern over whether hackers remain inside the system. Harrods and the Co-op Group have also been targeted in recent days, highlighting a broader wave of attacks. The Cabinet Office has warned that such incidents should serve as a wake-up call for all UK businesses to prioritise cyber security.
More than 60% of Organisations Are Insufficiently Prepared to Address Urgent Geopolitical, Cyber Security, and Regulatory Risks
AlixPartners’ 2025 Global Risk Survey reveals that over 60% of organisations feel underprepared to manage rising geopolitical, cyber security, and regulatory risks. Nearly three quarters are not ready for international regulatory changes, while 68% are unprepared for AI-related threats despite widespread adoption. Although 63% are investing in technology to combat financial crime, only 44% find it highly effective. Most also lack readiness for cyber security incidents and data privacy breaches. With nearly 70% anticipating increased corporate litigation, many are boosting legal budgets, highlighting a growing need for strategic risk management amid ongoing global volatility.
Fake Payments, Receipts and Invoices on the Rise
The rise of generative AI and poorly implemented automation is fuelling a surge in fake payments, receipts and invoices, putting businesses, particularly SMEs, at greater risk of financial loss. A third of firms were hit by invoice fraud in 2024, often due to weak controls around payment matching. New scams range from fake banking apps, to AI-generated receipts indistinguishable from genuine ones. While government initiatives like the Cyber Governance Code of Practice and the forthcoming Cyber Security and Resilience Bill offer promise, there remains a gap between awareness and action, especially among smaller organisations.
Account Takeovers: A Growing Threat to Your Business and Customers
Account takeovers are rapidly emerging as one of the most costly and damaging cyber threats facing businesses today, with annual losses exceeding $5 billion in the US alone. These attacks occur when criminals gain unauthorised access to legitimate user accounts, often through tactics like credential stuffing, phishing, and SIM swapping. Once inside, attackers can steal funds and personal data, or lock out genuine users. Despite their growing sophistication, many organisations remain underprepared. The financial and reputational fallout can be severe, but proactive steps such as multi-factor authentication, behavioural analytics, and continuous monitoring can significantly reduce the risk.
North Korean Operatives Have Infiltrated Hundreds of Fortune 500 Companies
Security experts from Mandiant and Google Cloud have warned that hundreds of Fortune 500 firms have unknowingly hired North Korean IT workers, with most CISOs admitting to at least one such hire. These operatives, embedded as full-time staff, are earning six-figure salaries, generating an estimated $100 million annually for North Korea’s regime. While initially a financial operation, this threat has evolved, with some dismissed workers resorting to extortion. There is growing concern that these individuals could disrupt services or leak sensitive data, particularly as some have been linked to North Korea’s intelligence services and previous destructive cyber operations.
Phone Theft Is Turning into a Serious Cyber Security Risk
Phone theft is evolving into a significant cyber security risk, with the UK’s Metropolitan Police seizing 1,000 devices a week and Europol uncovering a network affecting over 480,000 victims worldwide. Many organisations still underestimate the risk posed by mobile devices, with only 63% able to track both BYOD and corporate phones. Poor controls and misplaced trust in default security features leave gaps that attackers can exploit to access corporate systems. Without clear response plans or robust mobile device management, stolen smartphones, often more data-rich than laptops, can become a gateway to wider breaches, especially when used for multi-factor authentication.
Why Cyber Resilience Must be Part of Every Organisation’s DNA
LevelBlue’s 2025 Futures Report highlights that while AI adoption is accelerating, only 29% of executives feel prepared for AI-powered threats, despite 42% expecting them. Deepfake attacks are anticipated by 44%, yet just 32% say they’re ready. Nearly half admit they must improve defences against AI-driven adversaries, and 41% are already seeing a significant rise in attacks. Encouragingly, 45% now view cyber resilience as a company-wide priority, up from 27% last year, with 68% noting increased C-suite focus due to media coverage of major breaches. The report urges leaders to embed resilience at board level, invest early, and foster a cyber-aware culture.
Compliance Management In 2025: Ensuring Your Security Strategy Meets Regulatory Demands
Compliance management in 2025 has become more complex and critical, with organisations facing heightened regulatory scrutiny and rising cyber threats. New laws across data privacy, ESG, and third-party risk demand proactive, data-driven compliance. Real-time monitoring and integration of AI and automation are increasingly used to detect risks and improve reporting accuracy. The cost of non-compliance is growing, making alignment between cyber security and regulatory strategy essential. Frameworks and certifications like NIST and ISO 27001, along with RegTech solutions, are now key to building resilient, scalable systems. Organisations must prioritise cross-functional collaboration and continuous improvement to remain secure and compliant.
Ransomware Attacks are Getting Smarter, Harder to Stop
Ransomware remains a critical threat, with 69% of organisations hit in the past year despite growing collaboration between IT and security teams. Yet only 10% of victims recovered over 90% of their data, while more than half recovered less than 50%. The shift toward data exfiltration and double extortion is accelerating, with attackers striking within hours. While ransom payments are declining and 36% of victims refused to pay, recovery gaps persist. Firms investing in data resilience recover up to seven times faster, but only 44% verify backups regularly. These findings underscore the need for proactive, well-practised cyber resilience strategies across the business.
People Know Password Reuse Is Risky but Keep Doing It Anyway
Bitwarden’s research reveals a concerning disconnect between awareness and behaviour when it comes to password security. While 79% of Gen Z acknowledge the risks of password reuse, 59% still recycle passwords after a breach. Over half of respondents have abandoned accounts to avoid password resets, and only 10% always update compromised credentials. Despite this, younger generations are more inclined to enable multi-factor authentication (MFA). Insecure sharing practices persist, with 25% of Gen Z using text messages to share passwords. The report highlights a clear need for targeted education across all age groups, especially among decision-makers.
A Cyber Security Paradox: Even Resilient Organisations Are Blind to AI Threats
LevelBlue’s latest report reveals a growing gap in AI risk awareness among otherwise cyber-resilient organisations. While 94% of these firms invest in software supply chain security, compared to just 62% overall, they remain largely blind to the risks introduced by rapid AI adoption. Only 30% of executives acknowledged increased AI-related supply chain threats. Many resilient organisations may be overlooking how underregulated AI tools expand their attack surface. The report stresses that cyber resilience now demands shared leadership responsibility, proactive risk management, and readiness for both incident response and business continuity.
Securing the Invisible: Supply Chain Security Trends
Supply chain attacks are evolving, with adversaries exploiting trusted software, hardware, and vendor relationships to bypass traditional defences. Continuous monitoring of third-party risk is replacing one-off assessments, as CISOs extend visibility across the extended enterprise. Real-time data, blockchain traceability, and AI-driven threat detection are now essential tools. Software Bills of Materials (SBOMs) have become operational necessities, helping firms assess exposure during emerging threats. Regulatory pressure is growing, with the EU’s DORA and NIS2 setting new expectations. Yet, only a third of supply chain leaders use GenAI tools designed for their domain despite 97% already using the technology in some form.
Don’t Overlook the BISO Role When it Comes to Growth and Continuity
The role of the Business Information Security Officer (BISO) is gaining traction as organisations recognise cyber risk as a critical business risk. BISOs act as a bridge between security teams and the C-suite, helping drive investment in proactive, cost-effective cyber strategies. With ransomware and extortion attacks on the rise, and the average cost of an incident now around $677 million, BISOs help quantify risk, improve resilience, and align security with broader business goals. Though adoption is still growing, more firms are realising the BISO’s value in fostering innovation, operational continuity, and modern cyber hygiene across the enterprise. Many of the services provided by Black Arrow fulfil the function of an internal BISO; talk to us to see how we can help you achieve your objectives in a cost effective and impartial manner.
Sources:
https://cyberscoop.com/north-korea-workers-infiltrate-fortune-500/
https://www.helpnetsecurity.com/2025/05/02/phone-theft-cybersecurity-threat/
https://www.helpnetsecurity.com/2025/04/30/rethink-cyber-resilience/
https://cybersecuritynews.com/compliance-management-in-2025/
https://www.helpnetsecurity.com/2025/04/28/companies-impacted-ransomware-attacks/
https://www.helpnetsecurity.com/2025/05/02/passwords-update-security-risks/
https://www.darkreading.com/cyber-risk/even-resilient-organizations-bind-ai-threats
https://www.helpnetsecurity.com/2025/04/30/supply-chain-security-trends/
https://www.techradar.com/pro/dont-overlook-the-biso-role-when-it-comes-to-growth-and-continuity
Governance, Risk and Compliance
You're Probably Not Taking Cyber Security Seriously Enough - Above the Law
Don’t overlook the BISO role when it comes to growth and continuity | TechRadar
No longer optional: Cyber risk oversight for boards | American Banker
Stronger Together: Why IT And Security Collaboration Is Business Critical
Compliance Management In 2025: Ensuring Your Security Strategy Meets Regulatory Demands
Gartner: enabling cyber security amid geopolitical rifts | TechRadar
CISOs Call for Streamlined Global Cyber Rules | MSSP Alert
What is a Risk Map (Risk Heat Map)? | Definition from TechTarget
How CISOs Can Leverage Threat Intelligence to Stay Proactive
The CISO’s Role In Ensuring Compliance Amid Evolving Cyber Threats
Half of CIOs lack access to appropriate cyber security tools for their business - Business Plus
The Expanding Role of CISOs in Tech and Corporate Governance
Why CISOs Are Key to Integrating ESG and Cyber Security - Cyber Security News
From compliance to culture: Making security part of our daily routines
How to survive as a CISO aka 'chief scapegoat officer' • The Register
Threats
Ransomware, Extortion and Destructive Attacks
Ransomware attacks are getting smarter, harder to stop - Help Net Security
Ransomware Group Hacks Webcam to Evade Endpoint Defences
The 5 Emerging Cyber Attack Techniques Poised to Disrupt
6 major supply chain cyber security risks in 2025| Cybernews
DragonForce expands ransomware model with white-label branding scheme
Law Enforcement Crackdowns Drive Novel Ransomware Affiliate Schemes - Infosecurity Magazine
Prolific RansomHub Operation Goes Dark
Emerging Threat Actor Hellcat Exemplifies Continued Innovation in Ransomware TPPs | MSSP Alert
The 5,365 Ransomware Attack Rampage — What You Need To Know
Ransomware Attacks on Critical Infrastructure Surge, Reports FBI | Tripwire
Ransomware Victims
Marks & Spencer breach linked to Scattered Spider ransomware attack
M&S market value falls £700m amid cyber attack
Some M&S stores left with empty shelves after cyber attack - BBC News
M&S report warned of cyber threats year before hack
How ‘native English’ Scattered Spider group linked to M&S attack operate | Cybercrime | The Guardian
Co-op hit by cyber attack as back-office systems disrupted
M&S stops hiring after systems taken offline due to cyber attack
Top security body urges retailers to act following Marks & Spencer cyber attack | Retail Week
M&S: WFH staff locked out of systems amid cyber attack fallout - Retail Gazette
Harrods is latest retailer to be hit by cyber-attack | Harrods | The Guardian
Co-op cyber attack: Staff told to keep cameras on in meetings - BBC News
M&S cyber attack: Retailer working 'day and night' to manage impact - BBC News
M&S and Co-op: UK retailers brace for cyber attacks
Retail cyber attacks sound alarm for food manufacturing supply chains
Warning hackers may ‘try their luck’ with other retailers as M&S issues update | The Independent
Almost a million patients hit by Frederick Health data breach | TechRadar
Phishing & Email Based Attacks
Low-tech phishing attacks are gaining ground - Help Net Security
Same Inbox, New Tricks: A Look At The Email Threat Landscape In Q1 2025
This Email Sounds Like It Came From Your Boss. But It Didn’t. | Symantec Enterprise Blogs
Phishers Take Advantage of Iberian Power Outage
Why MFA is getting easer to bypass and what to do about it - Ars Technica
Criminals are pretending to be Microsoft, Google, and Apple in phishing attacks | TechRadar
A large-scale phishing campaign targets WordPress WooCommerce users
Large-Scale Phishing Campaigns Target Russia and Ukraine - Infosecurity Magazine
Other Social Engineering
North Koreans Still Working Hard to Take Your IT Job: 'Any Organisation Is a Target' | PCMag
There's one question that stumps North Korean fake workers • The Register
Mobile security is a frontline risk. Are you ready? - Help Net Security
North Korean operatives have infiltrated hundreds of Fortune 500 companies | CyberScoop
Fraud, Scams and Financial Crime
Cyber security: fake payments, receipts and invoices on the rise | ICAEW
Government Set to Ban SIM Farms in European First - Infosecurity Magazine
WhatsApp, Signal scam leads to Microsoft account hacks [April 2025] | Mashable
PayPal Red Alert Issued After 600% Increase In Scams Recorded in 2025: What You Need To Know
Online fraud peaks as breaches rise - Help Net Security
Mystery Box Scams Deployed to Steal Credit Card Data - Infosecurity Magazine
Gig-Work Platforms at Risk for Data Breaches, Fraud, Account Takeovers
Third-party applications for online banking give fraudsters access to your money - Cyberpolice | УНН
Artificial Intelligence
The 5 Emerging Cyber Attack Techniques Poised to Disrupt
Enterprises Need to Beware of These 5 Threats
AI and automation shift the cyber security balance toward attackers - Help Net Security
Even Cyber Resilient Organisations Struggle to Comprehend AI Risks
AI, Automation & Dark Web Fuel Evolving Threat Landscape
The Next Two Years In AI Cyber Security For Business Leaders
4 lessons in the new era of AI-enabled cyber crime | TechTarget
Agentic AI Systems Pose Alarming API Security Risks
Ex-NSA cyber boss: AI will soon be a great exploit dev • The Register
Claude AI Exploited to Operate 100+ Fake Political Personas in Global Influence Campaign
Forthcoming NIST profile to address growing AI-cyber challenges - Nextgov/FCW
South Korea says DeepSeek transferred user data, prompts without consent | Reuters
Microsoft’s AI Starts Secretly Copying And Saving Your Messages
60% of AI agents are embedded in IT departments - here's what they're doing | ZDNET
End users can code with AI, but IT must be wary | TechTarget
Drones may strike targets with no human input, says minister
2FA/MFA
Why MFA is getting easer to bypass and what to do about it - Ars Technica
Malware
CEO of cyber security firm charged with installing malware on hospital systems
Infosec pro blabs about alleged malware mishap on LinkedIn • The Register
New WordPress Malware Masquerades as Plugin - Infosecurity Magazine
Novel Gremlin Stealer malware emerges | SC Media
WordPress plugin disguised as a security tool injects backdoor
Malware Steals 1.7 Billion Passwords — Publishes Them To Dark Web
Hackers abuse IPv6 networking feature to hijack software updates
DarkWatchman cyber crime malware returns on Russian networks | The Record from Recorded Future News
Hive0117 group targets Russian firms with new variant of DarkWatchman malware
Mobile
Mobile security is a frontline risk. Are you ready? - Help Net Security
Phone theft is turning into a serious cyber security risk - Help Net Security
Mobile Applications: A Cesspool of Security Issues
Government Set to Ban SIM Farms in European First - Infosecurity Magazine
Half of Mobile Devices Run Outdated Operating Systems - Infosecurity Magazine
iOS and Android juice jacking defences have been trivial to bypass for years - Ars Technica
Google’s Play Store lost nearly half its apps | The Verge
Denial of Service/DoS/DDoS
DDoS attacks jump 358% compared to last year - Help Net Security
DDoS attacks in 2025 have already surpassed the 2024 total | TechRadar
Pro-Russian hackers strike Dutch municipalities with coordinated DDoS attack | NL Times
Internet of Things – IoT
Vehicles Face 45% More Attacks, 4 Times More Hackers
Data Breaches/Leaks
SAS names and ranks reportedly available online for a decade - BBC News
Malware Steals 1.7 Billion Passwords — Publishes Them To Dark Web
Signalgate: Security culture? America's screwed • The Register
27 million French electronics giant’s customer records leaked online | Cybernews
Commvault says recent breach didn't impact customer backup data
Ascension discloses second major cyber attack in a year • The Register
Gig-Work Platforms at Risk for Data Breaches, Fraud, Account Takeovers
African multinational telco giant MTN disclosed a data breach
Banking details of thousands of Aussies stolen by cyber criminals
ANY.RUN warns free-tier users of data exposure | Cybernews
Almost a million patients hit by Frederick Health data breach | TechRadar
Employee monitoring app exposes 21M work screens | Cybernews
Nova Scotia Power cyber attack impacts customer billing accounts | Cybernews
Organised Crime & Criminal Actors
Cyber criminals switch up their top initial access vectors of choice | CSO Online
Europol Creates “Violence-as-a-Service” Taskforce - Infosecurity Magazine
Cyber defenders need to remember their adversaries are human, says Trellix research head | IT Pro
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Storm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining Containers
Solana DeFi protocol Loopscale hit with $5.8 million exploit two weeks after launch | The Block
Insider Risk and Insider Threats
People know password reuse is risky but keep doing it anyway - Help Net Security
Infosec pro blabs about alleged malware mishap on LinkedIn • The Register
Ex-Disney employee gets three years in prison for menu hacks • The Register
North Koreans Still Working Hard to Take Your IT Job: 'Any Organisation Is a Target' | PCMag
North Korean operatives have infiltrated hundreds of Fortune 500 companies | CyberScoop
Insurance
Reducing Cyber Insurance Costs - CISO Proactive Measures
How Organisations Can Leverage Cyber Insurance Effectively
Supply Chain and Third Parties
6 major supply chain cyber security risks in 2025| Cybernews
Half of red flags in third-party deals never reach compliance teams - Help Net Security
Securing the invisible: Supply chain security trends - Help Net Security
Cloud/SaaS
Over 90% of Cyber Security Leaders Worldwide Encountered Cyber Attacks Targeting Cloud Environments
JPMorgan CISO Warns of SaaS Security Risks - Infosecurity Magazine
Storm-1977 Hits Education Clouds with AzureChecker, Deploys 200+ Crypto Mining Containers
Dropbox, OneDrive Abused In Massive Southeast Asia Cyber-Espionage Operation
Outages
Oracle engineers caused dayslong software outage at U.S. hospitals
Identity and Access Management
Identity and Access Management (IAM) - The CISO’s Core Focus in Modern Cyber Security
Encryption
Quantum computer threat spurring quiet overhaul of internet security | CyberScoop
Passwords, Credential Stuffing & Brute Force Attacks
People know password reuse is risky but keep doing it anyway - Help Net Security
Some of you still use these awful passwords today
Account Takeovers: A Growing Threat to Your Business and Customers - Security Boulevard
Law Enforcement Can Break 77% Of ‘Three Random Word’ Passwords
Malware Steals 1.7 Billion Passwords — Publishes Them To Dark Web
Microsoft Confirms Password Spraying Attack — What You Need To Know
46% of the most trusted US companies' employees reuse
CISOs should re-consider using Microsoft RDP due to password flaw, says expert | CSO Online
Regulations, Fines and Legislation
Government Set to Ban SIM Farms in European First - Infosecurity Magazine
Compliance Management In 2025: Ensuring Your Security Strategy Meets Regulatory Demands
CISOs Call for Streamlined Global Cyber Rules | MSSP Alert
The CISO’s Role In Ensuring Compliance Amid Evolving Cyber Threats
Tariffs could slow replacement of telecom networks, according to industry official | CyberScoop
UK and Canadian Regulators Demand Robust Data Protection Amid 23andMe - Infosecurity Magazine
Former CISA head slams Trump for 'dangerously degrading' US cyber defences | Cybernews
Signalgate: Security culture? America's screwed • The Register
House passes bill to study routers’ national security risks | CyberScoop
FBI steps in amid rash of politically charged swattings • The Register
8 in 10 Brits support biometrics, personal data collection for national security | Biometric Update
The risks of standing down: Why halting US cyber ops against Russia erodes deterrence | CSO Online
CVE board 'kept in the dark' on funding, members say • The Register
Models, Frameworks and Standards
Will UK Cyber Reforms Keep Step with NIS2? | DLA Piper - JDSupra
Forthcoming NIST profile to address growing AI-cyber challenges - Nextgov/FCW
MoD publishes Secure by Design problem book to bolster cyber resilience | UKAuthority
Backup and Recovery
Commvault says recent breach didn't impact customer backup data
Data Protection
UK and Canadian Regulators Demand Robust Data Protection Amid 23andMe - Infosecurity Magazine
Law Enforcement Action and Take Downs
Ex-Disney employee gets three years in prison for menu hacks • The Register
Europol Creates “Violence-as-a-Service” Taskforce - Infosecurity Magazine
Leaders of 764, global child sextortion group, arrested and charged | CyberScoop
Law Enforcement Can Break 77% Of ‘Three Random Word’ Passwords
Misinformation, Disinformation and Propaganda
Claude AI Exploited to Operate 100+ Fake Political Personas in Global Influence Campaign
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
China
China is America's No.1 cyber threat and the US must react • The Register
House passes bill to study routers’ national security risks | CyberScoop
Chinese Hacking Competitions Fuel the Country’s Broad Cyber Ambitions - Bloomberg
China's Secret Weapon? How EV Batteries Could Be Weaponized to Disrupt America - SecurityWeek
Chinese APT's Adversary-in-the-Middle Tool Dissected - SecurityWeek
How Space Force Plans To Protect The US From Chinese & Russian Spy Satellites
Tariffs could slow replacement of telecom networks, according to industry official | CyberScoop
South Korea says DeepSeek transferred user data, prompts without consent | Reuters
Russia
Russia-linked group Nebulous Mantis targets NATO-related defence organisations
France ties Russian APT28 hackers to 12 cyber attacks on French orgs
Putin's Attacks on Ukraine Rise 70%, With Little Effect
Trump cuts US cyber aid to Ukraine, opening doors to Russian attacks | Cryptopolitan
How Space Force Plans To Protect The US From Chinese & Russian Spy Satellites
The risks of standing down: Why halting US cyber ops against Russia erodes deterrence | CSO Online
Pro-Russian hackers strike Dutch municipalities with coordinated DDoS attack | NL Times
Poland’s state registry temporarily blocked by cyber incident | The Record from Recorded Future News
Large-Scale Phishing Campaigns Target Russia and Ukraine - Infosecurity Magazine
DarkWatchman cyber crime malware returns on Russian networks | The Record from Recorded Future News
Hive0117 group targets Russian firms with new variant of DarkWatchman malware
Iran
North Korea
North Koreans Still Working Hard to Take Your IT Job: 'Any Organisation Is a Target' | PCMag
There's one question that stumps North Korean fake workers • The Register
North Korean operatives have infiltrated hundreds of Fortune 500 companies | CyberScoop
Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence
Dropbox, OneDrive Abused In Massive Southeast Asia Cyber-Espionage Operation
Tools and Controls
No longer optional: Cyber risk oversight for boards | American Banker
Why cyber resilience must be part of every organisation's DNA - Help Net Security
Over 90% of Cyber Security Leaders Worldwide Encountered Cyber Attacks Targeting Cloud Environments
Identity and Access Management (IAM) - The CISO’s Core Focus in Modern Cyber Security
How Organisations Can Leverage Cyber Insurance Effectively
How the hybrid work boom reshapes corporate security | TechRadar
SentinelOne says security vendors are under attack | Cybernews
The CISO’s Guide to Managing Cyber Risk in Hybrid Workplaces
CISOs should re-consider using Microsoft RDP due to password flaw, says expert | CSO Online
CISOs Take Note: Is Needless Cyber Security Strangling Your Business?
What is a Risk Map (Risk Heat Map)? | Definition from TechTarget
How CISOs Can Leverage Threat Intelligence to Stay Proactive
Why CISOs Are Key to Integrating ESG and Cyber Security - Cyber Security News
Commvault says recent breach didn't impact customer backup data
The Hidden Risks of Over-Relying on AI in Cyber Security | MSSP Alert
21 million employee screenshots leaked in bossware breach blunder
Cloud Security Essentials - CISO Resource Toolkit
Employee monitoring app exposes 21M work screens | Cybernews
USAID decides not to collect former workers’ abandoned devices | The Verge
End users can code with AI, but IT must be wary | TechTarget
CIOs Say Security Systems Not Delivering Value For Money, Too Complex To Manage - IT Security Guru
MoD publishes Secure by Design problem book to bolster cyber resilience | UKAuthority
Other News
Why SMEs can no longer afford to ignore cyber risk - Help Net Security
Enterprises Need to Beware of These 5 Threats
Cyber security vendors are themselves under attack by hackers, SentinelOne says | CyberScoop
You're Probably Not Taking Cyber Security Seriously Enough - Above the Law
Study: 90% of bankers see need to increase spending on cyber security
Cyber Security in the UK - House of Commons Library
The 3 biggest cyber security threats to small businesses | Malwarebytes
Cyber defenders need to remember their adversaries are human, says Trellix research head | IT Pro
European Council: No cyber attack in Spain-Portugal blackout - Shafaq News
Getting Physical with Cyber Security - Security Boulevard
7 network security myths that make you less secure
How working from home made Britain vulnerable to cyber attackers
It’s Time to Prioritize Cyber Security Education - Security Boulevard
Cyber Threats Loom Large Over US Space Systems, Warns Pentagon Official - ClearanceJobs
Just 60 Seconds From Attacked To Hacked — The Speed Of Cyber Crime
How to Strengthen Cyber Security in Public Safety and Prevent Downtime
The threats to Britain’s food security can no longer be downplayed
A Windows security developer says this is the biggest threat to your PC | PCWorld
Vulnerability Management
Most critical vulnerabilities aren't worth your attention - Help Net Security
Hackers exploited 75 zero-days last year – Google | Cybernews
44% of the zero-days exploited in 2024 were in enterprise solutions - Help Net Security
Google: Governments are using zero-day hacks more than ever - Ars Technica
How Breaches Start: Breaking Down 5 Real Vulns
CVE board 'kept in the dark' on funding, members say • The Register
Solana DeFi protocol Loopscale hit with $5.8 million exploit two weeks after launch | The Block
CIOs Say Security Systems Not Delivering Value For Money, Too Complex To Manage - IT Security Guru
Vulnerabilities
Google Issues Emergency Chrome Security Update — Act Now
Experts forecast Ivanti VPN attacks as endpoint scans surge • The Register
SAP fixes suspected Netweaver zero-day exploited in attacks
Chrome 136, Firefox 138 Patch High-Severity Vulnerabilities - SecurityWeek
SonicWall Confirms Active Exploitation of Flaws Affecting Multiple Appliance Models
Airplay-enabled devices open to attack via "AirBorne" vulnerabilities - Help Net Security
CISOs should re-consider using Microsoft RDP due to password flaw, says expert | CSO Online
Hackers Exploit Critical Craft CMS Flaws; Hundreds of Servers Likely Compromised
Craft CMS RCE exploit chain used in zero-day attacks to steal data
Coinbase fixes 2FA log error making people think they were hacked
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.