Black Arrow Cyber Threat Intelligence Briefing 13 December 2024

Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.

Top Cyber Stories of the Last Week 

Cyber Security Risks Rise During Mergers & Acquisitions

ReliaQuest’s analysis reveals heightened cyber security risks during mergers and acquisitions, with half of incidents stemming from threat actors exploiting potential security gaps, and the remainder from non-malicious employee issues. The manufacturing, finance and retail sectors were the hardest hit. One private equity CISO observed a 400% surge in phishing attempts post-M&A announcements. Key risks include phishing attacks, data leaks, and vulnerabilities due to legacy systems. ReliaQuest recommends proactive strategies like pre-due-diligence assessments, training, network segmentation, and unified logging to mitigate these risks and ensure smoother integration during M&As.

Ransomware Gangs’ Merciless Attacks Bleed Small Companies Dry

Ransomware attacks surged by 70% in 2023, hitting 4,611 reported incidents according to industry research, with one gang alone extorting an estimated $42 million. Around 80% of victims are small and medium-size organisations. Many rely on cyber security insurance with limits around £1 million, yet the median ransom soared to $6.5 million this year. This gap between insurance coverage and actual costs has driven some companies into administration. Experts warn that, although attackers often use unsophisticated techniques, they remain ruthless. Robust monitoring software, password protection and comprehensive incident response plans can provide critical defences against this escalating threat.

AI & Cyber Security to Shape the Tech Landscape in 2025

The tech landscape of 2025 will be defined by the growth of specialised AI solutions and evolving cyber security measures, according to sector leaders from Nutanix, Rubrik, Snowflake, Obsidian Security, ManageEngine, and Infoblox. Cloud-based AI agents will automate threat detection, but also heighten risks of data leaks and identity-based attacks. Industry-specific models will transform finance, healthcare, manufacturing, and hospitality, offering faster, more precise services. Organisations must enhance data access controls, involve all staff in cyber security, and align IT and business goals. Government regulations and platform-based strategies will play a critical role in supporting innovation and safeguarding operations.

Phishing: The Silent Precursor to Data Breaches

Phishing remains a silent precursor to destructive data breaches, accounting for 31% of cyber security incidents - outdone only by weak or compromised credentials and pretexting. By exploiting human psychology, phishing bypasses technological safeguards, enabling the theft of sensitive data and triggering large-scale cyber attacks. One major infrastructure breach was initiated through a phishing-driven compromise, underscoring the threat’s far-reaching impact. Organisations can reduce phishing risks by prioritising employee training, filtering malicious emails, and implementing multi-factor authentication. This multi-layered approach, combined with a strong incident response plan, is essential to help safeguard systems and protect sensitive information in the modern cyber threat landscape.

Business Cyber Understanding Gap Creates New Vulnerabilities

Cyber security insurance provider Resilience has found that many UK mid-to-large businesses lack a clear grasp of cyber security as a financial risk, despite 74% having experienced cyber crime. The survey of IT and financial leaders highlighted a worrying gap between media focus on data breaches (cited by 72% as their main worry) and the larger financial impact of ransomware (responsible for more than 80% of losses). Limited use of quantitative risk registries (54%) further hampers businesses’ ability to mitigate cyber threats.

Cyber Defence vs Cyber Resilience: Why It's Time to Prioritise Recovery

AI-driven cyber attacks are prevalent, with intruders able to remain undetected for months and most ransomware campaigns targeting backup repositories. This demands a shift from solely cyber defence to holistic cyber resilience. A strategy includes a robust backup approach, active monitoring, and an isolated recovery environment to ensure data remains clean and recoverable. Equally important is cross-functional collaboration between IT and security teams to flag and respond to breaches quickly. By prioritising recovery and resilience, organisations can maintain business operations, minimise downtime, and stay ahead of evolving cyber threats in today’s borderless IT landscape.

UK SMEs Are Concerned About Preparedness for Cyber Attacks as Fraud Rises

Online payment provider Mollie has reported that five and a half million UK SMEs lost an average of £10,800 to fraud this year, leaving nine in 10 C-Suite executives concerned about their survival. Fraud types included phishing (58%), refund scams (42%), account takeovers (30%) and carding attacks (23%). Firms spent around 15 days annually handling these threats, diverting critical resources from core operations. This underscores a growing need for effective cyber security measures that combat rising threats without stifling business growth. Mollie’s research highlights the importance of equipping smaller enterprises with balanced solutions to safeguard revenue and productivity, protecting them from ever-evolving forms of cyber attack.

Cyber Risk to Intensify in 2025 as Attackers Switch Tactics - Moody’s

According to Moody’s 2025 cyber security outlook, the threat environment is evolving as attackers target bigger businesses and harness AI for more potent attacks. Ransomware soared by 70% from 2022 to 2023, with ransom payments hitting a record $1.1 billion. Meanwhile, the share of victims paying ransoms is falling, driving cyber criminals to focus on larger organisations. Supply chain incidents are growing in parallel with the proliferation of AI-enabled scams and greater reliance on external providers. Moody’s recommends warns that robust risk assessments and improved cyber security measures, including passkeys, can help address these mounting challenges.

Companies Pull Leadership Bios from Their Websites After Insurance Executive’s Killing

Following the tragic shooting of a leading insurance executive in New York City, major health insurers have swiftly removed leadership bios from their websites. Archived versions of UnitedHealthcare, Anthem Blue Cross Blue Shield, and Elevance Health pages show these details were public until shortly after the incident. Faced with heightened security concerns, organisations are reinforcing protective measures, while private security firms report a surge in new business. This underscores an evolving risk landscape for senior leaders, prompting companies to carefully manage executive information online and reassess personal safety protocols.

Boardroom Risks Revealed in Latest Beazley Report

Beazley’s latest report highlights cyber security as the top boardroom concern, cited by 45% of executives. Regulatory compliance (41%) and ESG (35%) follow closely, yet 60% of respondents feel only moderately or poorly prepared for cyber attacks. ESG influences are expected to surge, with 68% foreseeing major board impact, but just 39% feel ready. The report urges proactive risk management, encouraging boards to strengthen internal expertise, invest in technology, and align governance strategies with shifting priorities.

Employee Visits to Adult or Gambling Sites Doubles Risk of Infection by Malware

According to new research, employees visiting gambling or adult sites can double the risk of malware infections, including coinminers, trojans, and hacking tools. Browsing illegal sites may increase malware threats by up to five times, while frequent visits to unknown websites also raise infection odds. By identifying how specific user behaviours relate to distinct malware types, organisations can tailor their cyber security defences accordingly. Governments might prioritise hacktools, whereas healthcare could focus on ransomware. Overall, the study suggests that targeted, behaviour-based cyber security measures can help organisations reduce risks cost-effectively for their unique threat profiles.

North Korea's Fake IT Worker Scam Hauled in at Least $88 Million Over Six Years

North Korea’s covert IT workforce has reportedly generated $88 million over six years by posing as remote tech professionals, according to the US Department of Justice. Hiding their true identities and locations, these “IT warriors” channel their earnings into Pyongyang’s coffers, while some leverage access privileges to steal proprietary data and extort employers. Even cyber security businesses have been duped. Authorities have uncovered over 130 participants, linked to firms in China and Russia. Officials warn the threat persists, with continued guidance on detecting the scam and a multimillion-dollar reward in place to disrupt North Korea’s illicit revenue streams.

Sources:

https://securitybrief.co.nz/story/cybersecurity-risks-rise-during-mergers-acquisitions

https://www.claimsjournal.com/news/national/2024/12/06/327772.htm

https://securitybrief.co.nz/story/ai-cybersecurity-to-shape-the-tech-landscape-in-2025

https://www.securityweek.com/phishing-the-silent-precursor-to-data-breaches/

https://www.emergingrisks.co.uk/business-cyber-understanding-gap-creates-new-vulnerabilities/

https://betanews.com/2024/12/06/cyber-defense-vs-cyber-resilience-why-its-time-to-prioritize-recovery/

https://thefintechtimes.com/uk-smes-are-concerned-about-preparedness-for-cyberattacks-as-fraud-rises-finds-mollie/

https://www.reinsurancene.ws/cyber-risk-to-intensify-in-2025-as-attackers-switch-tactics-moodys/

https://fortune.com/2024/12/06/unitedhealthcare-major-insurance-companies-pull-company-board-leadership-bios-elevance-anthem-blue-shield-cross/

https://www.insurancebusinessmag.com/us/news/breaking-news/boardroom-risks-revealed-in-latest-beazley-report-516949.aspx

https://www.newswise.com/articles/employee-visits-to-adult-or-gambling-sites-doubles-risk-of-infection-by-malware

https://www.theregister.com/2024/12/13/doj_dpkr_fake_tech_worker_indictment/


Governance, Risk and Compliance

UK SMEs Are Concerned About Preparedness For Cyber Attacks as Fraud Rises Finds Mollie | The Fintech Times

Cyber security risks rise during mergers & acquisitions

Boardroom risks revealed in latest Beazley report | Insurance Business America

UnitedHealthcare and other major insurance companies pull company and board leadership bios from their websites after executive’s killing | Fortune

Dear CEO: It’s time to rethink security leadership and empower your CISO | CSO Online

Moody's: Hackers Aim for Big Payouts, Supply Chain Attacks

We must adjust expectations for the CISO role - Help Net Security

Cyber defence vs cyber resilience: why it's time to prioritize recovery

Business cyber understanding gap creates new vulnerabilities

Cyber risk to intensify in 2025 as attackers switch tactics: Moody's - Reinsurance News

Cyber Security In The Digital Frontier: Reimagining Organisational Resilience

Charges Against CISOs Create Worries, Hope in Security Industry: Survey - Security Boulevard

The skills that cyber security leaders need

70 percent of cyber security leaders worry about personal liability

Report: 84% of Fortune 500 companies scored a D or worse for their cyber security efforts | Cybernews

CISOs need to consider the personal risks associated with their role - Help Net Security

Cyber security has become a strategic differentiator for organisations, says Ismail Al Naqi at GN forum | Technology – Gulf News

Cultivating a Hacker Mindset in Cyber Security Defence

Blackbaud Appoints Bradley Pyburn, Former Chief of Staff of US Cyber Command, to Board of Directors

Heed the warnings on cyber security threats - James McGachie

How to Improve Your Cyber Security On a Lower Budget | Mimecast


Threats

Ransomware, Extortion and Destructive Attacks

Ransomware Gangs’ Merciless Attacks Bleed Small Companies Dry

You’ve been hit with ransomware. Think twice before you pay. | Constangy, Brooks, Smith & Prophete, LLP - JDSupra

Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering

Cleo Vulnerability Exploitation Linked to Termite Ransomware Group - SecurityWeek

New Windows Drive-By Security Attack—What You Need To Know

What Do We Know About the New Ransomware Gang Termite?

Ransomware Victims

Blue Yonder SaaS giant breached by Termite ransomware gang

8Base hacked port operating company Luka Rijeka - Help Net Security

Separate ransomware attacks hit Japanese firms’ US subsidiaries | SC Media

Deloitte Responds After Ransomware Group Claims Data Theft - SecurityWeek

Anna Jaques Hospital ransomware breach exposed data of 300K patients

National Museum of the Royal Navy hit by cyber attack - Museums Association

Ransomware Disrupts Operations At Leading Heart Surgery Device Maker

Krispy Kreme admits there's a hole in its security • The Register

Phishing & Email Based Attacks

Businesses plagued by constant stream of malicious emails - Help Net Security

Phishing: The Silent Precursor to Data Breaches - SecurityWeek

A new report shows QR code phishing is on the rise | Security Magazine

Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering

Cyber criminals are using virtual hard drives to drop RATs in phishing attacks | TechRadar

European Police Disrupt Phone Phishing Gang with Arrests - Infosecurity Magazine

Eight Suspected Phishers Arrested in Belgium, Netherlands - SecurityWeek

Millionaire Airbnb Phishing Ring Busted Up by Police

Brand Impersonations Surge 2000% During Black Friday

Scam Kit Maker Rebuilding Business After Telegram Channel Shut Down - Security Boulevard

New Advanced Email Attack Warning Issued—5 Things To Know

Email security: Why traditional defences fall short in today's threat landscape

Fake Recruiters Distribute Banking Trojan via Malicious Apps in Phishing Scam

Businesses received over 20 billion spam emails this year | TechRadar

Phishing Scam Targets Ukrainian Defence Companies - Infosecurity Magazine

5 Email Attacks You Need to Know for 2025 | Abnormal

Business Email Compromise (BEC)/Email Account Compromise (EAC)

Understanding the Shifting Anatomy of BEC Attacks

Notorious Nigerian cyber criminal tied to BEC scams extradited to US | CyberScoop

Other Social Engineering

Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering

KnowBe4 Report Finds 44% of HR Professionals Have Encountered Fraudulent or Scam Job Applications - IT Security Guru

Vishing via Microsoft Teams Facilitates DarkGate Malware Intrusion | Trend Micro (US)

Cyber criminals Impersonate Dubai Police to Defraud Consumers in the UAE - Smishing Triad in Action

Hackers are posing as job recruiters to spread a dangerous banking trojan and steal your money — don’t fall for this | Tom's Guide

Spain busts voice phishing ring for defrauding 10,000 bank customers

Fake IT Workers Funnelled Millions to North Korea, DOJ Says - SecurityWeek

Artificial Intelligence

Generative AI's cyber security potential is clear, but so far it's given hackers the upper hand | ITPro

AI & cyber security to shape the tech landscape in 2025

Microsoft Recall caught capturing credit card and Social Security numbers despite reassurances it won't | Tom's Guide

AI is a gamble we cannot afford without cyber security

Compromised AI Library Delivers Cryptocurrency Miner via PyPI - Infosecurity Magazine

AI fakes, cyber attacks threaten German election – DW – 12/06/2024

Researchers Uncover Prompt Injection Vulnerabilities in DeepSeek and Claude AI

A Very Merry NISTmas: 2024 Updates to the Cyber Security and AI Framework | Ropes & Gray LLP - JDSupra

2FA/MFA

Microsoft Azure MFA Flaw Allowed Easy Access Bypass - Infosecurity Magazine

Microsoft MFA Bypassed via AuthQuake Attack  - SecurityWeek

No User Interaction, No Alerts: Azure MFA Cracked In An Hour

Researchers Crack Microsoft Azure MFA in an Hour

Snowflake Rolls Out Mandatory MFA Plan

Malware

Employee Visits to Adult or Gambling Sites Doubles | Newswise

Windows, macOS users targeted with crypto-and-info-stealing malware - Help Net Security

Cyber criminals are using virtual hard drives to drop RATs in phishing attacks | TechRadar

Vishing via Microsoft Teams Facilitates DarkGate Malware Intrusion | Trend Micro (US)

Cleo Patches Exploited Flaw as Security Firms Detail Malware Pushed in Attacks - SecurityWeek

Open source malware surged by 156% in 2024 | ITPro

Fake Recruiters Distribute Banking Trojan via Malicious Apps in Phishing Scam

Remcos RAT Malware Evolves with New Techniques - Infosecurity Magazine

More advanced Zloader malware variant emerges | SC Media

Hackers are posing as job recruiters to spread a dangerous banking trojan and steal your money — don’t fall for this | Tom's Guide

This devious new malware technique looks to hijack Windows itself to avoid detection | TechRadar

New stealthy Pumakit Linux rootkit malware spotted in the wild

RedLine info-stealer campaign targets Russian businesses

North Korean hackers target South Korea with Internet Explorer vulnerabilities to deploy RokRAT malware | TechRadar

Ongoing Phishing and Malware Campaigns in December 2024

Bots/Botnets

It’s Beginning To Look A Lot Like Grinch Bots

Mobile

Lookout Discovers New Spyware Deployed by Russia and China - Infosecurity Magazine

Gamaredon Deploys Android Spyware "BoneSpy" and "PlainGnome" in Former Soviet States

'EagleMsgSpy' Android Spyware Linked to Chinese Police

New Smartphone Warning—Forget What You’ve Been Told About Security

Chinese EagleMsgSpy Spyware Found Exploiting Mobile Devices Since 2017

Experts discovered the first mobile malware families linked to Russia's Gamaredon

Telegram founder Pavel Durov questioned in Paris court for first time: Report

Apple’s iPhone Hit By FBI Warning And Lawsuit Before iOS 18.2 Release

Denial of Service/DoS/DDoS

Europol Dismantles 27 DDoS Attack Platforms Across 15 Nations; Admins Arrested

Internet of Things – IoT

EU cyber security rules for smart devices enter into force | TechCrunch

DoD Digital Forensics: Unlocking Evidence In Cars, Wearables, And IoT

The EU Cyber Resilience Act: Enhancing Digital Security In The AI Era

Vulnerabilities in Skoda & Volkswagen Cars Let Hackers Remotely Track Users

Data Breaches/Leaks

Phishing: The Silent Precursor to Data Breaches - SecurityWeek

Deloitte Denies Breach, Claims Cyber-Attack Targeted Single Client - Infosecurity Magazine

Deloitte sues 3 partners who 'leaked secrets' to rival firm

Public Reprimands, an Effective Deterrent Against Data Breaches - Infosecurity Magazine

Salt Typhoon recorded 'very senior' US officials' calls • The Register

446,000 Impacted by Center for Vein Restoration Data Breach - SecurityWeek

Massive Data Breach Hits Senior Dating Website, Exposing Over 765,000 Users

Cyber security expert Abi Waddell hacked huntsmen to leak their names and addresses

Attackers can abuse the Windows UI Automation framework to steal data from apps | CSO Online

Cyber security Lessons From 3 Public Breaches

Over 300K Prometheus Instances Exposed: Credentials and API Keys Leaking Online

New Atrium Health data breach impacts 585,000 individuals

Thousands of children exposed in major data breach — including names, addresses and social security numbers | Tom's Guide

US Bitcoin ATM operator Byte Federal suffered a data breach

Organised Crime & Criminal Actors

Moody's: Hackers Aim for Big Payouts, Supply Chain Attacks

Recently Charged Scattered Spider Suspect Did Poor Job at Covering Tracks - SecurityWeek

Cyber crime gang arrested after turning Airbnbs into fraud centres

Russian government spies targeted Ukraine using tools developed by cyber criminals | TechCrunch

Emulating the Financially Motivated Criminal Adversary FIN7 – Part 1 - Security Boulevard

Alleged Scattered Spider hacker arrested, indicted | SC Media

Cyber security expert Abi Waddell hacked huntsmen to leak their names and addresses

Scam Kit Maker Rebuilding Business After Telegram Channel Shut Down - Security Boulevard

Cyber criminal marketplace Rydox seized in international law enforcement operation | CyberScoop

FBI Busts Rydox Marketplace with 7,600 PII Sales, Cryptocurrency Worth $225K Seized

He Investigates the Internet’s Most Vicious Hackers—From a Secret Location - WSJ

Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain

Windows, macOS users targeted with crypto-and-info-stealing malware - Help Net Security

Radiant links $50 million crypto heist to North Korean hackers

"CP3O" pleads guilty to multi-million dollar cryptomining scheme

North Korean Group UNC4736 Blamed for Radiant Capital Breach

Compromised AI Library Delivers Cryptocurrency Miner via PyPI - Infosecurity Magazine

US Bitcoin ATM operator Byte Federal suffered a data breach

Insider Risk and Insider Threats

Employee Visits to Adult or Gambling Sites Doubles | Newswise

Deloitte sues 3 partners who 'leaked secrets' to rival firm

How To Flip the Script on the Latest Insider Threat Trends

KnowBe4 Report Finds 44% of HR Professionals Have Encountered Fraudulent or Scam Job Applications - IT Security Guru

Insurance Worker Sentenced After Illegally Accessing Claimants’ Data - Infosecurity Magazine

7 types of insider threats | University of Strathclyde

Insurance

Lloyd's of London Launches First-of-its-kind Consortium Built on HITRUST Certification to Shape the Future of Cyber Insurance

How to make your clients less attractive to cyber criminals | Insurance Business America

Supply Chain and Third Parties

Moody's: Hackers Aim for Big Payouts, Supply Chain Attacks

Blue Yonder SaaS giant breached by Termite ransomware gang

Containers are a weak link in supply chain security

Lessons From the Largest Software Supply Chain Incidents

Cloud/SaaS

Hackers are exploiting a flaw in popular file-transfer tools to launch mass hacks, again | TechCrunch

Blue Yonder SaaS giant breached by Termite ransomware gang

Who handles what? Common misconceptions about SaaS security responsibilities - Help Net Security

Vishing via Microsoft Teams Facilitates DarkGate Malware Intrusion | Trend Micro (US)

Thousands of AWS credentials stolen from misconfigured sites • The Register

Cleo Patches Exploited Flaw as Security Firms Detail Malware Pushed in Attacks - SecurityWeek

Microsoft MFA Bypassed via AuthQuake Attack  - SecurityWeek

No User Interaction, No Alerts: Azure MFA Cracked In An Hour

Outages

Microsoft 365 outage takes down Office web apps, admin center

Facebook, Instagram, WhatsApp hit by massive worldwide outage

ChatGPT and Sora experienced a major outage | TechCrunch

Russian users report Gazprombank outages amid alleged Ukrainian cyber  attack | The Record from Recorded Future News

Encryption

Telegram founder Pavel Durov questioned in Paris court for first time: Report

Google says its breakthrough Willow quantum chip can’t break modern cryptography - The Verge

Apple’s iPhone Hit By FBI Warning And Lawsuit Before iOS 18.2 Release

Linux and Open Source

Open source malware surged by 156% in 2024 | ITPro

New stealthy Pumakit Linux rootkit malware spotted in the wild

Passwords, Credential Stuffing & Brute Force Attacks

Thousands of AWS credentials stolen from misconfigured sites • The Register

Over 300K Prometheus Instances Exposed: Credentials and API Keys Leaking Online

Hackers Target Global Sporting Events With Fake Domains To Steal Logins

Social Media

The EU Makes an Urgent TikTok Inquiry on Russia's Role in Romanian Election Turmoil - SecurityWeek

Federal Appeals Court Upholds Law Threatening US TikTok Ban - Infosecurity Magazine

Romania Cancels Presidential Election Results After Alleged Russian Meddling on TikTok

Massive Data Breach Hits Senior Dating Website, Exposing Over 765,000 Users

Training, Education and Awareness

Opinion: Why cyber security awareness is everyone's responsibility  | Calgary Herald

Regulations, Fines and Legislation

EU cyber security rules for smart devices enter into force | TechCrunch

The EU Makes an Urgent TikTok Inquiry on Russia's Role in Romanian Election Turmoil - SecurityWeek

Federal Appeals Court Upholds Law Threatening US TikTok Ban - Infosecurity Magazine

Why Americans must be prepared for cyber security’s worst | CyberScoop

The EU Cyber Resilience Act: Enhancing Digital Security In The AI Era

US Telco Security Efforts Ramp Up After Salt Typhoon

Experts Call for Overhaul of National Cyber Director Role

Cyprus financial sector gears up for stricter cyber security | Cyprus Mail

Models, Frameworks and Standards

The EU Cyber Resilience Act: Enhancing Digital Security In The AI Era

A Very Merry NISTmas: 2024 Updates to the Cyber Security and AI Framework | Ropes & Gray LLP - JDSupra

Understanding ISO 27001: The Backbone of Information Security Management: By Kajal Kashyap

Careers, Working in Cyber and Information Security

HR Magazine - Lock it in: How to close the cyber security training gap

What makes for a fulfilled cyber security career - Help Net Security

Law Enforcement Action and Take Downs

Recently Charged Scattered Spider Suspect Did Poor Job at Covering Tracks - SecurityWeek

Europol Dismantles 27 DDoS Attack Platforms Across 15 Nations; Admins Arrested

European Police Disrupt Phone Phishing Gang with Arrests - Infosecurity Magazine

Eight Suspected Phishers Arrested in Belgium, Netherlands - SecurityWeek

Spain busts voice phishing ring for defrauding 10,000 bank customers

Notorious Nigerian cyber criminal tied to BEC scams extradited to US | CyberScoop

Cyber criminal marketplace Rydox seized in international law enforcement operation | CyberScoop

Millionaire Airbnb Phishing Ring Busted Up by Police

"CP3O" pleads guilty to multi-million dollar cryptomining scheme

Telegram founder Pavel Durov questioned in Paris court for first time: Report

Horizon Post Office scandal: Police investigating dozens for perjury and perverting the course of justice | The Independent

Jersey police help disrupt multi-billion money laundering networks | Bailiwick Express

Misinformation, Disinformation and Propaganda

Romania Cancels Presidential Election Results After Alleged Russian Meddling on TikTok

AI fakes, cyber attacks threaten German election – DW – 12/06/2024


Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity

Cyber Warfare and Cyber Espionage

Keep cash at home due to cyber attack risks, Dutch Central Bank warns – The Irish Times

NATO Offensive cyber operations exercise Crossed Swords gets underway in Tallinn

Nation State Actors

China

Salt Typhoon recorded 'very senior' US officials' calls • The Register

Counterintelligence director reveals extent of damage from China telecom hacks - Washington Times

The EU Makes an Urgent TikTok Inquiry on Russia's Role in Romanian Election Turmoil - SecurityWeek

Federal Appeals Court Upholds Law Threatening US TikTok Ban - Infosecurity Magazine

How Chinese insiders exploit its surveillance state • The Register

Compromised Software Code Poses New Systemic Risk to US Critical Infrastructure

Chinese hackers use Visual Studio Code tunnels for remote access

US Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls

US Telco Security Efforts Ramp Up After Salt Typhoon

Why did China hack the world’s phone networks?

Chinese EagleMsgSpy Spyware Found Exploiting Mobile Devices Since 2017

US govt says Cisco gear often targeted in China's Salt Typhoon attacks on 8 telecommunications providers — issues Cisco-specific advice to patch networks to fend off attacks | Tom's Hardware

Romania Cancels Presidential Election Results After Alleged Russian Meddling on TikTok

As US finally details Chinese Salt Typhoon attack, FCC Chair proposes new rules for telcos

'EagleMsgSpy' Android Spyware Linked to Chinese Police

Russia

Lookout Discovers New Spyware Deployed by Russia and China - Infosecurity Magazine

Keep cash at home due to cyber attack risks, Dutch Central Bank warns – The Irish Times

The EU Makes an Urgent TikTok Inquiry on Russia's Role in Romanian Election Turmoil - SecurityWeek

Russian hacktivists target oil, gas and water sectors worldwide | SC Media

Suspected Russian hackers target Ukrainian defence enterprises in new espionage campaign | The Record from Recorded Future News

Russian government spies targeted Ukraine using tools developed by cyber criminals | TechCrunch

EU envoys to discuss first sanctions targeting Russian hybrid threats

Exploring Cyber-Darkness: How Moscow Undermines the West via the Dark Web | Geopolitical Monitor

NATO Offensive cyber operations exercise Crossed Swords gets underway in Tallinn

Gamaredon Deploys Android Spyware "BoneSpy" and "PlainGnome" in Former Soviet States

Ukraine Weighs Telegram Security Risks Amid War With Russia - The New York Times

Romania Exposes Propaganda Campaign Supporting Pro-Russian Candidate - Infosecurity Magazine

AI fakes, cyber attacks threaten German election – DW – 12/06/2024

Romania Cancels Presidential Election Results After Alleged Russian Meddling on TikTok

Experts discovered the first mobile malware families linked to Russia's Gamaredon

Threat hunting case study: Cozy Bear | Intel 471

Phishing Scam Targets Ukrainian Defence Companies - Infosecurity Magazine

Russia disconnects several regions from the global internet to test its sovereign net | TechRadar

Russia takes unusual route to hack Starlink-connected devices in Ukraine - Ars Technica

Russian users report Gazprombank outages amid alleged Ukrainian cyber attack | The Record from Recorded Future News

RedLine info-stealer campaign targets Russian businesses

North Korea

North Korea's fake IT worker scam hauled in $88 million • The Register

Radiant links $50 million crypto heist to North Korean hackers

North Korean Group UNC4736 Blamed for Radiant Capital Breach

North Korean hackers target South Korea with Internet Explorer vulnerabilities to deploy RokRAT malware | TechRadar


Tools and Controls

Who handles what? Common misconceptions about SaaS security responsibilities - Help Net Security

Security researchers set up an API honeypot to dupe hackers – and the results were startling | ITPro

Neglect of endpoints presents a major security gap for enterprises

Conquering the Complexities of Modern BCDR

Safe Handling of Data: Why Secrets Sprawl is a Risk - Security Boulevard

Why don’t security leaders get the funds they need to succeed? | SC Media

What is Cyber Threat Detection and Response? | UpGuard

US Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls

Bug bounty programs: Why companies need them now more than ever | CSO Online

Cyber Security Products or Platforms - Which is More Effective? - Security Boulevard

AI is a gamble we cannot afford without cyber security

Exposed APIs and issues in the world's largest organisations - Help Net Security

WAF Vulnerability in Akamai, Cloudflare, and Imperva Affected 40% of Fortune 100 Companies

Microsoft enforces defences preventing NTLM relay attacks - Help Net Security

Businesses struggle with IT security, Kaspersky reports

Unlocking the Value of DSPM: What You Need to Know - IT Security Guru

7 Must-Know IAM Standards in 2025

Mastering PAM to Guard Against Insider Threats - Security Boulevard

The Future of Network Security: Automated Internal and External Pentesting

How to Make the Case for Network Security Audits - Security Boulevard

Strengthening security posture with comprehensive cyber security assessments - Help Net Security

Three-Quarters of Security Leaders Admit Gaps in Hardware Knowledge - Infosecurity Magazine

Generative AI's cyber security potential is clear, but so far it's given hackers the upper hand | ITPro

TPM 2.0: The new standard for secure firmware - Help Net Security

How to Improve Your Cyber Security On a Lower Budget | Mimecast




Vulnerability Management

What Is an Application Vulnerability? 8 Common Types - Security Boulevard

Containers have 600+ vulnerabilities on average - Help Net Security

Vulnerabilities

Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability

SonicWall Patches 6 Vulnerabilities in Secure Access Gateway - SecurityWeek

Cleo Patches Exploited Flaw as Security Firms Detail Malware Pushed in Attacks - SecurityWeek

SAP Patches Critical Vulnerability in NetWeaver - SecurityWeek

Adobe Patches Over 160 Vulnerabilities Across 16 Products - SecurityWeek

Micropatching service releases fix for a zero-day vulnerability affecting three Windows generations | TechSpot

Apple Pushes Major iOS, macOS Security Updates - SecurityWeek

Apache issues patches for critical Struts 2 RCE bug • The Register

Security Flaws in WordPress Woffice Theme Prompts Urgent Update - Infosecurity Magazine

New Windows zero-day exposes NTLM credentials, gets unofficial patch

Unauthorized file access possible with chained Mitel MiCollab flaws | SC Media

New Windows Warning As Zero-Day With No Official Fix Confirmed For All Users

Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities

Microsoft Azure MFA Flaw Allowed Easy Access Bypass - Infosecurity Magazine

Multiple Ivanti CSA Vulnerabilities Let Attackers Bypass Admin Web Console Remotely

WAF Vulnerability in Akamai, Cloudflare, and Imperva Affected 40% of Fortune 100 Companies

QNAP Patches Vulnerabilities Exploited at Pwn2Own - SecurityWeek

OpenWrt supply chain attack scare prompts urgent upgrades • The Register

Atlassian, Splunk Patch High-Severity Vulnerabilities - SecurityWeek

AMD VM security tools can be bypassed, letting hackers infilitrate your devices, experts warn | TechRadar

Hunk Companion WordPress plugin exploited to install vulnerable plugins


Sector Specific

Industry specific threat intelligence reports are available.

Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.

·       Automotive

·       Construction

·       Critical National Infrastructure (CNI)

·       Defence & Space

·       Education & Academia

·       Energy & Utilities

·       Estate Agencies

·       Financial Services

·       FinTech

·       Food & Agriculture

·       Gaming & Gambling

·       Government & Public Sector (including Law Enforcement)

·       Health/Medical/Pharma

·       Hotels & Hospitality

·       Insurance

·       Legal

·       Manufacturing

·       Maritime & Shipping

·       Oil, Gas & Mining

·       OT, ICS, IIoT, SCADA & Cyber-Physical Systems

·       Retail & eCommerce

·       Small and Medium Sized Businesses (SMBs)

·       Startups

·       Telecoms

·       Third Sector & Charities

·       Transport & Aviation

·       Web3

Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.

Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.

You can also follow us on Facebook, Twitter and LinkedIn.

Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.

Previous
Previous

Black Arrow Cyber Threat Intelligence Briefing 20 December 2024

Next
Next

Black Arrow Cyber Advisory 11 December 2024 – Microsoft, Ivanti, Adobe, and Chrome Security Updates