Black Arrow Cyber Threat Intelligence Briefing 13 December 2024
Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Top Cyber Stories of the Last Week
Cyber Security Risks Rise During Mergers & Acquisitions
ReliaQuest’s analysis reveals heightened cyber security risks during mergers and acquisitions, with half of incidents stemming from threat actors exploiting potential security gaps, and the remainder from non-malicious employee issues. The manufacturing, finance and retail sectors were the hardest hit. One private equity CISO observed a 400% surge in phishing attempts post-M&A announcements. Key risks include phishing attacks, data leaks, and vulnerabilities due to legacy systems. ReliaQuest recommends proactive strategies like pre-due-diligence assessments, training, network segmentation, and unified logging to mitigate these risks and ensure smoother integration during M&As.
Ransomware Gangs’ Merciless Attacks Bleed Small Companies Dry
Ransomware attacks surged by 70% in 2023, hitting 4,611 reported incidents according to industry research, with one gang alone extorting an estimated $42 million. Around 80% of victims are small and medium-size organisations. Many rely on cyber security insurance with limits around £1 million, yet the median ransom soared to $6.5 million this year. This gap between insurance coverage and actual costs has driven some companies into administration. Experts warn that, although attackers often use unsophisticated techniques, they remain ruthless. Robust monitoring software, password protection and comprehensive incident response plans can provide critical defences against this escalating threat.
AI & Cyber Security to Shape the Tech Landscape in 2025
The tech landscape of 2025 will be defined by the growth of specialised AI solutions and evolving cyber security measures, according to sector leaders from Nutanix, Rubrik, Snowflake, Obsidian Security, ManageEngine, and Infoblox. Cloud-based AI agents will automate threat detection, but also heighten risks of data leaks and identity-based attacks. Industry-specific models will transform finance, healthcare, manufacturing, and hospitality, offering faster, more precise services. Organisations must enhance data access controls, involve all staff in cyber security, and align IT and business goals. Government regulations and platform-based strategies will play a critical role in supporting innovation and safeguarding operations.
Phishing: The Silent Precursor to Data Breaches
Phishing remains a silent precursor to destructive data breaches, accounting for 31% of cyber security incidents - outdone only by weak or compromised credentials and pretexting. By exploiting human psychology, phishing bypasses technological safeguards, enabling the theft of sensitive data and triggering large-scale cyber attacks. One major infrastructure breach was initiated through a phishing-driven compromise, underscoring the threat’s far-reaching impact. Organisations can reduce phishing risks by prioritising employee training, filtering malicious emails, and implementing multi-factor authentication. This multi-layered approach, combined with a strong incident response plan, is essential to help safeguard systems and protect sensitive information in the modern cyber threat landscape.
Business Cyber Understanding Gap Creates New Vulnerabilities
Cyber security insurance provider Resilience has found that many UK mid-to-large businesses lack a clear grasp of cyber security as a financial risk, despite 74% having experienced cyber crime. The survey of IT and financial leaders highlighted a worrying gap between media focus on data breaches (cited by 72% as their main worry) and the larger financial impact of ransomware (responsible for more than 80% of losses). Limited use of quantitative risk registries (54%) further hampers businesses’ ability to mitigate cyber threats.
Cyber Defence vs Cyber Resilience: Why It's Time to Prioritise Recovery
AI-driven cyber attacks are prevalent, with intruders able to remain undetected for months and most ransomware campaigns targeting backup repositories. This demands a shift from solely cyber defence to holistic cyber resilience. A strategy includes a robust backup approach, active monitoring, and an isolated recovery environment to ensure data remains clean and recoverable. Equally important is cross-functional collaboration between IT and security teams to flag and respond to breaches quickly. By prioritising recovery and resilience, organisations can maintain business operations, minimise downtime, and stay ahead of evolving cyber threats in today’s borderless IT landscape.
UK SMEs Are Concerned About Preparedness for Cyber Attacks as Fraud Rises
Online payment provider Mollie has reported that five and a half million UK SMEs lost an average of £10,800 to fraud this year, leaving nine in 10 C-Suite executives concerned about their survival. Fraud types included phishing (58%), refund scams (42%), account takeovers (30%) and carding attacks (23%). Firms spent around 15 days annually handling these threats, diverting critical resources from core operations. This underscores a growing need for effective cyber security measures that combat rising threats without stifling business growth. Mollie’s research highlights the importance of equipping smaller enterprises with balanced solutions to safeguard revenue and productivity, protecting them from ever-evolving forms of cyber attack.
Cyber Risk to Intensify in 2025 as Attackers Switch Tactics - Moody’s
According to Moody’s 2025 cyber security outlook, the threat environment is evolving as attackers target bigger businesses and harness AI for more potent attacks. Ransomware soared by 70% from 2022 to 2023, with ransom payments hitting a record $1.1 billion. Meanwhile, the share of victims paying ransoms is falling, driving cyber criminals to focus on larger organisations. Supply chain incidents are growing in parallel with the proliferation of AI-enabled scams and greater reliance on external providers. Moody’s recommends warns that robust risk assessments and improved cyber security measures, including passkeys, can help address these mounting challenges.
Companies Pull Leadership Bios from Their Websites After Insurance Executive’s Killing
Following the tragic shooting of a leading insurance executive in New York City, major health insurers have swiftly removed leadership bios from their websites. Archived versions of UnitedHealthcare, Anthem Blue Cross Blue Shield, and Elevance Health pages show these details were public until shortly after the incident. Faced with heightened security concerns, organisations are reinforcing protective measures, while private security firms report a surge in new business. This underscores an evolving risk landscape for senior leaders, prompting companies to carefully manage executive information online and reassess personal safety protocols.
Boardroom Risks Revealed in Latest Beazley Report
Beazley’s latest report highlights cyber security as the top boardroom concern, cited by 45% of executives. Regulatory compliance (41%) and ESG (35%) follow closely, yet 60% of respondents feel only moderately or poorly prepared for cyber attacks. ESG influences are expected to surge, with 68% foreseeing major board impact, but just 39% feel ready. The report urges proactive risk management, encouraging boards to strengthen internal expertise, invest in technology, and align governance strategies with shifting priorities.
Employee Visits to Adult or Gambling Sites Doubles Risk of Infection by Malware
According to new research, employees visiting gambling or adult sites can double the risk of malware infections, including coinminers, trojans, and hacking tools. Browsing illegal sites may increase malware threats by up to five times, while frequent visits to unknown websites also raise infection odds. By identifying how specific user behaviours relate to distinct malware types, organisations can tailor their cyber security defences accordingly. Governments might prioritise hacktools, whereas healthcare could focus on ransomware. Overall, the study suggests that targeted, behaviour-based cyber security measures can help organisations reduce risks cost-effectively for their unique threat profiles.
North Korea's Fake IT Worker Scam Hauled in at Least $88 Million Over Six Years
North Korea’s covert IT workforce has reportedly generated $88 million over six years by posing as remote tech professionals, according to the US Department of Justice. Hiding their true identities and locations, these “IT warriors” channel their earnings into Pyongyang’s coffers, while some leverage access privileges to steal proprietary data and extort employers. Even cyber security businesses have been duped. Authorities have uncovered over 130 participants, linked to firms in China and Russia. Officials warn the threat persists, with continued guidance on detecting the scam and a multimillion-dollar reward in place to disrupt North Korea’s illicit revenue streams.
Sources:
https://securitybrief.co.nz/story/cybersecurity-risks-rise-during-mergers-acquisitions
https://www.claimsjournal.com/news/national/2024/12/06/327772.htm
https://securitybrief.co.nz/story/ai-cybersecurity-to-shape-the-tech-landscape-in-2025
https://www.securityweek.com/phishing-the-silent-precursor-to-data-breaches/
https://www.emergingrisks.co.uk/business-cyber-understanding-gap-creates-new-vulnerabilities/
https://www.reinsurancene.ws/cyber-risk-to-intensify-in-2025-as-attackers-switch-tactics-moodys/
https://www.theregister.com/2024/12/13/doj_dpkr_fake_tech_worker_indictment/
Governance, Risk and Compliance
Cyber security risks rise during mergers & acquisitions
Boardroom risks revealed in latest Beazley report | Insurance Business America
Dear CEO: It’s time to rethink security leadership and empower your CISO | CSO Online
Moody's: Hackers Aim for Big Payouts, Supply Chain Attacks
We must adjust expectations for the CISO role - Help Net Security
Cyber defence vs cyber resilience: why it's time to prioritize recovery
Business cyber understanding gap creates new vulnerabilities
Cyber risk to intensify in 2025 as attackers switch tactics: Moody's - Reinsurance News
Cyber Security In The Digital Frontier: Reimagining Organisational Resilience
Charges Against CISOs Create Worries, Hope in Security Industry: Survey - Security Boulevard
The skills that cyber security leaders need
70 percent of cyber security leaders worry about personal liability
CISOs need to consider the personal risks associated with their role - Help Net Security
Cultivating a Hacker Mindset in Cyber Security Defence
Blackbaud Appoints Bradley Pyburn, Former Chief of Staff of US Cyber Command, to Board of Directors
Heed the warnings on cyber security threats - James McGachie
How to Improve Your Cyber Security On a Lower Budget | Mimecast
Threats
Ransomware, Extortion and Destructive Attacks
Ransomware Gangs’ Merciless Attacks Bleed Small Companies Dry
Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering
Cleo Vulnerability Exploitation Linked to Termite Ransomware Group - SecurityWeek
New Windows Drive-By Security Attack—What You Need To Know
What Do We Know About the New Ransomware Gang Termite?
Ransomware Victims
Blue Yonder SaaS giant breached by Termite ransomware gang
8Base hacked port operating company Luka Rijeka - Help Net Security
Separate ransomware attacks hit Japanese firms’ US subsidiaries | SC Media
Deloitte Responds After Ransomware Group Claims Data Theft - SecurityWeek
Anna Jaques Hospital ransomware breach exposed data of 300K patients
National Museum of the Royal Navy hit by cyber attack - Museums Association
Ransomware Disrupts Operations At Leading Heart Surgery Device Maker
Krispy Kreme admits there's a hole in its security • The Register
Phishing & Email Based Attacks
Businesses plagued by constant stream of malicious emails - Help Net Security
Phishing: The Silent Precursor to Data Breaches - SecurityWeek
A new report shows QR code phishing is on the rise | Security Magazine
Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering
Cyber criminals are using virtual hard drives to drop RATs in phishing attacks | TechRadar
European Police Disrupt Phone Phishing Gang with Arrests - Infosecurity Magazine
Eight Suspected Phishers Arrested in Belgium, Netherlands - SecurityWeek
Millionaire Airbnb Phishing Ring Busted Up by Police
Brand Impersonations Surge 2000% During Black Friday
Scam Kit Maker Rebuilding Business After Telegram Channel Shut Down - Security Boulevard
New Advanced Email Attack Warning Issued—5 Things To Know
Email security: Why traditional defences fall short in today's threat landscape
Fake Recruiters Distribute Banking Trojan via Malicious Apps in Phishing Scam
Businesses received over 20 billion spam emails this year | TechRadar
Phishing Scam Targets Ukrainian Defence Companies - Infosecurity Magazine
5 Email Attacks You Need to Know for 2025 | Abnormal
Business Email Compromise (BEC)/Email Account Compromise (EAC)
Understanding the Shifting Anatomy of BEC Attacks
Notorious Nigerian cyber criminal tied to BEC scams extradited to US | CyberScoop
Other Social Engineering
Black Basta Ransomware Evolves with Email Bombing, QR Codes, and Social Engineering
Vishing via Microsoft Teams Facilitates DarkGate Malware Intrusion | Trend Micro (US)
Cyber criminals Impersonate Dubai Police to Defraud Consumers in the UAE - Smishing Triad in Action
Spain busts voice phishing ring for defrauding 10,000 bank customers
Fake IT Workers Funnelled Millions to North Korea, DOJ Says - SecurityWeek
Artificial Intelligence
AI & cyber security to shape the tech landscape in 2025
AI is a gamble we cannot afford without cyber security
Compromised AI Library Delivers Cryptocurrency Miner via PyPI - Infosecurity Magazine
AI fakes, cyber attacks threaten German election – DW – 12/06/2024
Researchers Uncover Prompt Injection Vulnerabilities in DeepSeek and Claude AI
2FA/MFA
Microsoft Azure MFA Flaw Allowed Easy Access Bypass - Infosecurity Magazine
Microsoft MFA Bypassed via AuthQuake Attack - SecurityWeek
No User Interaction, No Alerts: Azure MFA Cracked In An Hour
Researchers Crack Microsoft Azure MFA in an Hour
Snowflake Rolls Out Mandatory MFA Plan
Malware
Employee Visits to Adult or Gambling Sites Doubles | Newswise
Windows, macOS users targeted with crypto-and-info-stealing malware - Help Net Security
Cyber criminals are using virtual hard drives to drop RATs in phishing attacks | TechRadar
Vishing via Microsoft Teams Facilitates DarkGate Malware Intrusion | Trend Micro (US)
Cleo Patches Exploited Flaw as Security Firms Detail Malware Pushed in Attacks - SecurityWeek
Open source malware surged by 156% in 2024 | ITPro
Fake Recruiters Distribute Banking Trojan via Malicious Apps in Phishing Scam
Remcos RAT Malware Evolves with New Techniques - Infosecurity Magazine
More advanced Zloader malware variant emerges | SC Media
This devious new malware technique looks to hijack Windows itself to avoid detection | TechRadar
New stealthy Pumakit Linux rootkit malware spotted in the wild
RedLine info-stealer campaign targets Russian businesses
Ongoing Phishing and Malware Campaigns in December 2024
Bots/Botnets
It’s Beginning To Look A Lot Like Grinch Bots
Mobile
Lookout Discovers New Spyware Deployed by Russia and China - Infosecurity Magazine
Gamaredon Deploys Android Spyware "BoneSpy" and "PlainGnome" in Former Soviet States
'EagleMsgSpy' Android Spyware Linked to Chinese Police
New Smartphone Warning—Forget What You’ve Been Told About Security
Chinese EagleMsgSpy Spyware Found Exploiting Mobile Devices Since 2017
Experts discovered the first mobile malware families linked to Russia's Gamaredon
Telegram founder Pavel Durov questioned in Paris court for first time: Report
Apple’s iPhone Hit By FBI Warning And Lawsuit Before iOS 18.2 Release
Denial of Service/DoS/DDoS
Europol Dismantles 27 DDoS Attack Platforms Across 15 Nations; Admins Arrested
Internet of Things – IoT
EU cyber security rules for smart devices enter into force | TechCrunch
DoD Digital Forensics: Unlocking Evidence In Cars, Wearables, And IoT
The EU Cyber Resilience Act: Enhancing Digital Security In The AI Era
Vulnerabilities in Skoda & Volkswagen Cars Let Hackers Remotely Track Users
Data Breaches/Leaks
Phishing: The Silent Precursor to Data Breaches - SecurityWeek
Deloitte Denies Breach, Claims Cyber-Attack Targeted Single Client - Infosecurity Magazine
Deloitte sues 3 partners who 'leaked secrets' to rival firm
Public Reprimands, an Effective Deterrent Against Data Breaches - Infosecurity Magazine
Salt Typhoon recorded 'very senior' US officials' calls • The Register
446,000 Impacted by Center for Vein Restoration Data Breach - SecurityWeek
Massive Data Breach Hits Senior Dating Website, Exposing Over 765,000 Users
Cyber security expert Abi Waddell hacked huntsmen to leak their names and addresses
Attackers can abuse the Windows UI Automation framework to steal data from apps | CSO Online
Cyber security Lessons From 3 Public Breaches
Over 300K Prometheus Instances Exposed: Credentials and API Keys Leaking Online
New Atrium Health data breach impacts 585,000 individuals
US Bitcoin ATM operator Byte Federal suffered a data breach
Organised Crime & Criminal Actors
Moody's: Hackers Aim for Big Payouts, Supply Chain Attacks
Recently Charged Scattered Spider Suspect Did Poor Job at Covering Tracks - SecurityWeek
Cyber crime gang arrested after turning Airbnbs into fraud centres
Russian government spies targeted Ukraine using tools developed by cyber criminals | TechCrunch
Emulating the Financially Motivated Criminal Adversary FIN7 – Part 1 - Security Boulevard
Alleged Scattered Spider hacker arrested, indicted | SC Media
Cyber security expert Abi Waddell hacked huntsmen to leak their names and addresses
Scam Kit Maker Rebuilding Business After Telegram Channel Shut Down - Security Boulevard
Cyber criminal marketplace Rydox seized in international law enforcement operation | CyberScoop
FBI Busts Rydox Marketplace with 7,600 PII Sales, Cryptocurrency Worth $225K Seized
He Investigates the Internet’s Most Vicious Hackers—From a Secret Location - WSJ
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Windows, macOS users targeted with crypto-and-info-stealing malware - Help Net Security
Radiant links $50 million crypto heist to North Korean hackers
"CP3O" pleads guilty to multi-million dollar cryptomining scheme
North Korean Group UNC4736 Blamed for Radiant Capital Breach
Compromised AI Library Delivers Cryptocurrency Miner via PyPI - Infosecurity Magazine
US Bitcoin ATM operator Byte Federal suffered a data breach
Insider Risk and Insider Threats
Employee Visits to Adult or Gambling Sites Doubles | Newswise
Deloitte sues 3 partners who 'leaked secrets' to rival firm
How To Flip the Script on the Latest Insider Threat Trends
Insurance Worker Sentenced After Illegally Accessing Claimants’ Data - Infosecurity Magazine
7 types of insider threats | University of Strathclyde
Insurance
How to make your clients less attractive to cyber criminals | Insurance Business America
Supply Chain and Third Parties
Moody's: Hackers Aim for Big Payouts, Supply Chain Attacks
Blue Yonder SaaS giant breached by Termite ransomware gang
Containers are a weak link in supply chain security
Lessons From the Largest Software Supply Chain Incidents
Cloud/SaaS
Blue Yonder SaaS giant breached by Termite ransomware gang
Who handles what? Common misconceptions about SaaS security responsibilities - Help Net Security
Vishing via Microsoft Teams Facilitates DarkGate Malware Intrusion | Trend Micro (US)
Thousands of AWS credentials stolen from misconfigured sites • The Register
Cleo Patches Exploited Flaw as Security Firms Detail Malware Pushed in Attacks - SecurityWeek
Microsoft MFA Bypassed via AuthQuake Attack - SecurityWeek
No User Interaction, No Alerts: Azure MFA Cracked In An Hour
Outages
Microsoft 365 outage takes down Office web apps, admin center
Facebook, Instagram, WhatsApp hit by massive worldwide outage
ChatGPT and Sora experienced a major outage | TechCrunch
Encryption
Telegram founder Pavel Durov questioned in Paris court for first time: Report
Google says its breakthrough Willow quantum chip can’t break modern cryptography - The Verge
Apple’s iPhone Hit By FBI Warning And Lawsuit Before iOS 18.2 Release
Linux and Open Source
Open source malware surged by 156% in 2024 | ITPro
New stealthy Pumakit Linux rootkit malware spotted in the wild
Passwords, Credential Stuffing & Brute Force Attacks
Thousands of AWS credentials stolen from misconfigured sites • The Register
Over 300K Prometheus Instances Exposed: Credentials and API Keys Leaking Online
Hackers Target Global Sporting Events With Fake Domains To Steal Logins
Social Media
The EU Makes an Urgent TikTok Inquiry on Russia's Role in Romanian Election Turmoil - SecurityWeek
Federal Appeals Court Upholds Law Threatening US TikTok Ban - Infosecurity Magazine
Romania Cancels Presidential Election Results After Alleged Russian Meddling on TikTok
Massive Data Breach Hits Senior Dating Website, Exposing Over 765,000 Users
Training, Education and Awareness
Opinion: Why cyber security awareness is everyone's responsibility | Calgary Herald
Regulations, Fines and Legislation
EU cyber security rules for smart devices enter into force | TechCrunch
The EU Makes an Urgent TikTok Inquiry on Russia's Role in Romanian Election Turmoil - SecurityWeek
Federal Appeals Court Upholds Law Threatening US TikTok Ban - Infosecurity Magazine
Why Americans must be prepared for cyber security’s worst | CyberScoop
The EU Cyber Resilience Act: Enhancing Digital Security In The AI Era
US Telco Security Efforts Ramp Up After Salt Typhoon
Experts Call for Overhaul of National Cyber Director Role
Cyprus financial sector gears up for stricter cyber security | Cyprus Mail
Models, Frameworks and Standards
The EU Cyber Resilience Act: Enhancing Digital Security In The AI Era
Understanding ISO 27001: The Backbone of Information Security Management: By Kajal Kashyap
Careers, Working in Cyber and Information Security
HR Magazine - Lock it in: How to close the cyber security training gap
What makes for a fulfilled cyber security career - Help Net Security
Law Enforcement Action and Take Downs
Recently Charged Scattered Spider Suspect Did Poor Job at Covering Tracks - SecurityWeek
Europol Dismantles 27 DDoS Attack Platforms Across 15 Nations; Admins Arrested
European Police Disrupt Phone Phishing Gang with Arrests - Infosecurity Magazine
Eight Suspected Phishers Arrested in Belgium, Netherlands - SecurityWeek
Spain busts voice phishing ring for defrauding 10,000 bank customers
Notorious Nigerian cyber criminal tied to BEC scams extradited to US | CyberScoop
Cyber criminal marketplace Rydox seized in international law enforcement operation | CyberScoop
Millionaire Airbnb Phishing Ring Busted Up by Police
"CP3O" pleads guilty to multi-million dollar cryptomining scheme
Telegram founder Pavel Durov questioned in Paris court for first time: Report
Jersey police help disrupt multi-billion money laundering networks | Bailiwick Express
Misinformation, Disinformation and Propaganda
Romania Cancels Presidential Election Results After Alleged Russian Meddling on TikTok
AI fakes, cyber attacks threaten German election – DW – 12/06/2024
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Keep cash at home due to cyber attack risks, Dutch Central Bank warns – The Irish Times
NATO Offensive cyber operations exercise Crossed Swords gets underway in Tallinn
Nation State Actors
China
Salt Typhoon recorded 'very senior' US officials' calls • The Register
Counterintelligence director reveals extent of damage from China telecom hacks - Washington Times
The EU Makes an Urgent TikTok Inquiry on Russia's Role in Romanian Election Turmoil - SecurityWeek
Federal Appeals Court Upholds Law Threatening US TikTok Ban - Infosecurity Magazine
How Chinese insiders exploit its surveillance state • The Register
Compromised Software Code Poses New Systemic Risk to US Critical Infrastructure
Chinese hackers use Visual Studio Code tunnels for remote access
US Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls
US Telco Security Efforts Ramp Up After Salt Typhoon
Why did China hack the world’s phone networks?
Chinese EagleMsgSpy Spyware Found Exploiting Mobile Devices Since 2017
Romania Cancels Presidential Election Results After Alleged Russian Meddling on TikTok
As US finally details Chinese Salt Typhoon attack, FCC Chair proposes new rules for telcos
'EagleMsgSpy' Android Spyware Linked to Chinese Police
Russia
Lookout Discovers New Spyware Deployed by Russia and China - Infosecurity Magazine
Keep cash at home due to cyber attack risks, Dutch Central Bank warns – The Irish Times
The EU Makes an Urgent TikTok Inquiry on Russia's Role in Romanian Election Turmoil - SecurityWeek
Russian hacktivists target oil, gas and water sectors worldwide | SC Media
Russian government spies targeted Ukraine using tools developed by cyber criminals | TechCrunch
EU envoys to discuss first sanctions targeting Russian hybrid threats
Exploring Cyber-Darkness: How Moscow Undermines the West via the Dark Web | Geopolitical Monitor
NATO Offensive cyber operations exercise Crossed Swords gets underway in Tallinn
Gamaredon Deploys Android Spyware "BoneSpy" and "PlainGnome" in Former Soviet States
Ukraine Weighs Telegram Security Risks Amid War With Russia - The New York Times
Romania Exposes Propaganda Campaign Supporting Pro-Russian Candidate - Infosecurity Magazine
AI fakes, cyber attacks threaten German election – DW – 12/06/2024
Romania Cancels Presidential Election Results After Alleged Russian Meddling on TikTok
Experts discovered the first mobile malware families linked to Russia's Gamaredon
Threat hunting case study: Cozy Bear | Intel 471
Phishing Scam Targets Ukrainian Defence Companies - Infosecurity Magazine
Russia disconnects several regions from the global internet to test its sovereign net | TechRadar
Russia takes unusual route to hack Starlink-connected devices in Ukraine - Ars Technica
RedLine info-stealer campaign targets Russian businesses
North Korea
North Korea's fake IT worker scam hauled in $88 million • The Register
Radiant links $50 million crypto heist to North Korean hackers
North Korean Group UNC4736 Blamed for Radiant Capital Breach
Tools and Controls
Who handles what? Common misconceptions about SaaS security responsibilities - Help Net Security
Security researchers set up an API honeypot to dupe hackers – and the results were startling | ITPro
Neglect of endpoints presents a major security gap for enterprises
Conquering the Complexities of Modern BCDR
Safe Handling of Data: Why Secrets Sprawl is a Risk - Security Boulevard
Why don’t security leaders get the funds they need to succeed? | SC Media
What is Cyber Threat Detection and Response? | UpGuard
US Charges Chinese Hacker for Exploiting Zero-Day in 81,000 Sophos Firewalls
Bug bounty programs: Why companies need them now more than ever | CSO Online
Cyber Security Products or Platforms - Which is More Effective? - Security Boulevard
AI is a gamble we cannot afford without cyber security
Exposed APIs and issues in the world's largest organisations - Help Net Security
WAF Vulnerability in Akamai, Cloudflare, and Imperva Affected 40% of Fortune 100 Companies
Microsoft enforces defences preventing NTLM relay attacks - Help Net Security
Businesses struggle with IT security, Kaspersky reports
Unlocking the Value of DSPM: What You Need to Know - IT Security Guru
7 Must-Know IAM Standards in 2025
Mastering PAM to Guard Against Insider Threats - Security Boulevard
The Future of Network Security: Automated Internal and External Pentesting
How to Make the Case for Network Security Audits - Security Boulevard
Strengthening security posture with comprehensive cyber security assessments - Help Net Security
Three-Quarters of Security Leaders Admit Gaps in Hardware Knowledge - Infosecurity Magazine
TPM 2.0: The new standard for secure firmware - Help Net Security
How to Improve Your Cyber Security On a Lower Budget | Mimecast
Other News
TfL cyber attack cost over £30m to date | Computer Weekly
50% Of M&A Security Issues Are Non-Malicious
Cyber Security In The Digital Frontier: Reimagining Organisational Resilience
Attackers can abuse the Windows UI Automation framework to steal data from apps | CSO Online
Microsoft enforces defences preventing NTLM relay attacks - Help Net Security
Businesses struggle with IT security, Kaspersky reports
IT pros say hackers could compromise device supply chain, firmware security | SC Media
Non-Human Identities: The Silent Threat - InfoRiskToday
The Big Question: Is the UK doing enough when it comes to cyber risks? - Emerging Risks Media Ltd
From Europe to South Africa: Where Is the World on Cyber Defence?
You Don’t Talk to Strangers, So Why Does Your Internet? | SC Media
Drowning in spam? Stop giving out your email address - do this instead | ZDNET
Heed the warnings on cyber security threats - James McGachie
Utility Companies Face 42% Surge in Ransomware Attacks - Infosecurity Magazine
Safeguarding Charities From Cyber Crime l Blog l Nelsons Solicitors
Vulnerability Management
What Is an Application Vulnerability? 8 Common Types - Security Boulevard
Containers have 600+ vulnerabilities on average - Help Net Security
Vulnerabilities
Microsoft Fixes 72 Flaws, Including Patch for Actively Exploited CLFS Vulnerability
SonicWall Patches 6 Vulnerabilities in Secure Access Gateway - SecurityWeek
Cleo Patches Exploited Flaw as Security Firms Detail Malware Pushed in Attacks - SecurityWeek
SAP Patches Critical Vulnerability in NetWeaver - SecurityWeek
Adobe Patches Over 160 Vulnerabilities Across 16 Products - SecurityWeek
Apple Pushes Major iOS, macOS Security Updates - SecurityWeek
Apache issues patches for critical Struts 2 RCE bug • The Register
Security Flaws in WordPress Woffice Theme Prompts Urgent Update - Infosecurity Magazine
New Windows zero-day exposes NTLM credentials, gets unofficial patch
Unauthorized file access possible with chained Mitel MiCollab flaws | SC Media
New Windows Warning As Zero-Day With No Official Fix Confirmed For All Users
Ivanti Issues Critical Security Updates for CSA and Connect Secure Vulnerabilities
Microsoft Azure MFA Flaw Allowed Easy Access Bypass - Infosecurity Magazine
Multiple Ivanti CSA Vulnerabilities Let Attackers Bypass Admin Web Console Remotely
WAF Vulnerability in Akamai, Cloudflare, and Imperva Affected 40% of Fortune 100 Companies
QNAP Patches Vulnerabilities Exploited at Pwn2Own - SecurityWeek
OpenWrt supply chain attack scare prompts urgent upgrades • The Register
Atlassian, Splunk Patch High-Severity Vulnerabilities - SecurityWeek
Hunk Companion WordPress plugin exploited to install vulnerable plugins
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.