Black Arrow Cyber Threat Intelligence Briefing 14 March 2025
Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Summary
Black Arrow Cyber’s review of threat intelligence this week highlights that human error and susceptibility to social engineering remain at the heart of cyber security failures. A new report reveals that 95% of data breaches in 2024 were due to human mistakes, with just 8% of employees responsible for 80% of incidents. Despite widespread training efforts, a confidence gap persists: 86% of employees believe they can detect phishing scams, yet many still fall victim. Meanwhile, cyber criminals are deploying more sophisticated pretexting techniques, such as fake job offers, to exploit trust before launching attacks. The financial impact of phishing-related breaches now averages $4.88 million per incident.
Third-party access and unmonitored IoT devices also present major risks, with over half of UK firms experiencing a breach due to supplier access. The Akira ransomware gang recently exploited an unsecured webcam to bypass endpoint defences, highlighting the need for a more layered approach to cyber security. Additionally, AI-driven threats are accelerating, enabling criminals to automate cyber attacks and create deepfake scams, such as one that resulted in a $25 million theft.
Looking ahead, regulatory compliance pressures are mounting, with 86% of financial firms still unprepared for the EU’s DORA framework. Meanwhile, UK government officials warn of national cyber security vulnerabilities due to outdated systems and staffing shortages. Black Arrow Cyber believes that businesses must take a proactive stance, adopting zero-trust security, strengthening third-party risk management, and ensuring human resilience against evolving cyber threats.
Top Cyber Stories of the Last Week
95% of Data Breaches Tied to Human Error in 2024
A new report by Mimecast has found that human error was the primary cause of 95% of data breaches in 2024, with insider threats, credential misuse and user mistakes playing a major role. Just 8% of employees were responsible for 80% of incidents, highlighting a concentrated risk. Despite 87% of organisations providing regular cyber security training, concerns remain over employee fatigue and errors, particularly in handling email threats. While 95% of firms use AI for cyber defence, over half admit they are unprepared for AI-driven threats. Collaboration tools are an emerging risk, with 79% citing security gaps and 61% expecting a business impact from an attack in 2025.
Hackers Using Advanced Social Engineering Techniques with Phishing Attacks
Cyber criminals are refining their phishing tactics, moving beyond basic scams to sophisticated social engineering that builds trust before delivering malicious payloads. A report by security provider ESET highlights North Korea-aligned groups using elaborate pretexting, such as fake job offers, to lure victims. Verizon’s 2024 report found that 68% of breaches involved human error, with pretexting now surpassing traditional phishing in impact. IBM’s latest study estimates the average cost of a phishing-related breach at $4.88 million. Businesses must adopt a prevention-first approach, combining employee awareness training with multilayered security solutions to mitigate these increasingly deceptive cyber threats.
Confidence Gap in Cyber Security Leaves Businesses at Risk
New research by KnowBe4 highlights a concerning gap between employee confidence and actual ability to detect cyber threats. While 86% of employees believe they can spot phishing emails, nearly a quarter have fallen victim, with South Africa reporting the highest scam victimisation rate at 68%. The study of 12,000 employees across six countries found that confidence is often misplaced, leaving organisations vulnerable to evolving threats like AI-driven scams and deepfakes. Experts stress the need for scenario-based training and simulated phishing tests to close this gap, ensuring security awareness efforts translate into real-world cyber resilience.
Over Half of UK Organisations Experienced a Security Breach Resulting from Third-Party Access in the Past Year
More than half of UK organisations suffered a security breach linked to third-party access in the past year, surpassing the global average. A new study by Imprivata and the Ponemon Institute highlights that 47% see third-party remote access as their biggest attack surface. Despite growing awareness, weak security strategies persist, with only 58% implementing best practices. The most common consequences include data loss (54%), regulatory fines (49%), and severed vendor relationships (47%). With 65% expecting these breaches to increase, businesses must prioritise robust third-party risk management to mitigate ongoing threats.
Ransomware Gang Encrypted Network from a Webcam to Bypass Security Controls
The Akira ransomware gang exploited an unsecured webcam to bypass the victim’s endpoint detection and response (EDR) and encrypt the network. After initial access via a compromised remote access solution, the attackers deployed AnyDesk, stole data, and attempted to deploy ransomware, only to be blocked by EDR. They then pivoted to a vulnerable Linux-based webcam, to access and encrypt resources that were shared across the victim’s network undetected. The incident highlights the risks posed by unmonitored IoT devices and the need for strict network segmentation, regular firmware updates, and a layered security approach beyond EDR to mitigate evolving cyber threats.
Microsoft Reveals Over a Million PCs Hit by Malvertising Campaign
Microsoft has uncovered a large-scale malvertising campaign that has compromised over a million PCs, deploying infostealers to harvest sensitive data. The attack originated from illegal streaming sites, where users were redirected to malicious GitHub repositories hosting malware. Once installed, the malware gathered system details and exfiltrated login credentials, banking data, and cryptocurrency information. Microsoft took action by removing a number of repositories, but the malware was also hosted on other platforms like Dropbox and Discord. The attack affected a broad range of industries, demonstrating the indiscriminate nature of the threat.
How Cyber Attacks Affect Your Staff
Cyber attacks are now the leading cause of data loss and IT downtime for businesses, with over half of organisations surveyed in the 2024 Data Health Check reporting incidents in the past year. 37% of these cases led to job losses, highlighting the significant human impact. High-profile breaches have resulted in redundancies, pay freezes, and financial instability. Beyond financial losses, employees face uncertainty, stress, and reputational concerns. A robust cyber resilience strategy, combining training, incident response exercises, and clear crisis communication, is essential to minimising disruption and protecting staff, ensuring businesses can navigate cyber threats while maintaining operational stability.
UK Government Officials: The UK Is Unprepared and Vulnerable to Russian Cyber Attacks.
The UK Government is at critical risk of cyber attack due to years of underfunding, recruitment shortfalls, and outdated IT systems, senior officials have warned. A parliamentary probe found that one in three cyber security roles in government remains vacant, while nearly a quarter of legacy IT systems are at high risk of attack. Hostile states, particularly Russia and China, have intensified cyber warfare tactics, posing a substantial risk to government and critical services. Experts stress the urgent need for investment in cyber resilience, warning that failure to act could have severe national security and operational consequences.
Navigating AI-Powered Cyber Threats in 2025: 4 Expert Security Tips for Businesses
AI-powered cyber threats are evolving rapidly, with criminals using generative AI to create hyper-personalised phishing attacks, deepfake scams, and automated malware that adapts to defences in real-time. A recent case saw deepfake technology used to steal $25 million via fraudulent video conferencing. AI-driven cyber attacks operate autonomously, probing networks for weaknesses and bypassing traditional security measures. Experts stress the need for zero-trust security, training employees on AI driven threats, monitoring and regulating employee AI use and collaborating with AI and cyber security experts. Without proactive defences, organisations risk being outpaced by increasingly sophisticated attacks in 2025 and beyond.
86% of Financial Firms are Still Not Fully Compliant With DORA
The majority of financial firms are not compliant with the EU’s Digital Operational Resilience Act (DORA). 86% are yet to achieve full compliance despite the regulation coming into force in January 2025, and only 5% are fully confident in their compliance. Managing third-party vendors, a key part of DORA, is a challenge with 54% citing a lack of transparency as a significant risk. Without proper oversight, firms risk regulatory penalties and operational vulnerabilities. Organisations subject to the regulations should take immediate action through policy development, gap analysis, and targeted remediation plans.
The CISO as Business Resilience Architect
The role of the CISO is evolving beyond cyber defence to encompass business resilience. Regulatory scrutiny is intensifying, with personal accountability for breaches and increasing compliance demands stretching CISOs. Gartner predicts 45% will see their responsibilities expand beyond cyber security by 2027. Technical challenges persist, with 44% of CISOs unable to detect breaches using current tools, and AI integration adding complexity. Rather than fragmenting, the role is set to converge with enterprise architecture, embedding resilience into business strategy. With 24% of CISOs considering resignation, adapting to this shift is key to maintaining boardroom influence.
Data Breach at Japanese Telecom Giant NTT Hits 18,000 Companies
NTT Communications Corporation has disclosed a cyber security breach affecting nearly 18,000 corporate customers. Hackers infiltrated its Order Information Distribution System, exposing contract details, contact information, and service usage data. The breach was discovered on 5 February 2025, with access blocked the next day. However, further investigation revealed attackers had pivoted within the network, prompting containment actions. NTT has assured that personal customers were not impacted. This follows previous cyber security incidents, including a major DDoS attack in January and a 2020 breach, highlighting the persistent threats facing critical telecoms infrastructure.
Sources:
https://www.infosecurity-magazine.com/news/data-breaches-human-error/
https://cybersecuritynews.com/hackers-using-advanced-social-engineering-techniques/
https://informationsecuritybuzz.com/confidence-gap-in-cybersecurity-risk/
https://www.darkreading.com/cyberattacks-data-breaches/how-cyberattacks-affect-your-staff
https://inews.co.uk/news/uk-unprepared-vulnerable-russian-cyber-attacks-heres-why-3580126
https://www.darkreading.com/vulnerabilities-threats/ciso-business-resilience-architect
Governance, Risk and Compliance
Tech Complexity Puts UK Cyber Security at Risk - Infosecurity Magazine
The CISO as Business Resilience Architect
KnowBe4 Research Reveals a Confidence Gap in Cyber Security, Leaving Organisations at Risk
Why effective cyber security is a team effort | TechRadar
Cyber Security Challenges in Cross-Border Data Transfers and Regulatory Compliance Strategies
Threats
Ransomware, Extortion and Destructive Attacks
Ransomware gang encrypted network from a webcam to bypass EDR
Travelers reports rise in ransomware activity in Q4'24 Cyber Threat Report - Reinsurance News
Medusa Ransomware: FBI and CISA Urge Organisations to Act Now to Mitigate Threat | Tripwire
Medusa ransomware infects 300+, uses 'triple extortion' • The Register
Microsoft: North Korean hackers join Qilin ransomware gang
FIN7, FIN8, and Others Use Ragnar Loader for Persistent Access and Ransomware Operations
Ransomware poseurs are trying to extort businesses through physical letters | CyberScoop
'Spearwing' RaaS Group Ruffles Cyber Threat Feathers
Ransomware Groups Favour Repeatable Access Over Mass Exploits - Infosecurity Magazine
North Korea-linked APT Moonstone used Qilin ransomware in limited attacks
Ragnar Loader Toolkit Evolves Amid Increased Traction Among Threat Operations | MSSP Alert
New SuperBlack ransomware exploits Fortinet auth bypass flaws
Russian crypto exchange Garantex seized in international law enforcement operation | CyberScoop
Ransomware Victims
Many Schools Report Data Breach After Retirement Services Firm Hit by Ransomware - SecurityWeek
Two Rhysida healthcare attacks pwned 300K patients' data • The Register
82% of K-12 schools recently experienced a cyber incident | K-12 Dive
RansomHouse gang claims the hack of the Loretto Hospital in Chicago
More than 300,000 US healthcare patients impacted in suspected Rhysida cyber attacks | ITPro
Phishing & Email Based Attacks
Hackers Using Advanced Social Engineering Techniques With Phishing Attacks
Phishing campaign impersonating Booking.com targeting UK hospitality | The Standard
ICANN regains control of X account after phishing attack - Domain Name Wire | Domain Name News
US cities warn of wave of unpaid parking phishing texts
Other Social Engineering
Hackers Using Advanced Social Engineering Techniques With Phishing Attacks
Most AI voice cloning tools aren't safe from scammers, Consumer Reports finds | ZDNET
Consumer Reports calls out poor AI voice-cloning safeguards • The Register
AI-Powered Fraud: How Cyber Criminals Target Finance Teams—and How To Stop Them
How to spot and avoid AI-generated scams - Help Net Security
'Threat actor' has registered over 10k domains for smishing scams, cyber security firm says
How to Steer Clear of Smishing Scams | TIME
Trump Coins Used as Lure in Malware Campaign - SecurityWeek
Lazarus Group deceives developers with 6 new malicious npm packages | CyberScoop
US cities warn of wave of unpaid parking phishing texts
New YouTube Windows Attack Warning—Three Strikes And You’re Hacked
Artificial Intelligence
Majority of Orgs Hit by AI Cyber-Attacks as Detection Lags - Infosecurity Magazine
Most AI voice cloning tools aren't safe from scammers, Consumer Reports finds | ZDNET
The Invisible Battlefield Behind LLM Security Crisis - Security Boulevard
AI-Powered Fraud: How Cyber Criminals Target Finance Teams—and How To Stop Them
Beware of DeepSeek Hype: It’s a Breeding Ground for Scammers - SecurityWeek
4 expert security tips for navigating AI-powered cyber threats | ZDNET
How to spot and avoid AI-generated scams - Help Net Security
DeepSeek spits out malware code with a little persuasion • The Register
Worried about DeepSeek? Turns out, Gemini and other US AIs collect more user data | ZDNET
UK AI Research Under Threat From Nation-State Hackers - Infosecurity Magazine
Even premium AI tools distort the news and fabricate links - these are the worst | ZDNET
Malware
Update your Wi-Fi cameras, else malware could infect your network | PCWorld
Microsoft Says One Million Devices Impacted by Infostealer Campaign - SecurityWeek
Another top security camera maker is seeing devices hijacked into botnet | TechRadar
New threat uses fake CAPTCHA to infect systems with malware | TechSpot
New MassJacker Malware Targets Piracy Users, Hijacking Cryptocurrency Transactions
Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 Devices
Steganography Explained: How XWorm Hides Inside Images
Gone In 120 Seconds: TRUMP Coin Phishing Lure Delivers RAT
Binance Spoofers Compromise PCs in 'TRUMP' Crypto Scam
DeepSeek spits out malware code with a little persuasion • The Register
Lazarus Group deceives developers with 6 new malicious npm packages | CyberScoop
1,600 Victims Hit by South American APT's Malware - SecurityWeek
Bots/Botnets
Another top security camera maker is seeing devices hijacked into botnet | TechRadar
Unpatched Edimax Camera Flaw Exploited Since at Least May 2024 - SecurityWeek
Update your Wi-Fi cameras, else malware could infect your network | PCWorld
Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 Devices
Edimax Says No Patches Coming for Zero-Day Exploited by Botnets - SecurityWeek
Mobile
'Threat actor' has registered over 10k domains for smishing scams, cyber security firm says
How to Steer Clear of Smishing Scams | TIME
SIM Swapping Fraud Surges in the Middle East - Infosecurity Magazine
US cities warn of wave of unpaid parking phishing texts
Is your phone eavesdropping on you? Try NordVPN's simple test to find out | ZDNET
Denial of Service/DoS/DDoS
DNS DDoS: Downtime is just the tip of the iceberg | Total Telecom
Another top security camera maker is seeing devices hijacked into botnet | TechRadar
How to Survive Fast-and-Furious DDoS Microbursts
Update your Wi-Fi cameras, else malware could infect your network | PCWorld
Musk blames Ukrainians for cyber attack on X. Experts aren’t convinced. – POLITICO
X’s Attackers Hit Servers Faulted for Lacking Key Protection
Cyber Attack on X Hit Insecure Servers
The Real Reason Twitter Went Down Actually Sounds Pretty Embarrassing
Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 Devices
X hit by ‘massive cyber attack’ amid Dark Storm’s DDoS claims
What Really Happened With the DDoS Attacks That Took Down X | WIRED
X Outage Exposes Musk's Poor Digital Hygiene | HackerNoon
Elon Musk blaming Ukraine after Twitter cyber attack is ‘dangerous’, expert says | The Independent
Internet of Things – IoT
Hackers spotted using unsecured webcam to launch cyber attack | TechRadar
Update your Wi-Fi cameras, else malware could infect your network | PCWorld
‘Ban These Chinese Routers NOW,’ Cries House Committee - Security Boulevard
Another top security camera maker is seeing devices hijacked into botnet | TechRadar
Unpatched Edimax Camera Flaw Exploited Since at Least May 2024 - SecurityWeek
Car Exploit Allows You to Spy on Drivers in Real Time
Ballista Botnet Exploits Unpatched TP-Link Vulnerability, Infects Over 6,000 Devices
Edimax Says No Patches Coming for Zero-Day Exploited by Botnets - SecurityWeek
CISOs, are your medical devices secure? Attackers are watching closely - Help Net Security
Data Breaches/Leaks
95% of Data Breaches Tied to Human Error in 2024 - Infosecurity Magazine
Data breach at Japanese telecom giant NTT hits 18,000 companies
Two Rhysida healthcare attacks pwned 300K patients' data • The Register
New York sues Allstate and subsidiaries for back-to-back data breaches | CyberScoop
'Uber for nurses' exposes 86K+ medical records, PII • The Register
Australian financial firm hit with lawsuit after massive data breach | CSO Online
Software bug meant NHS information was potentially “vulnerable to hackers” | TechRadar
More than 23.7 Million Hardcoded Secrets Publicly Exposed In GitHub Last Year | MSSP Alert
Does the NHS have a security culture problem? • The Register
Organised Crime & Criminal Actors
Cyber Crime's Cobalt Strike Use Plummets 80% Worldwide
Texas Developer Convicted After Kill Switch Sabotage Plot - Infosecurity Magazine
New MassJacker Malware Targets Piracy Users, Hijacking Cryptocurrency Transactions
The Violent Rise of ‘No Lives Matter’ | WIRED
Russian crypto exchange Garantex seized in international law enforcement operation | CyberScoop
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
Ripple CEO Chris Larsen lost $150M in XRP after LastPass hack
US seizes $23 million in crypto stolen via password manager breach
EU investigates OKX for its role in Lazarus' $1.5 billion Bybit hack | Cryptopolitan
North Korean hackers cash out hundreds of millions from $1.5bn ByBit hack - BBC News
Why CFOs Considering Stablecoins, Crypto Need Cyber Security
Russian crypto exchange Garantex seized in international law enforcement operation | CyberScoop
North Korean hackers cash out $300 million from ByBit heist
MassJacker malware uses 778,000 wallets to steal cryptocurrency
Gone In 120 Seconds: TRUMP Coin Phishing Lure Delivers RAT
Insider Risk and Insider Threats
95% of Data Breaches Tied to Human Error in 2024 - Infosecurity Magazine
Employee charged with stealing unreleased movies, sharing them online
Developer sabotaged ex-employer IT systems with kill switch • The Register
Developer Convicted for Hacking Former Employer's Systems - SecurityWeek
Man found guilty of planting infinite loop logic bomb on ex-employer's system
Insurance
Cyber insurance becoming a key safeguard for SMEs: Report | Insurance Business America
Supply Chain and Third Parties
Data breach at Japanese telecom giant NTT hits 18,000 companies
Who’s in your digital house? The truth about third-party access - Help Net Security
Cyber criminals used vendor backdoor to steal almost $600,000 of Taylor Swift tickets | TechRadar
Cloud/SaaS
Cloud security gains overshadowed by soaring storage fees - Help Net Security
Hiding In Plain Sight: Cyber Criminals Take Advantage Of US Cloud Providers - Above the Law
'Uber for nurses' exposes 86K+ medical records, PII • The Register
Identity and Access Management
Machine Identities Outnumber Humans Increasing Risk Seven-Fold - Infosecurity Magazine
Encryption
UK quietly scrubs encryption advice from government websites | TechCrunch
France rejects controversial encryption backdoor provision | TechRadar
Legislative push for child online safety runs afoul of encryption advocates (again) | CyberScoop
Apple To Appeal Government Backdoor Order Friday | Silicon UK
Linux and Open Source
PoC Exploit Released for Actively Exploited Linux Kernel Write Vulnerability
UK Government Report Calls for Stronger Open Source Supply Chain Security Practices - SecurityWeek
Passwords, Credential Stuffing & Brute Force Attacks
Ripple CEO Chris Larsen lost $150M in XRP after LastPass hack
US seizes $23 million in crypto stolen via password manager breach
Social Media
Musk blames Ukrainians for cyber attack on X. Experts aren’t convinced. – POLITICO
X’s Attackers Hit Servers Faulted for Lacking Key Protection
The Real Reason Twitter Went Down Actually Sounds Pretty Embarrassing
X hit by ‘massive cyber attack’ amid Dark Storm’s DDoS claims
What Really Happened With the DDoS Attacks That Took Down X | WIRED
X Outage Exposes Musk's Poor Digital Hygiene | HackerNoon
ICANN regains control of X account after phishing attack - Domain Name Wire | Domain Name News
New YouTube Windows Attack Warning—Three Strikes And You’re Hacked
Malvertising
Microsoft reveals over a million PCs hit by malvertising campaign | TechRadar
GitHub-Hosted Malware Infects 1M Windows Users
Training, Education and Awareness
95% of Data Breaches Tied to Human Error in 2024 - Infosecurity Magazine
4 expert security tips for navigating AI-powered cyber threats | ZDNET
Regulations, Fines and Legislation
SEC cyber security disclosure rules, with checklist | TechTarget
UK quietly scrubs encryption advice from government websites | TechCrunch
Switzerland Mandates Cyber Reporting for Critical Infrastructure - Infosecurity Magazine
The risks of standing down: Why halting US cyber ops against Russia erodes deterrence | CSO Online
Balancing Cyber Security Accountability & Deregulation
‘Ban These Chinese Routers NOW,’ Cries House Committee - Security Boulevard
CISA completed its election security review. It won’t make the results public | CyberScoop
Ex-NSA vet slams reported halt to Russia cyber ops | Cybernews
White House instructs agencies to avoid firing cyber security staff, email says | KELO-AM
Cyber Security Challenges in Cross-Border Data Transfers and Regulatory Compliance Strategies
MS-ISAC loses federal support | StateScoop
Legislative push for child online safety runs afoul of encryption advocates (again) | CyberScoop
Apple To Appeal Government Backdoor Order Friday | Silicon UK
Models, Frameworks and Standards
NIST Finalizes Differential Privacy Rules to Protect Data
Cyber Essentials April 2025 Update: What you Need to Know
Backup and Recovery
Lessons from the Field, Part III: Why Backups Alone Won’t Save You - Security Boulevard
Future-Proofing Business Continuity: BCDR Trends and Challenges for 2025
Data Protection
NIST Finalizes Differential Privacy Rules to Protect Data
Careers, Working in Cyber and Information Security
Understaffed but still delivering -- the reality of cyber security teams
How remote work strengthens cyber security teams - Help Net Security
Managing the emotional toll cyber security incidents can take on your team | CSO Online
The Legacy of the Cyber Security Challenge | SC Media UK
UK’s infosec chiefs must be paid more than PM, say officials • The Register
Law Enforcement Action and Take Downs
US seizes $23 million in crypto stolen via password manager breach
Employee charged with stealing unreleased movies, sharing them online
Developer sabotaged ex-employer IT systems with kill switch • The Register
Texas Developer Convicted After Kill Switch Sabotage Plot - Infosecurity Magazine
Developer Convicted for Hacking Former Employer's Systems - SecurityWeek
Russian crypto exchange Garantex seized in international law enforcement operation | CyberScoop
Cyber criminals used vendor backdoor to steal almost $600,000 of Taylor Swift tickets | TechRadar
Man found guilty of planting infinite loop logic bomb on ex-employer's system
Misinformation, Disinformation and Propaganda
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
Europe, Don't Forget the Information War - CEPA
Nation State Actors
UK AI Research Under Threat From Nation-State Hackers - Infosecurity Magazine
China
Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits
Mandiant Uncovers Custom Backdoors on End-of-Life Juniper Routers - SecurityWeek
Salt Typhoon: A Wake-up Call for Critical Infrastructure
China's Volt Typhoon Hackers Dwelled in US Electric Grid for 300 Days - SecurityWeek
‘Ban These Chinese Routers NOW,’ Cries House Committee - Security Boulevard
UK AI Research Under Threat From Nation-State Hackers - Infosecurity Magazine
Beware of DeepSeek Hype: It’s a Breeding Ground for Scammers - SecurityWeek
Russia
The UK is unprepared and vulnerable to Russian cyber attacks. Here's why
The risks of standing down: Why halting US cyber ops against Russia erodes deterrence | CSO Online
The Geopolitical Fallout of a Potential US Cyber Stand-Down – The Diplomat
Europe, Don't Forget the Information War - CEPA
Ex-NSA vet slams reported halt to Russia cyber ops | Cybernews
Ukraine loses Signal support for anti-Russian cyber threat efforts, says official | SC Media
North Korea
Microsoft: North Korean hackers join Qilin ransomware gang
EU investigates OKX for its role in Lazarus' $1.5 billion Bybit hack | Cryptopolitan
North Korean hackers cash out hundreds of millions from $1.5bn ByBit hack - BBC News
Lazarus Group deceives developers with 6 new malicious npm packages | CyberScoop
Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence
SideWinder APT Targets Maritime, Nuclear, and IT Sectors Across Asia, Middle East, and Africa
1,600 Victims Hit by South American APT's Malware - SecurityWeek
Tools and Controls
Hackers spotted using unsecured webcam to launch cyber attack | TechRadar
95% of Data Breaches Tied to Human Error in 2024 - Infosecurity Magazine
How to safely dispose of old tech without leaving a security risk - Help Net Security
4 expert security tips for navigating AI-powered cyber threats | ZDNET
Lessons from the Field, Part III: Why Backups Alone Won’t Save You - Security Boulevard
Future-Proofing Business Continuity: BCDR Trends and Challenges for 2025
Threat Groups Using RMM Tools for Initial-Stage in Attacks | MSSP Alert
Defending against EDR bypass attacks - Help Net Security
Security operations centres are fundamental to cyber security — here’s how to build one | CSO Online
Other News
Tech Complexity Puts UK Cyber Security at Risk - Infosecurity Magazine
How Cyber Attacks Affect Your Staff
AI, 5G, and Fiber: The Telecom Infrastructure Boom No One’s Monitoring
Every Truth (And Lie) Told in Netflix's 'Zero Day,' Ranked | HackerNoon
Slow development of Irish maritime security strategy raises concerns
Zut Alors! Surge in Cyber Attacks Targeting France in 2024
Does the NHS have a security culture problem? • The Register
Vulnerability Management
Why Now is the Time to Adopt a Threat-Led Approach to Vulnerability Management
CISOs Connect Research Report on Cyber Security Debt Exposes Widespread Vulnerabilities
Balancing Cyber Security Accountability & Deregulation
Vulnerabilities
Thousands of Orgs Risk Zero-Day VM Escape Attacks
Microsoft Flags Six Active Zero-Days, Patches 57 Flaws: Patch Tuesday - SecurityWeek
Patch Tuesday: Critical Code Execution Bugs in Adobe Acrobat and Reader - SecurityWeek
Fortinet Patches 18 Vulnerabilities - SecurityWeek
Newly Patched Windows Zero-Day Exploited for Two Years - SecurityWeek
Google researchers uncover critical security flaw in all AMD Zen processors | TechSpot
Mass Exploitation of Critical PHP Vulnerability Begins - SecurityWeek
Top Bluetooth chip security flaw could put a billion devices at risk worldwide | TechRadar
SAP Patches High-Severity Vulnerabilities in Commerce, NetWeaver - SecurityWeek
CISA tags critical Ivanti EPM flaws as actively exploited in attacks
Apple Ships iOS 18.3.2 to Fix Already-Exploited WebKit Flaw - SecurityWeek
Critical PHP RCE vulnerability mass exploited in new attacks
Apple fixed the third actively exploited zero-day of 2025
Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits
Zoom Patches 4 High-Severity Vulnerabilities - SecurityWeek
PoC Exploit Released for Actively Exploited Linux Kernel Write Vulnerability
New SuperBlack ransomware exploits Fortinet auth bypass flaws
Cisco Patches 10 Vulnerabilities in IOS XR - SecurityWeek
Mozilla warns users to update Firefox before certificate expires
GitLab patches critical authentication bypass vulnerabilities
FreeType Zero-Day Being Exploited in the Wild - SecurityWeek
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.