Black Arrow Cyber Threat Intelligence Briefing 17 January 2025
Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.
Executive Summary
This week, the EU’s Digital Operational Resilience Act (DORA) has come into effect, imposing stringent cyber security requirements on over 22,000 financial institutions. This regulation strengthens incident reporting, risk management, and IT third-party oversight, aiming to create a unified approach to mitigating ICT-related risks. As cyber security incidents are identified as the top business concern for 2025, organisations are urged to adopt holistic strategies that address interconnected risks like supply chain vulnerabilities, geopolitical tensions, and the increasing role of AI in threat landscapes.
Our selection of threat intelligence news this week shows how emerging threats highlight the need for enhanced resilience. Ransomware attacks reached record highs in 2024, with attackers weaponising disclosure rules and leveraging AI tools for sophisticated phishing and extortion tactics. SMEs face rising concerns over AI-driven risks, while hybrid working has expanded the corporate attack surface, necessitating adaptive security solutions. Meanwhile, geopolitical risks are complicating the global cyber landscape, driving NATO’s efforts to protect critical infrastructure, such as undersea cables essential for internet traffic and financial transactions.
To navigate this era of escalating complexity, organisations must prioritise proactive measures. These include integrating cyber resilience into business strategies, fostering a culture of security awareness, and addressing the often-overlooked emotional impact of cyber attacks on staff. Effective collaboration, innovation, and investment are critical to safeguarding operations and enabling sustained growth.
Top Cyber Stories of the Last Week
New EU Cyber Rules for Financial Institutions Came into Force on Friday 17 January
The EU's Digital Operational Resilience Act (DORA) came into effect on Friday, introducing stringent cyber security requirements for over 22,000 financial institutions, including banks, insurers, and investment firms. Designed to enhance resilience against severe disruptions such as cyber attacks, DORA mandates robust risk management, incident reporting, resilience testing, and oversight of IT third-party risks. It also encourages the sharing of cyber threat intelligence between firms to strengthen collective defences. The new framework aims to create a unified, cross-sectoral approach to mitigating Information and Communications Technology (ICT) related risks, setting strict standards to limit the impact of potential vulnerabilities.
Cyber Attacks Considered Top Business Concern for 2025: Allianz
The Allianz Risk Barometer highlights cyber incidents as the top global business risk for 2025, with 38% of respondents ranking it as their primary concern. Business interruption follows closely, exacerbated by events such as natural disasters, geopolitical instability, and cyber attacks, which increasingly disrupt supply chains. Climate change has risen to fifth place, reflecting its growing significance amid record-breaking global temperatures and extreme weather events in 2024, which caused insured losses exceeding $100 billion for the fifth consecutive year. The interconnected nature of risks underscores the need for holistic, resilient strategies to address evolving challenges.
How CISOs Can Elevate Cyber Security in Boardroom Discussions
Cyber security leaders must align their boardroom presentations with business priorities by highlighting the direct impact of security initiatives on revenue and customer confidence. Metrics like risk reduction trends, cost per incident, and ROI resonate well with non-technical audiences. Persistent challenges include limited board time, misconceptions about spending or certifications, and unclear ownership of security practices. Effective strategies include using concrete examples, such as improved customer experiences through streamlined authentication, and maintaining ongoing dialogue via executive committees or regular updates. This approach fosters deeper understanding and sustained support for security programs, framing them as enablers of business growth and resilience.
Cyber Security is Stepping into a New Era of Complexity
The World Economic Forum’s Global Cybersecurity Outlook 2025 highlights escalating complexity in cyber security driven by technological advances, geopolitical uncertainty, supply chain interdependencies, and a growing skills gap. Over half of large organisations cite supply chain vulnerabilities as a critical barrier to cyber resilience, while 66% predict AI will significantly impact cyber security by 2025, yet only 37% assess AI tool security before deployment. Regulatory fragmentation also challenges 76% of CISOs. Meanwhile, the cyber insurance market is forecast to double from $14 billion in 2023 to $29 billion by 2027, underscoring its growing role in managing cyber risks. The report calls for a shift from cyber security to cyber resilience, emphasising resource allocation.
Ransomware Victim Numbers Hit an All-Time High
Ransomware victim numbers reached a record high in 2024, with over 1,600 reported in Q4 alone, reflecting a 40% year-on-year increase in active threat groups, now totalling 88 globally. The US accounted for 52% of victims. Despite a surge in published vulnerabilities, averaging 110 per day, attackers predominantly exploited older ones. Law enforcement made notable gains, disrupting threat actors, but ransomware-as-a-service remains resilient. Effective risk mitigation in 2025 will depend on robust vulnerability management, attack surface awareness, and actionable intelligence.
The Current State of Ransomware: Weaponising Disclosure Rules and More
Ransomware remains a significant and evolving threat in 2025, with cyber criminals exploiting AI, legal frameworks, and geopolitical tensions to devastating effect. Phishing attacks, now enhanced by AI, have become highly personalised, increasing their success rates, while "living-off-the-land" techniques evade traditional defences. A striking development is the weaponisation of disclosure regulations, where ransomware groups leverage legal obligations to pressure victims. Attack rates continue to rise, with industries like healthcare and public administration heavily targeted. Recovery costs now average $2.73 million, more than double 2023 figures, highlighting the urgent need for proactive measures to mitigate these escalating risks.
The Top SME Security Worries for 2025
Smaller businesses are just as vulnerable to cyber security issues as larger ones, more so in some cases as they have fewer resources to devote to protection. Research by Six Degrees highlights that 35 percent of UK SMEs now view AI-driven threats as their top concern, surpassing malware, phishing, and ransomware. AI is amplifying risks, such as personalised phishing attacks, rather than introducing entirely new methods. The report warns that tools alone are insufficient; effective protection requires active management and integration into a broader organisational strategy.
What They Don’t Tell You About Cyber Attacks – the Emotional Impact on Staff
Cyber attacks often focus attention on financial and operational damage, but the emotional toll on staff involved in recovery is a critical yet overlooked aspect. Frontline employees frequently experience intense stress, fear of failure, isolation, and burnout during recovery efforts, with prolonged hours and high-pressure environments exacerbating these effects. Organisations must proactively support staff by ensuring clear communication, offering mental health resources, and recognising contributions. Addressing the emotional impact not only aids recovery but also strengthens team resilience and preparedness for future incidents.
The Hybrid Workforce Crisis: How it has Weakened Enterprise Security, and What to Do About It
The shift to hybrid working has significantly expanded the corporate attack surface, exposing organisations to heightened cyber security risks. An October 2024 report by the Institute for Critical Infrastructure Technology highlights key vulnerabilities, including unsecured home networks, weak passwords, and unmanaged personal devices. Traditional identity and access management systems struggle to cope, with adaptive solutions like continuous authentication proving essential. Third-party risks require dynamic, real-time monitoring, replacing outdated static assessments. Emerging technologies such as SD-WAN and behavioural biometrics can bolster security while enhancing user convenience. Strategic investment and fostering a culture of cyber security awareness are critical to safeguarding hybrid operations.
New Ransomware Group Uses AI to Develop Nefarious Tools
Check Point Research has identified a new ransomware group, FunkSec, which claims to have targeted 85 organisations in December 2024. FunkSec, a ransomware-as-a-service operation, uses AI-assisted tools to develop malware, enabling even low-skilled operators to create sophisticated attacks. Despite its claims, many of its leaked datasets are recycled from previous hacktivist campaigns, raising doubts about its impact. The group employs double extortion tactics and demands unusually low ransoms, sometimes as little as $10,000. FunkSec’s tools reflect limited technical expertise but showcase the growing use of AI in cyber attacks.
'Arson, Sabotage, Cyber Attacks': UK Enters New Era of Threats from Hostile States
The UK faces an escalating range of threats from hostile states, including cyber attacks, arson, and sabotage, with state-backed criminal groups increasingly adopting terrorist-like tactics. The UK’s Foreign, Commonwealth and Development Office reports a 50% rise in state threat investigations over the past year, highlighting the urgency of rebuilding lost expertise and capability. Cyber attacks, described as the “new normal,” have severely impacted public services, with incidents like the NHS cyber attack disrupting thousands of procedures and appointments. Experts stress the need for a coordinated, whole-of-society response to address these threats and adapt to an evolving global landscape.
NATO Launches New Mission to Protect Crucial Undersea Cables
NATO has launched "Baltic Sentry", a mission to enhance surveillance of the Baltic Sea following a rise in damage to critical undersea cables. The initiative will involve increased deployment of patrol aircraft, warships, and drones, with a focus on monitoring Russia's "shadow fleet." Over 95% of internet traffic and $10 trillion in daily financial transactions depend on undersea cables, making their protection vital. NATO leaders emphasised the potential for hostile intent behind recent incidents, noting that such damage is unlikely to be accidental.
Sources:
https://www.rte.ie/news/business/2025/0117/1491313-banks-cyber-rules/
https://www.reinsurancene.ws/cyber-attacks-considered-top-business-concern-for-2025-allianz/
https://www.helpnetsecurity.com/2025/01/16/ross-young-team8-cybersecurity-boardroom-discussions/
https://www.helpnetsecurity.com/2025/01/15/cybersecurity-complexity-era/
https://betanews.com/2025/01/16/ransomware-victim-numbers-hit-an-all-time-high/
https://securityintelligence.com/articles/the-current-state-of-ransomware-weaponizing-disclosure-rules/ [TC1]
https://betanews.com/2025/01/14/the-top-sme-security-worries-for-2025/
https://www.infosecurity-magazine.com/news/new-ransomware-group-uses-ai/
https://inews.co.uk/news/arson-sabotage-cyber-attacks-uk-threats-hostile-states-3481620
Governance, Risk and Compliance
Cyber attacks considered top business concern for 2025: Allianz - Reinsurance News
What they don’t tell you about cyber attacks – the emotional impact on staff | Computer Weekly
Cyber attacks, tech disruption ranked as top threats to business growth | CIO Dive
The top SME security worries for 2025
Geopolitics making cyber security challenges more complex: World Economic Forum - World - DAWN.COM
WEF Warns of Growing Cyber Inequity Amid Escalating Complexities - Infosecurity Magazine
Cyber security is stepping into a new era of complexity - Help Net Security
CISOs take on extra responsibilities
How CISOs can elevate cyber security in boardroom discussions - Help Net Security
A cyber-resilient culture: Key to adapting to evolving cyber threats - SiliconANGLE
Breaking the Cycle of Isolated Risk Management | MSSP Alert
Vigilance, Resilience, Flexibility as Keys to Countering Evolving Cyber Threats | Newswise
EU AI Act and NIS2 Directive 2025 Compliance Challenges
The Year Of Proactive Defence: Staying Ahead Of Threat Actors
Cyber Risk Quantification: Use Cases and Best Practices | MSSP Alert
73% of office workers say staff get blamed for cyber security incidents - survey
Threats
Ransomware, Extortion and Destructive Attacks
New Ransomware Group Uses AI to Develop Nefarious Tools - Infosecurity Magazine
The current state of ransomware: Weaponizing disclosure rules and more
85 Victims and Counting: What To Know About FunkSec Ransomware
‘Millions’ in taxpayer money paid to cyber criminals in recent years – minister | The Standard
US charges operators of cryptomixers linked to ransomware gangs
Ako Ransomware Abusing Windows API Calls To Detect Infected System Locations
New Ransomware Encrypts Amazon S3 Buckets Using SSE-C Encryption
New Amazon Ransomware Attack—‘Recovery Impossible’ Without Payment
Ransomware on ESXi: The Mechanization of Virtualized Attacks
Russian Nationals Indicted for Operating Cryptocurrency Mixers Linked to Cyber Crime
Ongoing Play Ransomware Attack—What You Need To Know
Ransomware Victims
£33m cost of cyber-attack revealed | News | Health Service Journal
Personal data compromised in Gateshead Council cyber attack | ITPro
UnitedHealth hid its Change Healthcare data breach notice for months | TechCrunch
OneBlood confirms personal data stolen in July ransomware attack
Phishing & Email Based Attacks
Phishing click rates tripled in 2024 despite user training | CSO Online
Beware of These Microsoft Teams Phishing Scams
This Phishing Attack Disables Your iPhone Security: Here's How to Protect Yourself
Google Search ads are being hacked to steal account info | TechRadar
Accelerated BlackBasta-like email attack examined | SC Media
Fancy Bear spotted using real Kazak government documents in spearpishing campaign | CyberScoop
Browser-Based Cyber-Threats Surge as Email Malware Declines - Infosecurity Magazine
Other Social Engineering
Scammers have a new phishing trick for iPhone users – here’s how to avoid falling victim | TechRadar
Cyber Criminals Use Fake CrowdStrike Job Offers to Distribute Malware - Infosecurity Magazine
Artificial Intelligence
New Ransomware Group Uses AI to Develop Nefarious Tools - Infosecurity Magazine
How AI will transform cyber security in 2025 - and supercharge cyber crime | ZDNET
85 Victims and Counting: What To Know About FunkSec Ransomware
Microsoft takes legal action against bad actors using AI for sophisticated exploitation - Neowin
Addressing the Security Risks of AI in the Cloud
Ensuring U.S. Security and Economic Strength in the Age of Artificial Intelligence | The White House
CyberCube predicts AI will amplify cyber attacks in 2025 - Reinsurance News
What Enterprises Need to Know About Agentic AI Risks
Microsoft AI Red Team says security work will never be done • The Register
AI hallucinations can pose a risk to your cyber security
CISA's AI Playbook Pushes For More Information Sharing
Second Biden cyber executive order directs agency action on fed security, AI, space | CyberScoop
EU AI Act and NIS2 Directive 2025 Compliance Challenges
Law Firm Leads 15,000 to Sue Google and Microsoft over AI Data - Infosecurity Magazine
Trump, Musk Discuss AI, Cyber Security With Microsoft CEO
2FA/MFA
Microsoft MFA outage blocking access to Microsoft 365 apps
MFA Failures - The Worst is Yet to Come
Malware
New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits
MikroTik botnet relies on DNS misconfiguration to spread malware
Browser-Based Cyber Threats Surge as Email Malware Declines - Infosecurity Magazine
WordPress Skimmers Evade Detection by Injecting Themselves into Database Tables
Fake LDAPNightmware exploit on GitHub spreads infostealer malware
Cyber Criminals Use Fake CrowdStrike Job Offers to Distribute Malware - Infosecurity Magazine
Microsoft: macOS bug lets hackers install malicious kernel drivers
Rootkit Malware Exploiting Zero-day Vunlerabilities to Control Linux Systems Remotely
Cyber Attackers Hide Infostealers in YouTube Comments
FBI wipes Chinese PlugX malware from over 4,000 US computers
Apple devices at risk after security researcher hacks ACE3 USB-C controller - SiliconANGLE
Bots/Botnets
MikroTik botnet uses misconfigured SPF DNS records to spread malware
IoT Botnet Linked to Large-scale DDoS Attacks Since the End of 2024 | Trend Micro (US)
Mobile
Mobile apps exploited to harvest location data on massive scale, hacked files reveal | TechSpot
This Phishing Attack Disables Your iPhone Security: Here's How to Protect Yourself
Researchers disclosed details of a now-patched Samsung zero-click flaw
Denial of Service/DoS/DDoS
IoT Botnet Linked to Large-scale DDoS Attacks Since the End of 2024 | Trend Micro (US)
Internet of Things – IoT
Homeowners are clueless about how smart devices collect their data - Help Net Security
GM settles charges it shared driver location data • The Register
IoT Botnet Linked to Large-scale DDoS Attacks Since the End of 2024 | Trend Micro (US)
Allstate car insurer sued for tracking drivers without permission
Data Breaches/Leaks
2024 US Healthcare Data Breaches: 585 Incidents, 180 Million Compromised User Records - SecurityWeek
Cyber Security Breaches Degrade Consumer Trust, but Apathy Rises - Security Boulevard
Telefonica Breach Hits 20,000 Employees and Exposes Jira Details - Infosecurity Magazine
Personal data stolen in cyber-attack on Gateshead Council - BBC News
60 Million Students and Teachers Targeted in PowerSchool Data Breach
GoDaddy Accused of Serious Security Failings by FTC - Infosecurity Magazine
Largest US addiction treatment provider notifies patients of data breach
OneBlood confirms personal data stolen in July ransomware attack
Prominent US law firm Wolf Haldenstein disclosed a data breach
Organised Crime & Criminal Actors
How AI will transform cyber security in 2025 - and supercharge cyber crime | ZDNET
The ‘Largest Illicit Online Marketplace’ Ever Is Growing at an Alarming Rate, Report Says | WIRED
The Wiretap: At $24 Billion In Sales, The Biggest Illicit Marketplace Ever Is On Telegram
How to protect yourself from the social media cyber crime boom - Digital Journal
The Insider Threat Digital Recruitment Marketplace - Security Boulevard
Online Gambling Unleashed Transnational Crime in Philippines (2)
Russian Nationals Indicted for Operating Cryptocurrency Mixers Linked to Cyber Crime
Pastor who saw crypto project in his "dream" indicted for fraud
Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain
US, Japan, South Korea Blame North Korean Hackers for $660M Crypto Heists - SecurityWeek
US govt says North Korea stole over $659 million in crypto last year
New Web3 attack exploits transaction simulations to steal crypto
US charges operators of cryptomixers linked to ransomware gangs
Cyber Criminals Use Fake CrowdStrike Job Offers to Distribute Malware - Infosecurity Magazine
Transaction simulation spoofing attack targets cryptocurrency wallets | SC Media
Russian Nationals Indicted for Operating Cryptocurrency Mixers Linked to Cyber Crime
Pastor who saw crypto project in his "dream" indicted for fraud
Insider Risk and Insider Threats
Phishing click rates tripled in 2024 despite user training | CSO Online
The Insider Threat Digital Recruitment Marketplace - Security Boulevard
Human Factors in Cyber Security in 2025 | UpGuard
Concern over staff blame for cyber breaches - survey
73% of office workers say staff get blamed for cyber security incidents - survey
Insurance
Cyber attacks considered top business concern for 2025: Allianz - Reinsurance News
Supply Chain and Third Parties
£33m cost of cyber-attack revealed | News | Health Service Journal
Cloud/SaaS
Hackers use FastHTTP in new high-speed Microsoft 365 password attacks
Google OAuth flaw lets attackers gain access to abandoned accounts
Beware of These Microsoft Teams Phishing Scams
Addressing the Security Risks of AI in the Cloud
Are Your Cloud Security Strategies Effective in 2025? | HackerNoon
New Ransomware Encrypts Amazon S3 Buckets Using SSE-C Encryption
New Amazon Ransomware Attack—‘Recovery Impossible’ Without Payment
4 Reasons Your SaaS Attack Surface Can No Longer be Ignored
Azure and M365 MFA outage leaves logins lost • The Register
Outages
Azure and M365 MFA outage leaves logins lost • The Register
What the 2024 CrowdStrike Glitch Can Teach Us About Cyber Risk
GitHub Git downtime caused by bad configuration update • DEVCLASS
Identity and Access Management
2025: The year of evolution in identity security
First Ever OWASP "Top 10 Non-Human Identities (NHI)" Released
Linux and Open Source
The Shifting Landscape of Open Source Security
Rootkit Malware Exploiting Zero-day Vunlerabilities to Control Linux Systems Remotely
Passwords, Credential Stuffing & Brute Force Attacks
Hackers use FastHTTP in new high-speed Microsoft 365 password attacks
Google OAuth flaw lets attackers gain access to abandoned accounts
A Deep Dive into ISO 27001 Password Requirements - Security Boulevard
Social Media
How to protect yourself from the social media cyber crime boom - Digital Journal
TikTok warns of broad consequences if Supreme Court allows ban | Reuters
'How to quit Facebook?' searches spike after Meta's fact-checking ban | ZDNET
Meta's fact-checking end raises concerns about disinformation
Cyber Attackers Hide Infostealers in YouTube Comments
The Looming Crisis: Meta, Misinformation, And Public Trust
TikTok, five other Chinese firms hit by EU privacy complaints | Reuters
Trump’s Truth Social Users Targeted by Rampant Scams Online - Infosecurity Magazine
European Privacy Group Sues TikTok and AliExpress for Illicit Data Transfers to China
Experts Unpack The Truth Behind TikTok’s Data Collection | HuffPost Life
'Free Our Feeds' campaign aims to billionaire-proof Bluesky’s tech | TechCrunch
Malvertising
Google Search ads are being hacked to steal account info | TechRadar
Training, Education and Awareness
Phishing click rates tripled in 2024 despite user training | CSO Online
Regulations, Fines and Legislation
New EU cyber rules for financial institutions from today
DORA Comes Into Force: Experts Weigh In On Its Impact And Opportunities
UK Considers Banning Ransomware Payment by Public Sector and CNI - SecurityWeek
The UK's Online Safety Act applies to Small Tech too • The Register
DORA Compliance Costs Soar Past €1m for Many UK and EU Businesses - Infosecurity Magazine
The EU Cyber Resilience Act - What You Need to Know | A&O Shearman - JDSupra
Biden signs executive order inspired by lessons from recent cyber attacks - Nextgov/FCW
EU AI Act and NIS2 Directive 2025 Compliance Challenges
Last-Minute Biden EO Reportedly Prompted By Chinese Cyber Attacks | MSSP Alert
Governments call for spyware regulations in UN Security Council meeting | TechCrunch
TikTok warns of broad consequences if Supreme Court allows ban | Reuters
New ‘cyber security’ law in Turkey could criminalize reporting on data leaks - Turkish Minute
Models, Frameworks and Standards
European finance readying itself for DORA implementation
DORA Compliance Costs Soar Past €1m for Many UK and EU Businesses - Infosecurity Magazine
New EU cyber rules for financial institutions from today
First Ever OWASP "Top 10 Non-Human Identities (NHI)" Released
The EU Cyber Resilience Act - What You Need to Know | A&O Shearman - JDSupra
A Deep Dive into ISO 27001 Password Requirements - Security Boulevard
Backup and Recovery
Backup technology explained: The fundamentals of enterprise backup | Computer Weekly
Careers, Working in Cyber and Information Security
Career Opportunities in Cyber Security: A Guide for Aspiring Professionals | BCS
Microsoft is Laying Off Employees Across its Sales, Security, and Gaming Divisions
ISC2 Cyber Security Workforce Study: Shortage of AI skilled workers
Law Enforcement Action and Take Downs
US charges operators of cryptomixers linked to ransomware gangs
FBI wipes Chinese PlugX malware from over 4,000 US computers
Russian Nationals Indicted for Operating Cryptocurrency Mixers Linked to Cyber Crime
Pastor who saw crypto project in his "dream" indicted for fraud
Misinformation, Disinformation and Propaganda
Meta's fact-checking end raises concerns about disinformation
The Looming Crisis: Meta, Misinformation, And Public Trust
'Free Our Feeds' campaign aims to billionaire-proof Bluesky’s tech | TechCrunch
Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity
Cyber Warfare and Cyber Espionage
'Arson, sabotage, cyber attacks': UK enters new era of threats from hostile states
‘Hybrid threats’, ‘grey zones’, ‘competition’, and ‘proxies’: When is it actually war?
Nation State Actors
China
US Telecom, Zero-Day Attacks Highlight Cyber Hygiene Need
China's UNC5337 Exploits a Critical Ivanti RCE Bug, Again
Salt Typhoon spies spotted on US govt networks before telcos • The Register
US has responded to Chinese-linked cyber attacks on telecoms firms, Sullivan says | Reuters
ISMG Editors: The Coming Battle Over Chinese Cyberthreats
Last-Minute Biden EO Reportedly Prompted By Chinese Cyber Attacks | MSSP Alert
Strengthening America’s Resilience Against the PRC Cyber Threats | CISA
Nato launches 'Baltic Sentry' mission to protect undersea cables - BBC News
China Targeted Foreign Investment, Sanctions Offices in Treasury Hack: Reports - SecurityWeek
As Tensions Mount With China, Taiwan Sees Surge in Attacks
FBI wipes Chinese PlugX malware from over 4,000 US computers
TikTok, five other Chinese firms hit by EU privacy complaints | Reuters
Experts Unpack The Truth Behind TikTok’s Data Collection | HuffPost Life
Chinese hackers accessed Yellen's computer in US Treasury breach, Bloomberg News reports | Reuters
TikTok warns of broad consequences if Supreme Court allows ban | Reuters
Chinese cyber-spies target CFIUS investigations • The Register
Russia
Russia Carves Out Commercial Surveillance Success
Nato launches 'Baltic Sentry' mission to protect undersea cables - BBC News
Russia-linked APT Star Blizzard targets WhatsApp accounts
Russian Cyberspies Caught Spear-Phishing with QR Codes, WhatsApp Groups - SecurityWeek
Ukraine’s PM discusses defence, cyber security, sanctions with Estonia’s Foreign Minister
Fancy Bear spotted using real Kazak government documents in spearpishing campaign | CyberScoop
Russia Targets Kazakhstan in Espionage Campaign
North Korea
US, Japan, South Korea Blame North Korean Hackers for $660M Crypto Heists - SecurityWeek
North Korean Hackers Targeting Freelance Software Developers - SecurityWeek
Treasury sanctions North Korea over remote IT worker schemes | CyberScoop
Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence
Governments call for spyware regulations in UN Security Council meeting | TechCrunch
How Barcelona became an unlikely hub for spyware startups | TechCrunch
Tools and Controls
Phishing click rates tripled in 2024 despite user training | CSO Online
What they don’t tell you about cyber attacks – the emotional impact on staff | Computer Weekly
How AI will transform cyber security in 2025 - and supercharge cyber crime | ZDNET
2025 Informed: Cyber Security and AI
How “right-sizing” cyber security initiatives can prevent data Loss | theHRD
Home Office rolls out cyber crime protections for data centres
How CTEM is providing better cyber security resilience for organisations
Backup technology explained: The fundamentals of enterprise backup | Computer Weekly
A cyber-resilient culture: Key to adapting to evolving cyber threats - SiliconANGLE
Breaking the Cycle of Isolated Risk Management | MSSP Alert
How CISOs Can Build a Disaster Recovery Skillset
Are Your Cloud Security Strategies Effective in 2025? | HackerNoon
Ransomware on ESXi: The Mechanization of Virtualized Attacks
What Security Leaders Get Wrong About Zero-Trust Architecture
First Ever OWASP "Top 10 Non-Human Identities (NHI)" Released
4 Reasons Your SaaS Attack Surface Can No Longer be Ignored
The AI Conundrum In Security: Why The Future Belongs To The Bold
How AI and ML are transforming digital banking security - Help Net Security
North Korean Hackers Targeting Freelance Software Developers - SecurityWeek
Hackers leak configs and VPN credentials for 15,000 FortiGate devices
What the 2024 CrowdStrike Glitch Can Teach Us About Cyber Risk
Cyber Risk Quantification: Use Cases and Best Practices | MSSP Alert
Risk, Reputational Scoring Services Enjoy Mixed Success
AI hallucinations can pose a risk to your cyber security
A Deep Dive into ISO 27001 Password Requirements - Security Boulevard
Balancing usability and security in the fight against identity-based attacks - Help Net Security
Remediation Times Drop Sharply as Cyber Hygiene Take Up Surges - Infosecurity Magazine
Enabling confident cyber resilience and recovery with CyberSense - SiliconANGLE
Cyber security on a shoestring: maximizing your ROI | TechRadar
Reports Published in the Last Week
Other News
The top SME security worries for 2025
US Telecom, Zero-Day Attacks Highlight Cyber Hygiene Need
Chrome Web Store is a mess | Almost Secure
UK Registry Nominet Breached Via Ivanti Zero-Day - Infosecurity Magazine
CNI Attacks: What to Expect in 2025 | SC Media UK
Nominet probes possible Ivanti zero-day exploit • The Register
EU To Launch Support Centre by 2026 to Boost Healthcare Cyber Security - Infosecurity Magazine
What's happening in the cyber security market? | Insurance Business America
The Year Of Proactive Defence: Staying Ahead Of Threat Actors
The rise of cyber attacks | Law Gazette
WEF Report Reveals Growing Cyber Resilience Divide Between Public and Private Sectors - SecurityWeek
The Cyber Security Risks Threatening The Automotive Industry, And How To Combat Them
Cyber attack forces Dutch university to cancel lectures | The Record from Recorded Future News
Aerospace Tech Week to put the spotlight on AI, autonomous aviation and cyber security
A humble proposal: The InfoSec CIA triad should be expanded - Help Net Security
Vulnerability Management
Vulnerability Remediation vs Mitigation: Which Strategy Wins in Cyber Security? - Security Boulevard
What 2024 taught us about security vulnerabilities - Help Net Security
Critical vulnerabilities remain unresolved due to prioritization gaps - Help Net Security
Vulnerabilities
Microsoft Patches Trio of Exploited Windows Hyper-V Zero-Days - SecurityWeek
Microsoft January 2025 Patch Tuesday fixes 8 zero-days, 159 flaws
China's UNC5337 Exploits a Critical Ivanti RCE Bug, Again
New UEFI Secure Boot Vulnerability Could Allow Attackers to Load Malicious Bootkits
Google Chrome 132 update fixes 16 unique security issues - gHacks Tech News
Fortinet Releases Security Updates for Multiple Products | CISA
Nvidia, Zoom, Zyxel Patch High-Severity Vulnerabilities - SecurityWeek
Ivanti Patches Critical Vulnerabilities in Endpoint Manager - SecurityWeek
Zero-Day Vulnerability in PDF Files Leaking NTLM Data in Adobe & Foxit Reader
Juniper Networks Fixes High-Severity Vulnerabilities in Junos OS - SecurityWeek
UK Registry Nominet Breached Via Ivanti Zero-Day - Infosecurity Magazine
Nominet probes possible Ivanti zero-day exploit • The Register
SAP Patches Critical Vulnerabilities in NetWeaver - SecurityWeek
Apple Patches Flaw That Allows Kernel Security Bypassing
Adobe Releases Security Updates for Multiple Products | CISA
Microsoft: macOS bug lets hackers install malicious kernel drivers
Windows BitLocker bug triggers warnings on devices with TPMs
New UEFI Secure Boot flaw exposes systems to bootkits, patch now
Debian 12.9 “Bookworm” Arrives with 72 Bug Fixes and 38 Security Updates - 9to5Linux
Google OAuth flaw lets attackers gain access to abandoned accounts
CISA Adds Second BeyondTrust Flaw to KEV Catalog Amid Active Attacks
Researchers disclosed details of a now-patched Samsung zero-click flaw
Microsoft 365 apps crash on Windows Server after Office update
Rootkit Malware Exploiting Zero-day Vunlerabilities to Control Linux Systems Remotely
Nvidia, Zoom, Zyxel Patch High-Severity Vulnerabilities - SecurityWeek
Sector Specific
Industry specific threat intelligence reports are available.
Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.
· Automotive
· Construction
· Critical National Infrastructure (CNI)
· Defence & Space
· Education & Academia
· Energy & Utilities
· Estate Agencies
· Financial Services
· FinTech
· Food & Agriculture
· Gaming & Gambling
· Government & Public Sector (including Law Enforcement)
· Health/Medical/Pharma
· Hotels & Hospitality
· Insurance
· Legal
· Manufacturing
· Maritime & Shipping
· Oil, Gas & Mining
· OT, ICS, IIoT, SCADA & Cyber-Physical Systems
· Retail & eCommerce
· Small and Medium Sized Businesses (SMBs)
· Startups
· Telecoms
· Third Sector & Charities
· Transport & Aviation
· Web3
Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.
Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.
You can also follow us on Facebook, Twitter and LinkedIn.
Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.