coronavirus — Black Arrow Cyber Consulting

Black Arrow Cyber Threat Briefing 03 December 2021

-Double Extortion Ransomware Victims Soar 935%

-MI6 Boss: Digital Attack Surface Growing "Exponentially"

-How Phishing Kits Are Enabling A New Legion Of Pro Phishers

-Crooks Are Selling Access To Hacked Networks. Ransomware Gangs Are Their Biggest Customers

-Omicron Phishing Scam Already Spotted in UK

-Phishing Remains the Most Common Cause of Data Breaches, Survey Says

-Ransomware Victims Increase Security Budgets Due To Surge In Attacks

-Control Failures Are Behind A Growing Number Of Cyber Security Incidents

-MI6 Spy Chief Says China, Russia, Iran Top UK Threat List

Black Arrow AdminDecember 5, 2021cyber, cyber security, infosec, information security, guernsey, gfsc, regulated firms, financial services, aviation, accounting, law firms, legal sector, retail, online, cpni, mi5, ncsc, cisa, fbi, national cyber security centre, gchq, cert, cert.gg, nca, national crime agency, europol, interpol, enisa, nato, threat intel, threat intelligence, threat report, ransomware, executives, msp, mssp, cloud, open source, attack surface, hackers, criminals, dark web, remote code execution, rce, zero-day, databases, microsoft, windows, vulnerability, vulnerabilities, vulnerability management, patch management, patching, external it, fraud, bec, business email compromise, email, social engineering, phishing, spear-phishing, whaling, malware, encryption, fraudsters, scammers, scam, organised crime, criminal actor, criminal actors, supply chain, third parties, cryptocurrencies, cryptomining, apple, mac, macos, ios, iphone, android, iot, credentials, credential stuffing, denial of service, ddos, botnet, apt, china, russia, iran, north korea, ai, cyber warfare, espionage, insurance, cyber insurance, incident response, incident response plan, disaster recovery, disaster recovery plan, drp, business continuity, business continuity planning, insiders, staff, users, training, education and awareness training, education, awareness, human element, human centric security, human centric, weakest link, endpoint protection, antivirus, antimalware, wfh, work from home, dns, critical infrastructure, cni, rootkits, rootkit, shadow it, mi6, group-ib, double extortion ransomware, double extortion, richard moore, phishing kits, omicron, covid, coronavirus, nhs, pcr tests, lft tests, microsoft exchange, exchange server, cuba, cuba ransomware, yanluowng, planned parenthood, smart cities, thieflock, rtf, rtf template injection, emotet, malvertising, flubot, hp, hp printers, zoho, zoho manageengine, ubuntu, linux, panasonic, uk government, fine, badgerdao, defi, github, netlify, USB devices, air-gapped networks, zinc apt

Black Arrow Cyber Threat Briefing 14 May 2021

Black Arrow Cyber Threat Briefing 14 May 2021: Two Thirds Of CISOs Expect Damaging Cyber Attack In Next 12 Months; Ransomware - Don't Pay, It Just Shows Cyber Criminals That Attacks Work; Most Significant Cyber Attacks 2006-2020; The Shape Of Fraud And Cyber Crime, 10 Things We Learned From 2020; US Pipeline Ransomware Serves As Warning To Persistent Corporate Inertia Over Security; Ransomware Attackers Now Using Triple Extortion Tactics; AXA Pledges To Stop Reimbursing French Ransomware Victims; Cyber Experts Warn Over Online Wine Scams

Black Arrow AdminMay 14, 2021cyber, cyber security, infosec, information security, threat report, threat intel, ciso, ransomware, fraud, cyber crime, third party, third parties, software, fuel supplies, ot, ics, scada, critical infrastructure, colonial, triple extortion, extortion, axa, france, dystopia, wine, scams, cisa, energy sector, ryuk, students, mtr, privacy, piracy, foreign secretary, darkside, business email compromise, bec, phishing, smishing, ai, coronavirus, covid-19, email, ios, apple, trojan, windows, microsoft, troy hunt, patches, vulnerabilities, vulnerability management, adobe, adobe reader, wifi, frag attack, lemon duck, zero-day, rce, bulletproof hosting, criminals, rapid7, source code, russia, china, ncsc, cozy bear, spying, ddos, university, academia, mobile, gps, mfa, biden, executive order, healthcare, government, bots

Top Tips for Guernsey Businesses During the Second Coronavirus Lockdown, Cyber Tip Tuesday

Top Tips for Guernsey Businesses During the Second Coronavirus Lockdown, Cyber Tip Tuesday 26 January 2021

Black Arrow AdminJanuary 26, 2021coronavirus, covid, guernsey, lockdown, cyber, cyber security, information security, infosec, tip tuesday, video

Cyber Weekly Flash Briefing 31 July 2020: 386M user records stolen, Twitter spear-phishing, Garmin may have paid ransom, 27% of consumers hit with Covid19 phishing scams, Netflix phishing scam

Cyber Weekly Flash Briefing 31 July 2020: 386M user records stolen, Twitter says attack was spear-phishing, Criminals still exploiting COVID19, Netwalker ransomware, Garmin may have paid ransom, QNAP NAS devices infected, Hackers exploit networking vulns, 27% of consumers hit with pandemic-themed phishing scams, New Netflix phishing scam

Black Arrow AdminJuly 31, 2020cyber, cyber security, cyber crime, flash briefing, infosec, information security, users, data breach, twitter, spear-phishing, criminals, fbi, ncsc, ransomware, netwalker, hackers, netflix, phishing, consumers, garmin, nas, qnap, vulnerabilities, covid-19, coronavirus, networking, f5

Cyber Weekly Flash Briefing 19 June 2020: Widespread Office 365 phishing attacks, new cyber storm as businesses reopen, cyber spies use LinkedIn, largest ever DDoS attack, Ripple20 IoT vulns

Black Arrow AdminJune 20, 2020cyber, cyber security, infosec, information security, phishing, office 365, microsoft, microsoft 365, guernsey police, covid-19, coronavirus, spies, espionage, linkedin, google, google chrome, extensions, aws, ddos, ripple20, iot, netgear, mac, apple, malware

Cyber Weekly Flash Briefing 15 May 2020: Attacks on UK up 30% in Q1, 238% surge against banks, Microsoft fixes 111 vulns, Adobe patches 36 vulns, Thunderspy, 73m user records for sale on dark web

Cyber Weekly Flash Brief 08 May 2020: Predatory Cyber Criminals & Hostile States Target Uk, Ransomware Payments Up, New Phishing Attack, Remote Accounts Attacked, Legal Docs Exposed, Samsung Vulns

Cyber Weekly Flash Briefing 08 May 2020: Predatory cyber criminals & hostile states target UK, ransomware payments up, new phishing attack, remote accounts attacked, legal docs exposed, Samsung vulns

Black Arrow AdminMay 8, 2020cyber, infosec, information security, guernsey, nation state actors, criminals, coronavirus, phishing, senior executives, ransomware, legal, data breach, vulnerabilities, samsung, remote desktop, hackers, wordpress, cam4

Our latest article published in this month's Business Brief magazine - Coronavirus and Cyber Security

Black Arrow AdminApril 22, 2020guernsey, covid-19, coronavirus, published, cyber, cyber security, information security, infosec

Cyber Weekly Flash Briefing for 11 April 2020 – NCSC advisory on COVID activity, Travelex pays $2.3M ransom, Zoom tries to get better, Shadow IT risks, Unkillable Android malware, Bot traffic up

Black Arrow AdminApril 11, 2020flash briefing, guernsey, ransom, covid-19, coronavirus, ncsc, advisory, travelex, zoom, iot, botnet, bots, shadow it, android, mobile malware

Our Top Tips for Small Businesses During the Coronavirus Crisis

In collaboration with the new Guernsey Startup Hub these are our top tips for small businesses to help keep them secure online at this difficult time

Black Arrow AdminApril 7, 2020startup hub, guernsey, small business, smb, smbs, top tips, tip tuesday, video, covid-19, coronavirus

Cyber Weekly Flash Briefing 03 April 2020 – GFSC warn over increased fraud & cybercrime, attacks up 37% in a month, criminals sending USB devices in post, Zoom phishers register 2000 domains

Cyber Weekly Flash Briefing for 03 April 2020 – GFSC warns over increased risk of fraud and cyber crime, Attacks Up 37% over last month, criminals sending USB device in post, Zoom Phishers Register 2000 Domains in a Month, increase in DDoS attacks

Black Arrow AdminApril 3, 2020guernsey, flash briefing, covid-19, coronavirus, gfsc, europol, usb, phishing, voice assistants, iot, data breach, marriott, ransomware, ddos, zoom

Cyber Weekly Flash Briefing for 27 March 2020 – Half of UK firms suffer breach last year, COVID19 drives phishing up 667%, WHO targeted, Windows zero-day, ransom refuser’s data published online

Black Arrow AdminMarch 27, 2020guernsey, cyber, cyber security, infosec, information security, breaches, coronavirus, covid-19, zero-day, microsoft, espionage, ransomware, privacy, adobe, apt, home routers, soho

Maintaining Good Cyber Hygiene during the Coronavirus Crisis - Guernsey Press 24 March 2020

With more of us working from home in the coronavirus crisis, there is evidence of increasing attacks by cyber criminals who are exploiting those unaware of the risks, according to Tony Cleal, director of Guernsey’s Black Arrow Cyber Consulting BUSINESSES are making significant changes in response to the virus, including asking employees to work from home for the first time. These new practices have often been implemented as quickly as possible, with a priority on keeping the business operations going. At the same time, the cyber and information security consultants at Black Arrow are seeing reports from specialist intelligence and the wider media which show cyber criminals are feasting on the current chaos as they target employees and companies who let their guard down. ‘Cyber criminals usually target people, not technology, to get into their employer’s systems. Companies need to ensure they consider all the basic risks to prevent this, and implement layers of defence that start with the user. As an analogy, the easiest way for a criminal to get into someone’s home is to convince the resident to let them in, for example by pretending to repair an emergency gas leak. It doesn’t matter how good the window locks are, or how sophisticated the burglar alarm is; all they need to do is knock on the front door and be convincing. Thousands of coronavirus scam and malware sites are being created on a daily basis, and we see cyber criminals taking advantage of the crisis to get access to the organisation’s money and information’. That means companies and employees need to maintain good cyber hygiene when working from home, just as they do in the office. People behave differently at home, and are often less alert to information security risks than in the office. ‘We have seen Guernsey employees posting pictures on Facebook to show their new desk at home, but these pictures risk showing confidential documents on the table and screen. This is further evidence that cyber security is a business-wide risk that needs the aligned strength of people and culture, as well as business operations and technology’. Some smaller businesses consider cyber security to be more relevant for larger organisations. ‘Weakened defences will always be exploited, whether by biological viruses or malicious actors. 43% of cyber attacks hit smaller businesses, and a breach now on top of everything else would likely be catastrophic. Luckily, there are things you can do to protect yourself, even with limited resources; we can help ensure that the scarce money is spent wisely by addressing cyber security as a business-wide risk owned by the business leadership.’ Tony concluded: ‘Now more than ever, because of the disruption and changes to business practices, companies need to take appropriate steps to protect themselves against cyber-attacks. We are committed to helping improve cyber hygiene in Guernsey. This started when I used my experience in British Intelligence to lead the review of cyber security across the Bailiwick for the GFSC, which informed the forthcoming new standards. Now at Black Arrow we are reducing our prices during this crisis, to make cyber hygiene easier for all organisations; of course, charities and non-profits can continue to contact us for help free of charge.’ https://guernseypress.com/news/2020/03/24/maintaining-good-cyber-hygiene/