Black Arrow Cyber Consulting
0

Blog

Our weekly Cyber Flash Briefing round up of top open source news and ‘Cyber Tip Tuesday’ videos

Posts tagged exchange
Black Arrow Cyber Threat Briefing 26 April 2024

Black Arrow Cyber Threat Intelligence Briefing 26 April 2024:

-Coalition Finds More Than Half of Cyber Insurance Claims Originate in the Email Inbox

-Unmasking the True Cost of Cyber Attacks: Beyond Ransom and Recovery

-Why Cyber Security Should Be Driving Your Enterprise Risk Management Strategy

-Ransomware Double-Dip - Re-Victimisation in Cyber Extortion

-AI is a Major Threat and Many Financial Organisations Are Not Doing Enough to Fight the Threat

-6 out of 10 Businesses Struggle to Manage Cyber Risk

-'Junk Gun' Ransomware: New Low-Cost Cyber Threat Targets SMBs

-Penetration Testing Infrequency Leaves Security Gaps

-Bank Prohibited from Opening New Accounts After Regulators Lose Patience With Poor Cyber Security Governance

-The Psychological Impact of Phishing Attacks on Your Employees

-Where Hackers Find Your Weak Spots

-The Role of Threat Intelligence in Financial Data Protection

-Government Cannot Protect Business and Services from Cyber Attack, Decision Makers Say

Read More
Black Arrow Adminm-trends, head of belgian affairs, belgium, .gov.uk, iso 27001, upguardinternational, leicester, sweden, cannes, copenhagen, coalition, fund transfer fraud, ftf, cybersecurity ventures, siliconangle, double-dip, cyber extortion, junk gun, sophos, penetration testing, pentest, egress, osint, socmint, adint, darkint, ai-int, open source intelligence, social media intelligence, advertising intelligence, dark web intelligence, ai intelligence, hellokitty, cd projeckt, cisco, cl0p, megazord, dragonforce, lockbit, change healthcare, unitedhealth, blackcat, undp, octapharma, octapharma plasma, red ransomware, targus, carpetright, lastpass, genai, chatgpt, gpt-4, owasp llm, mfa, multi-factor authentication, brokewell, gitlab, github, cdn flaw, gooseegg, guptiminer, toddycat, toddycat apt, escan, trend micro, interpol, grandoreiro banking trojan, grandoreiro, samurai stealer, seedworm, plugx, lazarus, kaloin rat, godfather, kyc database, at&t, world-check, labhost, cesiumastro, anysignal, cisco asa, munich re, e2ee, bcrypt, facebook, nis2, net neutrality, dell, brussels, pluralsight, arcanedoor, ivanti, fancy bear, windows print spooler, apt29, sandworm, poland, palo alto, palo alto firewalls, asa firewalls, ftd firewalls, magicdot, apt28, chrome, google, exchange, oracle, oracle virtualbox, forminator, wordpress, apache, crushftp, flowmon, zero trust, casb, estonia, nato, mandiant, richard horne, cali airport, cali, tallin, fcc, erm, enterprise risk management, la county, cyber solidarity act, csa, cookies, fsb, mitre, sd-wan, telemetry, black arrow cyber, black arrow, threat intelligence, ncsc, national cyber security centre, cpni, mi5, gchq, cert, nca, national crime agency, europol, enisa, five eyes, cyber, information security, it security, cyber warfare, russia, north korea, china, iran, sme, smb, british intelligence, national security, uk national security, military intelligence, mod, ministry of defence, police, law enforcement, ftse 100, ftse100, offshore financial services, gfsc, guernsey financial services commission, fortune 500, fortune500
Black Arrow Cyber Threat Briefing 23 February 2024

Black Arrow Cyber Threat Intelligence Briefing 23 February 2024:

-Despite Recent FBI Disruptions, a Rise in Ransomware Means 2024 Will be a Volatile Year for Cyber Security

-The Old, Not the New: Basic Security Issues Still the Biggest Threat to Enterprises

-Reevaluating Your Cyber Security Priorities

-Cyber Threat Environment at its Most Dangerous for SMBs, as Geopolitical Tenison, Extortion and Attacks Present Biggest Risks

-Legal Sector Grows as a Target, with Cyber Attacks on Law Firms Surging by Over a Third

-It’s Not Only Ransomware Seeing Huge Rises, Business Email Compromise (BEC) Attacks are Also Seeing a Huge Rise – is Your Business Prepared?

-Deepfake Phishing Grew by 3,000% in 2023, and it’s Just the Beginning

-Cyber Attacks are Getting Faster, More Common and More Successful, Although Detection is More Advanced Than Ever — New Report Signals the Threats to Businesses, Supply Chains, and Democracy

-Report Finds Malicious Emails Bypassing Secure Email Gateways Rose by 105%

-Rising Cyber Threats Identified Amongst Other Major Business Risks for 2024

-Huge Cyber Security Leak Lifts the Lid on China’s Hackers for Hire

-Fifth of British Kids Have Broken the Law Online

-Over 40% of Firms Struggle with Cyber Security Talent Shortage

Read More
Black Arrow Adminlockbit, ibm x-force, mimecast, crowdstrike, abnormal security, cofense, allianz, isoon, wechat, kaspersky, sec, barracuda, screenconnect, connectwise, alpha, akira, cisco, cisco anyconnect, knight ransomware, esentire, rhysida, medibank, revil, loandepot, prudential financial, cactus, schneider electric, dead mans fingers, chatgpt, github copilot, anatsa, google play, lucifer, apache hadoop, ssh-snake, voltschemer, malta, hungary, bosnia, cambridge university, wyze, bank of america, infosys, superbowl, tiktok, dora, avast, nis2, tag-70, basicstar, x, winter vivern, roundcube, turla, coalition, ivanti, exchange, gartner, vmware, solarwinds, chrome, joomla, qnap, wordpress, trufflehog, vipre, vsphere, netwalker, google chrome, eset, apple, black arrow cyber, black arrow, threat intelligence, osint, ncsc, national cyber security centre, cpni, mi5, gchq, cert, nca, national crime agency, europol, interpol, enisa, nato, cyber, information security, it security, cyber warfare, russia, north korea, china, iran, british intelligence, national security, uk national security, military intelligence, mod, ministry of defence, police, law enforcement, ftse 100, ftse100, offshore financial services, fortune 500, fortune500
Black Arrow Cyber Threat Briefing 03 September 2021

Black Arrow Cyber Threat Briefing 03 September 2021

-Ransomware Attacks Soar 288% in H1 2021

-Ransomware Costs Expected To Reach $265 Billion By 2031

-Brute Force Email Attacks and Account Takeover Attempts Rise 671%, Reaching Unprecedented Levels, Causing Financial And Reputational Damage

-Investigation Into Hacked "Map" Of UK Gun Owners

-Eight US Financial Services Firms Given Six-Figure Fines Over BEC Data Breaches

-Ransomware Has Been A ‘Game Changer’ For Cyber Insurance

-WhatsApp hit with $267 million GDPR fine for bungling user privacy disclosure

-Microsoft Warns About Open Redirect Phishing Campaign

Read More
Black Arrow Adminblack arrow, cyber, cyber security, infosec, information security, ransomware, cyber crime, brute force, hackers, guns, gun owners, financial services, insurance, cyber insurance, third parties, third party, supply chain, microsoft, open redirect, phishing, employees, bec, business email compromise, scammers, insider threats, lockfile, fbi, cisa, smart cities, cofense, passwords, gpus, graphics cards, amd, nvidia, cloud, azure, android, malware, npm, qnap, apple, meltdown, braktooth, bluetooth, cisco, proxytoken, exchange, atlassian, confluence, mozi, iot, botnet, tp-link, voip, cloudflare, ddos, zero trust, t-mobile, china, lockbit
Black Arrow Cyber Threat Briefing 27 August 2021

Black Arrow Cyber Threat Briefing 27 August 2021

-Cyber Crime Losses Triple To £1.3bn In 1h 2021

-New Ransomware Wake-Up Call

-22% Of Cyber Security Incidents In H1 2021 Were Ransomware Attacks

-Key Email Threats And The High Cost Of Business Email Compromise

-Microsoft Warns Thousands Of Cloud Customers Of Exposed Databases

-58% Of IT Leaders Worried Their Business Could Become A Target Of Rising Nation State Attacks

-Cyber Insurance Market Encounters ‘Crisis Moment’ As Ransomware Costs Pile Up

Read More
Black Arrow Adminblack arrow, cyber, cyber security, cyber crime, infosec, information security, gfsc, ransomware, insurance, cyber insurance, email, business email compromise, bec, nation state actors, apt, microsoft, cloud, saas, exchange, proxyshell, phishing, scammers, fraud, malware, linux, vulnerabilities, vishing, mozi, sidewalk, shadowpad, joker malware, pegasus, f5, routers, iot, openssl, rce, vmware, atlassian, confluence, ryzen, amd, cisa, realtek, opda, guernsey, data protection, nokia, t-mobile, cryptocurrencies, insiders, dark web, botnet, ics, scada, cni, nso, razer, fbi
Black Arrow Cyber Threat Briefing 13 August 2021

Black Arrow Cyber Threat Briefing 13 August 2021:

-SMBs Increasingly Vulnerable To Ransomware, Despite The Perception They Are Too Small To Target

-440% Increase In Phishing

-Users Can Be Just As Dangerous As Hackers

-With Crime-As-A-Service, Anyone Can Be An Attacker

-Move To Cloud Creating Security Blindspots

-Connected Devices Increasingly At Risk Of Ransomware Attacks

-Ransomware Payments Explode Amid ‘Quadruple Extortion’

-Accenture Hit With $50M Ransomware

Read More
Black Arrow Admincyber, cyber security, infosec, information security, black arrow, gfsc, smbs, smb, ransomware, target, users, staff, insiders, crime-as-a-service, hackers, cloud, aws, azure, iot, connected devices, pii, dark web, criminal marketplace, critical infrastructure, ai, phishing, discord, malware, fraud, microsoft, patching, iispy, synology, 5g, android, facebook, dns, cisco, exchange server, exchange, updates, exploited, rce, mssp, kindle, amazon, defi, gigabyte, golang, ddos, rddos, ransom, extortion, russia, spying, iis, un, human rights, spyware, healthcare, bots, quantum computing, encryption, kaseya
Black Arrow Cyber Threat Briefing 30 July 2021

Black Arrow Cyber Threat Briefing 30 July 2021: Many Workers Ignore Security Risks To Maximize Productivity; Financial Services Accounting For Nearly 40% Of All Phishing URLs; Half Of Organisations Are Ineffective At Countering Phishing And Ransomware Threats; 36% Of Organisations Suffered A Serious Cloud Security Data Leak Or A Breach In The Past Year; HP Finds 75% Of Threats Were Delivered By Email In First Six Months Of 2021

Read More
Black Arrow Admincyber, cyber security, infosec, information security, black arrow, gfsc, workers, staff, financial services, countermeasures, cloud, hp, email, vulnerabilities, remote working, remote workers, wfh, babuk, ransomware, blackmatter, lockbit, fbi, social engineering, malware, fin7, cisco, solarmarker, windows 11, lemonduck, discord, japan, olympics, android, ubel, ntlm, vpn, web applications, hackers, windows 10, petitpotam, apple, ios, macos, kaseya, linux, data breaches, gun owners, clubhouse, threat actors, tools, dark web, ddos, china, apt, exchange, spearphishing, spear-phishing, phishing, punkspider
Black Arrow Cyber Threat Briefing 21 May 2021

Black Arrow Cyber Threat Briefing 21 May 2021: Ransomware Attacks Are Spiking. Is Your Company Prepared?; Ban Ransom Payments To Hackers, Urges Ex-GCHQ Boss; How Penetration Testing Can Promote A False Sense Of Security; Ransomware’s New Swindle - Triple Extortion; ‘It’s A Battle, It’s Warfare’ - Experts Seek To Defeat Ransomware Attackers; 5 Reasons Why Enterprises Need Cyber Security Awareness And Training; 10 Emerging Cyber Security Trends To Watch In 2021

Read More
Black Arrow Admincyber, cyber security, threat intel, threat report, infosec, information security, ransom, ransomware, extortion, triple extortion, warfare, colonial, ics, trends, penetration testing, pentesting, darkside, microsoft, rdp, amazon, amazon ring, surveillance, insurance, cyber insurance, axa, ofwat, phishing, autohotkey, malware, fraudsters, fin7, backdoor, bizarro, flubot, eufycam, iot, camera, vulnerabilities, mobile, android, poc, proof of concept, rce, remote code execution, exploit, http, qnap, doorbells, apple, apple airtags, elon musk, cryptocurrencies, fraud, rapid7, supply chain, keksec, cloud, privacy, ddos, ai, artificial intelligence, solarwinds, exchange, covid
Black Arrow Cyber Threat Briefing 07 May 2021

Black Arrow Cyber Threat Briefing 07 May 2021: New Technology Has Enabled Cyber-Crime On An Industrial Scale; Cyber Security Control Failures Listed As Top Emerging Risk; Third Parties Caused Data Breaches At 51% Of Organisations; Apple Devices Under Attack, Update Now; Ransomware Reality Shock - 92% Who Pay Do Not Get Their Data Back; New Vulnerabilities Impact 60% Of Email Servers; Big Rise In Double Extortion Ransomware; Millions At Security Risk From Old Routers; 30% Of All Smartphones Vulnerable To New Bug

Read More
Black Arrow Adminthreat intel, threat report, cyber, cyber security, infosec, information security, cyber crime, criminals, ransomware, third parties, data breaches, kyc, aml, cft, email, exchange, exim, mental health, therapists, smart phones, vulnerabilities, qualcomm, cloud, swiss cloud, babuk, phishing, pingback, android, buer, rust, malware, dell, firmware, pulse vpn, microsoft, python, amazon, fake reviews, iran, china, rootkit, nation state actors, apt, ddos, romance fraud, healthcare, health sector, tesla, flying drone, penetration testing, flash, peleton
Black Arrow Cyber Threat Briefing 23 April 2021

Black Arrow Cyber Threat Briefing 23 April 2021: Cyber Attacks Rise For Businesses, Pushing Many To The Brink; MI5 Warns Of Spies Using LinkedIn To Trick Staff; Sonicwall Warns Customers To Patch 3 Zero-Days Exploited In The Wild; FBI Removed Backdoors From Vulnerable Exchange Servers, Not Everyone Likes The Idea; Pulse Secure VPN Zero-Day Used To Hack Defense Firms & Govt Orgs; Solarwinds Hack Could Cost Insurance Firms $90M; Mount Locker Ransomware Aggressively Changes Up Tactics; QR Codes Offer Easy Cyber Attack Avenues as Usage Spikes

Read More
Black Arrow Admincyber, cyber security, infosec, information security, threats, threat report, threat intel, mi5, espionage, social media, social engineering, fbi, linkedin, sonicwall, vulnerabilities, vulnerability management, zero-day, exploited, backdoor, exchange, pulse vpn, solarwinds, insurance, cyber insurance, ransomware, mount locker, qr, google, google alerts, university, academia, discord, phishing, office 365, microsoft, malware, apple, rce, remote code execution, iot, google chrome, qnap, nas, cisco, firefox, codecov, dating site, privacy, data breach, fin7, natwest, cryptocurrencies, supply chain, telegram, japan, china, apt, nation state actors, huawei, ddos, telecoms, GCHQ, tls, tiktok, MFA, 2fa, astrolocker
Black Arrow Cyber Threat Briefing 16 April 2021

Black Arrow Cyber Threat Briefing 16 April 2021: 61% Of Employees Fail Basic Cyber Security Quiz; More Than 1,900 Hacking Groups Active Today; Ransomware Crisis Worsens; Enterprise Security Attackers Are One Password Away From Your Worst Day; Microsoft’s April Update Patches 114 Bugs; Nation-State Attacks Targeting Businesses Rise; Criminals Installing Cryptojacking Malware On Unpatched Exchange Servers; Network Vulns Affect Over 100 Million Devices; Brits Still Confused By Multi-Factor Authentication

Read More
Black Arrow Admincyber, cyber security, infosec, information security, ransomware, employees, staff, hacking, hackers, passwords, microsoft, patching, patches, vulnerabilities, remote code execution, rce, nation state actors, mfa, 2fa, multi-factor authentication, payment cards, kremlin, russia, vpn, phishing, social engineering, contact forms, watering hole, cloud, icedid, joker malware, huawei, android, adobe, adobe photoshop, invoice payment, tax, chrome, google chrome, edge, microsoft edge, zero-day, whatsapp, kubernetes, open source, clubhouse, covid, iran, nuclear, nsa, exchange, hafnium, cryptojacking, spying, privacy, smbs, imitated brands, reports, casino, solarwinds, fbi, cisa
Black Arrow Cyber Threat Briefing 01 April 2021

Black Arrow Cyber Threat Briefing 01 April 2021: Boards Still Aren't Taking Cyber Security Seriously, That Means Everyone Is At Risk; Nearly 40% Of New Ransomware Families Use Both Data Encryption And Data Theft In Attacks; Ransomware - Why We Are Now Facing A Perfect Storm; Nearly A Fifth Of Ransomware Victims Who Pay Off Extortionists Fail To Get Their Data Back; Shadow IT Is Your Organisation's Next Remote-Working Nightmare

Read More
Black Arrow Admincyber, cyber security, infosec, information security, threat report, threat intel, boards, c-suite, ransomware, encryption, data theft, extortion, lockdown, shadow it, charity, hafnium, china, apt, fatface, jquery, fileless malware, android, spyware, 5g, openssl, apple, zero-day, ios, solarwinds, facebook, ubiquiti, dark web, russia, charming kitten, browsers, privacy, cisa, exchange, cryptomining, smart contracts, fraud
Black Arrow Cyber Threat Briefing 26 March 2021

Black Arrow Cyber Threat Briefing 26 March 2021: Cyber Warfare Will Grind Britain’s Economy To A Halt; $2 Billion Lost To BEC Scams In 2020; Ransomware Gangs Targets Firms With Cyber Insurance; Three Billion Phishing Emails Are Sent Every Day; $50 Million Ransomware For Computer Maker Acer; Office 365 Phishing Attack Targets Financial Execs; MS Exchange Hacking, Thousands Of Email Servers Still Compromised; Average Ransom Payment Surged 171% in 2020; Phishers’ Perfect Targets: Employees Getting Back To The Office; Nasty Malware Stealing Amazon, Facebook And Google Passwords

Read More
Black Arrow Admincyber, cyber security, infosec, information security, threat report, threat intel, osint, cyber warfare, nation state actors, bec, business email compromise, cyber insurance, ransomware, acer, office 365, financial services, execs, senior executives, malware, amazon, facebook, google, iot, schools, colleges, universities, academia, phishing, botnet, clubhouse, fraud, fraudsters, scams, purple fox, us government, f5, vulnerabilities, vulnerability management, wordpress, openssl, fatface, data breach, data breaches, shell, accellion, russia, criminal, china, oauth, api, exchange
Black Arrow Cyber Threat Briefing 19 March 2021

Black Arrow Cyber Threat Briefing 19 March 2021: Tens Of Thousands Of Microsoft Exchange Customers Under Attack, Targeted By Multiple Hacker Groups; Over $4.2 Billion Officially Lost To Cyber Crime In 2020; Cyber Attacks Multiply On HNWIs; Largest Ransomware Demand Now Stands At $30 Million; 71 Percent Of Office 365 Users Suffer Malicious Account Takeovers; More Than 16 Million Covid-Themed Cyber Attacks Launched In 2020; Cyber Now Key To National Security;

Read More
Black Arrow Admincyber security, cyber, infosec, information security, exchange, hafnium, email, microsoft, threat intel, treat report, cyber crime, organised crime, hnwi, bec, business email compromise, national security, ransomware, mimecast, solarwinds, office 365, covid, scams, takeovers, vulnerabilities, vulnerability management, schools, nurseries, university, academia, phishing, botnet, mirai, iot, smart meters, duckduckgo, browser extensions, privacy, snoopers charter, google, chrome, google chrome, netgear, switches, data breaches, journalists, cni, critical infrastructure, sextortion, nuclear weapons, nuclear deterrent, mega-hacks
What is a Cyber 'Trigger Event' under the GFSC Rules - and what firms need to do to evidence they have taken appropriate steps

What is a Cyber 'Trigger Event' under the GFSC Rules - and what firms need to do to evidence they have taken appropriate steps

Priority action for all regulated firms in Guernsey: Microsoft announced that email servers are being attacked, and the GFSC rules require you to record how you have reviewed your cyber security controls to address this.

Read More
Black Arrow Admincyber, cyber security, infosec, information security, gfsc, financial services, regulated financial service firms, microsoft, exchange, trigger event, regulations
Black Arrow Cyber Threat Briefing 12 March 2021

Black Arrow Cyber Threat Briefing 12 March 2021: ‘Really Messy’: Why The Hack of Microsoft’s Email System Is Getting Worse - Attacks Doubling Every Two Hours; Trickbot Malware Becoming Huge Security Headache; Criminals Targeting Browser Zero Days; More Than 1m Small Businesses ‘At Risk Of Collapse’ Due To Cyber Threats; Ransomware Attacks Up 150%; Massive Supply-Chain Cyber Attack Breaches Several Airlines; Millions Of Windows Devices Are Still Infested With Malware; Browser Extensions Looking at Bank Accounts?

Read More
Black Arrow Admincyber, cyber security, information security, infosec, threat report, threat intel, microsoft, exchange, china, trickbot, browsers, zero-day, small business, smb, ransomware, selfies, supply chain, malware, windows, extensions, capcom, ad-blocker, google, recaptcha, nim, supernova, google play store, spiral, solarwinds, trojans, patching, vulnerabilities, vulnerability management, big-ip, f5, hackers, qnap, internet explorer, nas, adobe, cpu, intel, police, dark web, cyber warfare, privacy, snoopers charter, ripa, linux, verkada, bug bounty