privacy — Black Arrow Cyber Consulting

Black Arrow Cyber Threat Briefing 10 September 2021

-91% Of IT Teams Have Felt 'Forced' To Trade Security For Business Operations

-Ransomware Attacks Increased Exponentially In 2021

-One In Three Suspect Phishing Emails Reported By Employees Really Are Malicious

-Hackers Shift From Malware To Credential Hijacking

-Attacker Breakout Time Now Less Than 30 Minutes

-Hackers Leak VPN Account Passwords From 87,000 Fortinet FortiGate Devices

-The Impact Of Ransomware On Cyber Insurance Driving The Need For Broader Cyber Security Knowledge

-Hackers Exploit Camera Vulnerabilities To Spy On Parents

-39% Of All Internet Traffic Is From Bad Bots

Black Arrow AdminSeptember 10, 2021cyber, cyber security, information security, infosec, gfsc, rules, regulations, compliance, operations, ransomware, phishing, hackers, malware, credential harvesting, vpn, fortinet, fortigate, insiders, insider threats, cyber insurance, cameras, iot, spying, bad bots, revil, ragnar locker, hive, microsoft, microsoft outlook, bitcoin, iphones, cables, google, zoho, manageengine, cpu, chrome, atlassian, confluence, zero-day, windows, poc, proof of concept, cisco, guntrader, data breach, trickbot, dos, ddos, denial of service, cloud, whatsapp, privacy, protonmail, owasp, siem, zero trust, hse, brute force, gift cards

Black Arrow Cyber Threat Briefing 02 July 2021

Black Arrow Cyber Threat Briefing 02 July 2021: Russian Hackers Target IT Supply Chain In Ransomware Attack Leading To Hundreds Of Firms Being Hit; 71% Of Orgs Experienced BEC Attacks Over The Past Year; Cyber Insurance Making Ransomware Crisis Worse; Breach Exposes 92% Of LinkedIn Users; Users Clueless About Cyber Security Risks; Paying Ransoms Make You A Bigger Target; Cyber Crime Never Sleeps; Classified MOD Docs Found At Bus Stop; Don’t Leave Your Cyber IR Plan To IT, It’s An Organisational Risk

Black Arrow AdminJuly 3, 2021cyber, cyber security, infosec, information security, threat report, threat intel, ransomware, russia, revil, supply chain, rmm, it provider, bec, business email compromise, cyber insurance, linkedin, data breach, api, users, staff, ir, ir plans, incident response, it sector, health sector, health, healthcare, manufacturing, ministry of defence, mod, classified documents, cabinet offices, government, ncsc, cryptocurrencies, cryptojacking, cryptomining, go, babuk, virustotal, vm, virtual machines, chachi, hmrc, phishing, indexsinas, iot, smart homes, microsoft, cisco, cisco asa, firewall, rce, remote code exploit, remote code execution, MyBook, western digital, fortiweb, waf, nfc, cash machines, 5g, zero-day, printnightmare, zyxel, police, tulsa, cobalt strike, fin7, jail, pirated software, central bank, cloud, privacy, solarwinds, ea games, council

Black Arrow Cyber Threat Briefing 18 June 2021

Black Arrow Cyber Threat Briefing 18 June 2021: Ransomware Now Ranks As UK’s Top Cyber Security Danger; 54% of all employees reuse passwords across accounts; Most Firms Face Second Ransomware Attack After Paying Off First; Bad Cyber Security Behaviours Plaguing The Remote Workforce; VPN Attacks Up Nearly 2000% As Companies Embrace A Hybrid Workplace; Over 65,000 Ransomware Attacks Expected In 2021; Business Leaders Now Feel More Vulnerable To Cyber Attacks

Black Arrow AdminJune 19, 2021cyber, infosec, information security, threat report, threat intel, ransomware, bank of america, passwords, password reuse, vpn, revenge porn, backups, recovery, microsoft, colonial, ryuk, clop, police, paradise, hades, revil, bec, mfa, google docs, pdf, malware, google chrome, browser, windows, vulnerabilities, vulnerability management, mcafee, peloton, rce, vmware, sonicwall, gateley, alibaba, hmm, maritime, mensa, volkswagen, audi, ledger, open source, noxplayer, gelsemium, utilities, russia, china, ddos, amazon, privacy, airlines, banks, slilpp, vigilantes, ea games

Black Arrow Cyber Threat Briefing 11 June 2021

Black Arrow Cyber Threat Briefing 11 June 2021: World’s Biggest Meat Producer JBS Pays $11m Ransom; New Type Of Ransomware Could Be 10 Times As Dangerous; Lewd Phishing Lures Aimed At Business Explode; UK Schools Forced To Shut Following Ransomware; COVID-19 Has Transformed Work, But Cyber Security Is Not Keeping Pace; Colonial Pipeline Ransomware Attack Stemmed From Old VPN Password; Evil Corp Rebrands Ransomware To Escape Sanctions; Billions Of Passwords Leaked Online From Past Data Breaches

Black Arrow Cyber Threat Briefing 21 May 2021

Black Arrow Cyber Threat Briefing 21 May 2021: Ransomware Attacks Are Spiking. Is Your Company Prepared?; Ban Ransom Payments To Hackers, Urges Ex-GCHQ Boss; How Penetration Testing Can Promote A False Sense Of Security; Ransomware’s New Swindle - Triple Extortion; ‘It’s A Battle, It’s Warfare’ - Experts Seek To Defeat Ransomware Attackers; 5 Reasons Why Enterprises Need Cyber Security Awareness And Training; 10 Emerging Cyber Security Trends To Watch In 2021

Black Arrow Cyber Threat Briefing 14 May 2021

Black Arrow Cyber Threat Briefing 14 May 2021: Two Thirds Of CISOs Expect Damaging Cyber Attack In Next 12 Months; Ransomware - Don't Pay, It Just Shows Cyber Criminals That Attacks Work; Most Significant Cyber Attacks 2006-2020; The Shape Of Fraud And Cyber Crime, 10 Things We Learned From 2020; US Pipeline Ransomware Serves As Warning To Persistent Corporate Inertia Over Security; Ransomware Attackers Now Using Triple Extortion Tactics; AXA Pledges To Stop Reimbursing French Ransomware Victims; Cyber Experts Warn Over Online Wine Scams

Black Arrow AdminMay 14, 2021cyber, cyber security, infosec, information security, threat report, threat intel, ciso, ransomware, fraud, cyber crime, third party, third parties, software, fuel supplies, ot, ics, scada, critical infrastructure, colonial, triple extortion, extortion, axa, france, dystopia, wine, scams, cisa, energy sector, ryuk, students, mtr, privacy, piracy, foreign secretary, darkside, business email compromise, bec, phishing, smishing, ai, coronavirus, covid-19, email, ios, apple, trojan, windows, microsoft, troy hunt, patches, vulnerabilities, vulnerability management, adobe, adobe reader, wifi, frag attack, lemon duck, zero-day, rce, bulletproof hosting, criminals, rapid7, source code, russia, china, ncsc, cozy bear, spying, ddos, university, academia, mobile, gps, mfa, biden, executive order, healthcare, government, bots

Black Arrow Cyber Threat Briefing 23 April 2021

Black Arrow Cyber Threat Briefing 23 April 2021: Cyber Attacks Rise For Businesses, Pushing Many To The Brink; MI5 Warns Of Spies Using LinkedIn To Trick Staff; Sonicwall Warns Customers To Patch 3 Zero-Days Exploited In The Wild; FBI Removed Backdoors From Vulnerable Exchange Servers, Not Everyone Likes The Idea; Pulse Secure VPN Zero-Day Used To Hack Defense Firms & Govt Orgs; Solarwinds Hack Could Cost Insurance Firms $90M; Mount Locker Ransomware Aggressively Changes Up Tactics; QR Codes Offer Easy Cyber Attack Avenues as Usage Spikes

Black Arrow Cyber Threat Briefing 16 April 2021

Black Arrow Cyber Threat Briefing 16 April 2021: 61% Of Employees Fail Basic Cyber Security Quiz; More Than 1,900 Hacking Groups Active Today; Ransomware Crisis Worsens; Enterprise Security Attackers Are One Password Away From Your Worst Day; Microsoft’s April Update Patches 114 Bugs; Nation-State Attacks Targeting Businesses Rise; Criminals Installing Cryptojacking Malware On Unpatched Exchange Servers; Network Vulns Affect Over 100 Million Devices; Brits Still Confused By Multi-Factor Authentication

Black Arrow Cyber Threat Briefing 01 April 2021

Black Arrow Cyber Threat Briefing 01 April 2021: Boards Still Aren't Taking Cyber Security Seriously, That Means Everyone Is At Risk; Nearly 40% Of New Ransomware Families Use Both Data Encryption And Data Theft In Attacks; Ransomware - Why We Are Now Facing A Perfect Storm; Nearly A Fifth Of Ransomware Victims Who Pay Off Extortionists Fail To Get Their Data Back; Shadow IT Is Your Organisation's Next Remote-Working Nightmare

Black Arrow AdminApril 1, 2021cyber, cyber security, infosec, information security, threat report, threat intel, boards, c-suite, ransomware, encryption, data theft, extortion, lockdown, shadow it, charity, hafnium, china, apt, fatface, jquery, fileless malware, android, spyware, 5g, openssl, apple, zero-day, ios, solarwinds, facebook, ubiquiti, dark web, russia, charming kitten, browsers, privacy, cisa, exchange, cryptomining, smart contracts, fraud

Black Arrow Cyber Threat Briefing 19 March 2021

Black Arrow Cyber Threat Briefing 19 March 2021: Tens Of Thousands Of Microsoft Exchange Customers Under Attack, Targeted By Multiple Hacker Groups; Over $4.2 Billion Officially Lost To Cyber Crime In 2020; Cyber Attacks Multiply On HNWIs; Largest Ransomware Demand Now Stands At $30 Million; 71 Percent Of Office 365 Users Suffer Malicious Account Takeovers; More Than 16 Million Covid-Themed Cyber Attacks Launched In 2020; Cyber Now Key To National Security;

Black Arrow Cyber Threat Briefing 12 March 2021

Black Arrow Cyber Threat Briefing 12 March 2021: ‘Really Messy’: Why The Hack of Microsoft’s Email System Is Getting Worse - Attacks Doubling Every Two Hours; Trickbot Malware Becoming Huge Security Headache; Criminals Targeting Browser Zero Days; More Than 1m Small Businesses ‘At Risk Of Collapse’ Due To Cyber Threats; Ransomware Attacks Up 150%; Massive Supply-Chain Cyber Attack Breaches Several Airlines; Millions Of Windows Devices Are Still Infested With Malware; Browser Extensions Looking at Bank Accounts?

Black Arrow Cyber Threat Briefing 05 March 2021

Black Arrow Cyber Threat Briefing 05 March 2021: New Strain Of Ransomware Implements Self-Spreading Capabilities; One In Four People Use Work Passwords For Consumer Websites; Massive Rise In Threats Across Expanding Attack Surfaces; Half of Orgs Concerned Remote Working Puts Them at Greater Risk of Cyber Attacks; Microsoft Patches Four Zero-Day Exchange Server Bugs; A Booming Trade In Bugs Is Undermining Cyber Security; Weaponized Spectre Exploit Discovered; Solarwinds Security Fiasco May Have Started With Simple Password Blunders

Black Arrow Cyber Threat Briefing 26 February 2021

Black Arrow Cyber Threat Briefing 26 February 2021: Cyber Crime Could Cost The World $10.5 Trillion Annually By 2025; 119,000 Threats Per Minute Detected In 2020; 78% Of Top Security Leaders Say Their Organisations Are Unprepared For A Cyber Attack; Uk Faced Millions Of Cyber Attacks Last Year; New Tier Of APT Actors That Behave More Like Cyber Criminals; US Calls North Korean Hackers ‘World’s Leading Bank Robbers’; Sequoia Capital, One Of Silicon Valley's Most Notable VC Firms, Told Investors It Was Hacked; Poor Hardware Disposal Practices Posing A Risk To Data Security

Black Arrow AdminFebruary 28, 2021cyber security, cyber, cyber crime, infosec, information security, uk, threat, threat report, phishing, url, hackers, ransomware, apt, nation state actors, north korea, china, sequoia capital, venture capital, vc, hardware disposal, babuk, underwriters laboratories, microsoft, fedex, nist, google alerts, google, macos, malware, masslogger, ios, vulnerabilities, vulnerability management, rce, vmware, pdf, zero-day, cisco, accellion, clubhouse, cyber crime groups, blockchain, mastercard, visa, brave, tor, cni, scada, ics, gru, russia, nsa, solarwinds, tiktok, privacy, amazon, crowdstrike, sonicwall, non-human workers

Black Arrow Cyber Threat Briefing 19 February 2021

Black Arrow Cyber Threat Briefing 19 February 2021: Masslogger Swipes Outlook & Chrome Credentials; Phishers trick LinkedIn users; Solarwinds Attack ‘Largest And Most Sophisticated Attack’ Ever; Ransomware gangs are running riot, paying them off doesn’t help; Most security bugs in the wild are years old; Hacker Claims Files Stolen from Prominent Law Firm; 100+ Financial Services Firms Targeted in Ransom DDoS Attacks in 2020; 14 million alleged Amazon and eBay account details sold online; Think backups will protect you from ransomware? What do you think gets attacked first?

Black Arrow Cyber Threat Briefing 12 February 2021

Antony ClealFebruary 14, 2021cyber, cyber security, infosec, information security, ransomware, threat report, threat intel, rdp, remote desktop, phishing, android, app, mobile, cd projekt, florida, ics, scada, water treatment, critical infrastructure, no support linux, web hosting, dark web, facebook, google chrome, military, nuclear, zero-day, palo alto, adobe, microsoft, out of band, accellion, experian, europol, supply chain, paypal, apple, bendybear, apt, russia, china, iran, favicons, privacy, eset, google, quantum computing, api

Black Arrow Cyber Threat Briefing 22 January 2021

Black Arrow Cyber Threat Briefing 22 January 2021: Ransomware Biggest Cyber Concern; Ransomware Payments Grew 311% In 2020; Cyber Security Spending To Soar In 2021; Ransomware Provides The Perfect Cover For Other Attacks; Gdpr Fines Skyrocket As Eu Gets Tough On Data Breaches; Popular Pdf Reader Has Database Of 77 Miliion Users Leaked Online; Malware Incidents On Remote Devices Increase

Black Arrow AdminJanuary 23, 2021cyber, cyber security, threat intel, threat report, ransomware, solarwinds, spending, budgets, criminals, cyber crime, SEPA, pdf, pdf reader, nitro, gdpr, fines, malware, remote workers, remote devices, phishing, macs, apple, signal, telegram, vulnerabilities, SAP, dnspooq, dns, dnsmasq, cisco, sd-wan, botnet, freakout, health, data breach, breaches, ubiquiti, iot, rdp, windows, cloud, aviation, privacy, vishing, ms defender, pixlr

Black Arrow Cyber Threat Briefing 15 January 2021

Black Arrow Cyber Threat Briefing 15 January 2021: Two Thirds of Employees Don’t Consider Security Whilst Working from Home; Ransomware Gangs Targeting Top Execs; Microsoft emits 83 security fixes – and miscreants are already exploiting vulnerabilities in Windows Defender; Android malware gives hackers full control of your smartphone; Massive fraud campaign sees millions vanish from online bank accounts

Black Arrow Cyber Threat Briefing 25 December 2020

Black Arrow Cyber Threat Briefing 25 December 2020: The Cyber Threat Is Real and Growing; Ransomware Attacks Surge in Q3; In 2021 there will be a cyber attack every 11 seconds; The West has suffered a massive cyber breach and it's hard to overstate how bad it is; Big tech companies including Intel, Nvidia, and Cisco were all infected during the SolarWinds hack

Black Arrow AdminDecember 26, 2020cyber, cyber security, cyber crime, infosec, information security, threats, ransomware, solarwinds, intel, nvidia, cisco, victims, malware, tcp, iot, microsoft, chrome, microsoft edge, windows, zero-day, signal, data breach, dark web, jokers stash, nsa, cloudflare, ddos, c19, privacy, surveillance, al jazeera, insurance

Black Arrow Cyber Threat Briefing 18 December 2020

Black Arrow Cyber Threat Briefing 18 December 2020: The great hack attack - SolarWinds breach exposes big gaps in cyber security; A wake-up for the world on cyber security; White House activates cyber emergency response; US nuclear weapons agency targeted; UK companies targeted; Increasing Risk of Cyber Attacks; millions of users install malicious browser extensions; C19 Vaccines sold on dark web

Black Arrow AdminDecember 19, 2020cyber, cyber security, infosec, information security, weekly, threat report, threat intel, solarwinds, fireeye, russia, spying, espionage, us government, government agencies, nuclear, weapons, white house, nuclear weapons, uk firms, uk government, google chrome, microsoft edge, browsers, extensions, covid-19, covid, vaccines, dark web, black market, telcos, channel islands, fbi, doppelpaymer, hackney, ransomware, mount locker, please_read_me, systembc, rat, tor, backdoor, office 365, subway, phishing, facebook, apt32, patching, vulnerabilities, ios, android, firefox, malware, signal, f5, big-ip, pgminer, postgresql, wordpress, sophos, cyberoam, cisco, jabber, hp, hpe, twitter, gdpr, fine, spotify, instagram, uipath, lithuania, metropolitan police, privacy, surveillance, enisa, 5g, ai, sextortion

Black Arrow Cyber Threat Briefing 04 December 2020

Black Arrow Cyber Threat Briefing 4 December 2020: Covid vaccine supply chain targeted by hackers; Criminals Favour Ransomware and BEC; Bank Employee Sells Personal Data of 200,000 Clients; 2020 Pandemic changing short- and long-term approaches to risk; Cyber risks take the fun out of connected toys; Remote Workers Admit Lack of Security Training

Black Arrow AdminDecember 5, 2020information security, infosec, cyber, cyber security, espionage, threat report, threat intel, insiders, insider threats, covid, wfh, privacy, banks, lastpass, passwords, password manager, pandemic, training, ransomware, masterchef, sopra steria, phishing, bec, business email compromise, fbi, zoom, windows 10, trickbot, hackers, monero, russia, apt, macbook, apple, zerologon, ai, artificial intelligence, cloud, mod

Blog