Welcome to this week’s Black Arrow Cyber Threat Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.

Top Cyber Stories of the Last Week

Corporations with Effective Cyber Governance Create 4 Times More Value, Boosting Shareholder Returns

According to a recent report, companies who demonstrated an advanced level of cyber security performance generated a shareholder return 372% higher than their peers over a 5 year period. The report highlighted that having board committees focused on specialised risk and audit compliance produced the best outcomes; however, it was found that only a small number of those surveyed had done this. Financial institutions and healthcare had the highest cyber security ratings, highlighting the correlation between regulatory environments and cyber security performance.

Sources: [Help Net Security ] [Dark Reading]

Ransomware Incidents Reported to UK Financial Regulator Doubled

The number of security and ransomware incidents reported to the UK Financial Conduct Authority (FCA) surged in 2023, according to a freedom of information request. 31% of these incidents were categorised as ransomware, which had double the number of reports as the previous year. To note, these statistics address the number of ransomware incidents involving financial services that were disclosed: the number of actual incidents could be far higher.

Sources: [Digital Journal] [Digital Journal]

Half of British SMEs Have Lost Data in Past Five Years: Threat Indicators Show 2024 Already Promising to be Worse Than 2023

According to a new report, since 2019 nearly half (48%) of the UK’s small and medium-sized enterprises (SMEs) have lost access to data, potentially costing billions. The report found that nationwide, the number of businesses that lost data temporarily or permanently could amount to more than 800,000. Unfortunately, the report found that half of respondents assessed were relying on flawed backup processes, with a quarter not backing up data at all.

A number of organisations assume that they are backing data up automatically and that these backups are safe, but it is an assumption that can have cost. Added to this, some organisations are not aware that their backups can be changed, or deleted, by a malicious actor; a situation better mitigated by implementing immutable backups.

To better their situation, organisations need to understand the cause of a breach, map their data and understand where it is stored, follow the 3,2,1 rule (three copies of data, two separate locations, one in the cloud), consider immutable backups and monitor their backups. An effective backup policy will help.

Sources: [Infosecurity Magazine] [Security Week] [IT Security Guru]

Researchers Report Sevenfold Increase in Data Theft Cases, as 17 billion Personal Records Exposed in Breaches in 2023

According to a global threat intelligence report, data breach incidents rose by 34.5% in 2023, with 17 billion personal records compromised throughout the year. The research also observed a 429% spike in stolen or leaked personal data in the first two months of 2024. In a separate report, Kaspersky found that roughly 10 million devices encountered data-stealing malware in 2023, a sevenfold increase since 2020.

The reports highlight the importance of ensuring that precautions and mitigations are undertaken to thwart attackers. This should include enabling multi-factor authentication, strong and unique passwords, and using a password manager.

Sources: [Infosecurity Magazine] [Infosecurity Magazine]

AI Abuse and Misinformation Campaigns Threaten Financial Institutions

According to the Financial Services Information Sharing Analysis Center (FS-ISAC), cyber threats relating to generative AI in financial services are a consistent concern, with threat actors using generative AI to write malware and other types of attacks. In some cases, attackers are injecting contaminated data into the large language models used by AI, in order to supply it with misinformation which will in turn feed back to financial institutions.

Not all risks are malicious, however. In some cases where generative AI uses enormous datasets, this can contain privileged information or biased data, which can in turn cost financial firms the trust of regulators, consumers and investors. The FS-ISAC stated “As we look ahead to a critical year marked by emerging technology and heightened geopolitical tensions, the best way to maintain the integrity, security, and trust of the sector is through global information sharing.”

Source: [Help Net Security]

Security Teams are ‘Overconfident’ About Handling Next-Gen Threats

In a new study of more than 8,000 cyber security decision makers, Cisco found that nearly three-quarters of organisations anticipated a cyber incident to disrupt their business in the next two years and 80% said they felt at least “moderately confident” in their ability to defend against emerging threats. In contrast, Cisco’s own analysis rated the maturity of these organisations, finding 71% were deemed to be rated as ‘formative’ or ‘beginner’, the two lowest categories.

Source: [CSO Online]

AI Makes Phishing Attacks Accessible to Basic Users

One of the big selling points of AI is its ability to allow even an unsophisticated user to advance their capability and operate at a far more damaging level. Crucially AI can enable a completely non-technical user to understand and produce technical output. Unfortunately, many cyber criminals have realised this and are using AI to sharpen the efficacy of their phishing emails. With AI, phishing emails can now be created without telltale grammatical errors, and can be convincingly formatted to use a certain style to resonate with given target audience, such as a board level executive. AI is also enabling these phishing campaigns to be replicated across languages and geographies, giving malicious actors wider nets than ever before. Whilst low sophistication ‘Nigerian Prince’ type phishing emails are still doing the rounds they are largely being replaced by much more convincing and devious legitimate looking emails.

Source: [The Economic Times]

Cyber Attacks Wreaking Physical Disruption on the Rise

According to a report, more than 500 industrial operational technology (OT) sites worldwide suffered physical consequences as the result of a cyber attack last year, a near 20% rise from the previous year. The report found that some of the attacks cost the organisation up to $100 million in damages.

Attacks on utilities, water, energy, and other critical national infrastructure (CNI) have seen a sharp rise over the last year, against a backdrop of geopolitical tensions and actions by nation state aggressors such as Russia, China, North Korea and Iran, as well as hacktivist groups and other malicious actors.

Threats to IT may be better known than threats to OT, but the latter can result in very serious real world consequences, ultimately leading to potential mass loss of life events.

Source: [Dark Reading]

73% Brace for Cyber Security Impact on Business in Next Two Years

A survey has found that 73% of organisations are expecting a business disruption relating to a cyber incident in the next 12 to 24 months. Part of this was based on previous experiences, with 54% experiencing a cyber incident in the last 12 months, and 52% of those impacted reporting costs of at least $300,000. 87% reported issues with talent, and 46% reported having more than 10 unfilled roles related to cyber security.

Source: [Help Net Security]

To Stay Ahead of Ransomware Businesses Need to Adopt An Offensive Security Mindset

2023 was the most lucrative year yet for ransomware attacks and it was also the year that saw the biggest shift in ransomware tactics, with the majority of ransomware actors now implementing data exfiltration and extortion, in addition to encryption. As it is getting harder for organisations to defend against these attacks and to stay ahead of ransomware, organisations need to develop an offensive security mindset, working out how an attacker might gain access to their systems. This includes keeping up with the latest tactics, communicating this throughout the organisation and running threat-led attack simulations.

Source: [IBTimes]

Cyber Security Imperative for Protecting Executives

The stakes are high in cyber security, and particularly for executives whose positions amplify the potential fall out and damage from cyber incidents. The variety of sensitive information that they have access to, and their authority in the organisation, makes them a desirable target for business email compromise.

Organisations need to implement a robust security culture, led by executives, to foster an environment where cyber threats are understood and mitigated. As part of this, training needs to be given to the whole organisation, including executives.

Executives may have historically excluded themselves from security controls, yet ironically it is this exclusion and their position in the organisation that makes them such a lucrative target.

Source: [Forbes]

The Increasing Role of Cyber Security Experts in Complex Legal Disputes

Expert witnesses have been known to play significant roles in matters where their valuable insight is required. In today’s world, with the number of high-stake crimes now involving technology, cyber security professionals have become some of the most sought-after experts.

Disputes involving highly complex cyber crimes typically require more technical experience than is on hand, and the contributions of a cyber expert are significant in uncovering critical evidence and shaping the legal strategy, as well as explaining cyber security in the courtroom.

Source: [JDSupra]

Governance, Risk and Compliance

• Ransomware incidents reported to UK financial regulator have doubled - Digital Journal

• AI abuse and misinformation campaigns threaten financial institutions - Help Net Security

• Half of British SMEs Have Lost Data in Past Five Years - Infosecurity Magazine (infosecurity-magazine.com)

• The Big Question: Are SMEs now at the forefront of cyber risks? - Emerging Risks Media Ltd

• Threat Indicators Show 2024 Is Already Promising to be Worse Than 2023 - Security Week

• Is the Human Factor Overlooked in Cyber Security? - Infosecurity Magazine (infosecurity-magazine.com)

• Security teams are ‘overconfident’ about handling next-gen threats | CSO Online

• Banks told to expand risk management to cover AI (finextra.com)

• Corporations With Cyber Governance Create 4X More Value (darkreading.com)

• Cyber Leaders Struggle With Heightened Job Expectations, Communicating With Board - WSJ

• 73% brace for cyber security impact on business in the next year or two - Help Net Security

• Businesses overestimating their skills amid cyber security crisis, survey reveals (holyrood.com)

• Why your data isn’t as safe as you think and what it could cost you - IT Security Guru

• Unspoken Battle: Cyber Security Imperative For Protecting Executives (forbes.com)

• The Increasing Role Of Cyber Security Experts In Complex Legal Disputes | IMS Legal Strategies - JDSupra

• Businesses must prioritise prevention to lock out online threats (yahoo.com)

• CISOs Are Facing Challenges In Proactive Threat Defence And Compliance Management (forbes.com)

• As Cyber Regulators Rush Toward New Rules, Shifting Foundations May Complicate Compliance | Wiley Rein LLP - JDSupra

• Lessons from the World's Costliest Corporate Cyber Attacks - Management Today

• Three trends set to drive cyber attacks in 2024 (networkingplus.co.uk)

• Why Cyber Security Is a Whole-of-Society Issue (darkreading.com)

• Instilling the Hacker Mindset Organisationwide (darkreading.com)

• How CISOs Can Make Cyber Security a Long-Term Priority for Boards (darkreading.com)

Threats

Ransomware, Extortion and Destructive Attacks

• Cyber security incidences surge in the UK financial services sector - Digital Journal

• Ransomware attacks rise by 46% in February 2024, finds NCC Group (securitybrief.co.nz)

• To Stay Ahead Of Ransomware Attacks, Businesses Need To Adopt An Offensive Security Mindset | IBTimes

• RDP Abuse Present in 90% of Ransomware Breaches - Infosecurity Magazine (infosecurity-magazine.com)

• How will the Merck settlement affect the insurance industry? (securityintelligence.com)

• Lessons From the LockBit Takedown (darkreading.com)

• Ransomware attackers are increasingly targeting backups — so make sure yours are protected | TechRadar

• Unveiling the Fallout: Operation Cronos' Impact on LockBit Following Landmark Disruption | Trend Micro (US)

• Trend Micro: LockBit ransomware gang's comeback is failing | TechTarget

• Hosting firm's VMware ESXi servers hit by new SEXi ransomware (bleepingcomputer.com)

• Collaboration Needed to Fight Ransomware (darkreading.com)

Ransomware Victims

• Ransomware attacks ravaged municipal governments in March | TechTarget

• NHS Scotland confirms ransomware attackers leaked patients' data - Help Net Security

• Yacht retailer MarineMax discloses data breach after cyber attack (bleepingcomputer.com)

• How will the Merck settlement affect the insurance industry? (securityintelligence.com)

• Ransomware gang leaks UK city council’s confidential files • The Register

• Omni Hotels confirms cyber attack behind ongoing IT outage (bleepingcomputer.com)

• World’s second-largest lens-maker blinded by cyber incident • The Register

Phishing & Email Based Attacks

• This new phishing attack targets iPhone and Android alike via RCS | TechRadar

• Cloud Email Filtering Bypass Attack Works 80% of the Time (darkreading.com)

• $1.28 Million Lost From Crypto Phishing Attacks (coinpedia.org)

• Naked photos sent in WhatsApp ‘phishing’ attacks on UK MPs and staff – POLITICO

• Cyber security: Enabled by AI, phishing becomes quite simple - The Economic Times (indiatimes.com)

• Massive Phishing Campaign Strikes Latin America: Venom RAT Targeting Multiple Sectors (thehackernews.com)

• Phishing Attacks Targeting Political Parties, Germany Warns (govinfosecurity.com)

• A phish by any other name should still not be clicked – Computerworld

• Google now blocks spoofed emails for better phishing protection (bleepingcomputer.com)

• New Phishing Campaign Targets Oil & Gas with Evolved Data-Stealing Malware (thehackernews.com)

• Microsoft Teams phishing attacks and how to prevent them | TechTarget

Artificial Intelligence

• Banks told to expand risk management to cover AI (finextra.com)

• AI abuse and misinformation campaigns threaten financial institutions - Help Net Security

• 22% of employees admit to breaching company rules with GenAI - Help Net Security

• The Danger Of Unmanaged AI In The Enterprise (forbes.com)

• 6 Prompts You Don't Want Employees Putting in Microsoft Copilot (bleepingcomputer.com)

• Microsoft Copilot Blocked on US Congress Devices Over Security Concerns | Cryptopolitan

• Cyber security: Enabled by AI, phishing becomes quite simple - The Economic Times (indiatimes.com)

• Microsoft Announces New Safety System to Filter Malicious AI Output | Extremetech

• Microsoft GM on AI and elections: 'There will be fakes' • The Register

• Why AI forensics matters now - Help Net Security

• Microsoft and OpenAI collaborated to counter North Korean cyber threats, China in the game as well - MSPoweruser

• More Than Half of Organisations Plan to Adopt AI Solutions in Coming Year, Reports Cloud Security Alliance and Google Cloud (darkreading.com)

• The ‘complicated relationship’ between AI and cyber security (siliconrepublic.com)

• ‘Many-shot jailbreak’: lab reveals how AI safety features can be easily bypassed | Artificial intelligence (AI) | The Guardian

• Chinese hackers turn to AI to meddle in elections | CyberScoop

• Security and AI occupy SME thoughts | Microscope (computerweekly.com)

Malware

• Escalating malware tactics drive global cyber crime epidemic - Help Net Security

• Linux Version of DinodasRAT Spotted in Cyber Attacks Across Several Countries (thehackernews.com)

• TheMoon Malware Rises Again with Malicious Botnet for Hire (darkreading.com)

• Hackers Target macOS Users with Malicious Ads Spreading Stealer Malware (thehackernews.com)

• Vultur Android Banking Trojan Returns with Upgraded Remote Control Capabilities (thehackernews.com)

• Botnets: The uninvited guests that just won’t leave | CSO Online

• Detecting Windows-based Malware Through Better Visibility (thehackernews.com)

• Apple macOS users targeted with more cyber attacks via dodgy ads and websites | TechRadar

• Massive Phishing Campaign Strikes Latin America: Venom RAT Targeting Multiple Sectors (thehackernews.com)

• Europe subjected to Mispadu trojan attacks | SC Media (scmagazine.com)

• YouTube Video Game ‘Hacks’ Contain Malware Links - Infosecurity Magazine (infosecurity-magazine.com)

• The Biggest Takeaways from Recent Malware Attacks (bleepingcomputer.com)

• Thousands of Australian Businesses Targeted With RAT (darkreading.com)

• Cyber criminals are spreading malware through Facebook pages impersonating AI brands (therecord.media)

Mobile

• This new phishing attack targets iPhone and Android alike via RCS | TechRadar

• 2 wireless protocols expose mobile users to spying — the FCC wants to fix that - Nextgov/FCW

• This notorious Android banking trojan now lets hackers remotely control your phone — how to stay safe | Tom's Guide (tomsguide.com)

• Location tracking and the battle for digital privacy - Help Net Security

• How and why to enable Stolen Device Protection on your iPhone (idownloadblog.com)

• Google fixed two actively exploited Pixel vulnerabilities (securityaffairs.com)

Denial of Service/DoS/DDOS

• New HTTP/2 Vulnerability Exposes Web Servers to DoS Attacks (thehackernews.com)

Internet of Things – IoT

• Porsche Kills Two More Models Due to Cyber Security Regulations - autoevolution

• UK Encouraged to Prioritise Cyber Security with Electric Vehicle Charging Points - Electrical Times

Data Breaches/Leaks

• Researchers Report Sevenfold Increase in Data Theft Cases - Infosecurity Magazine (infosecurity-magazine.com)

• Highly sensitive files mysteriously disappeared from EUROPOL headquarters (securityaffairs.com)

• Threat Actor Claims Classified Five Eyes Data Theft - Infosecurity Magazine (infosecurity-magazine.com)

• 17 Billion Personal Records Exposed in Data Breaches in 2023 - Infosecurity Magazine (infosecurity-magazine.com)

• Almost 2.9M impacted by Harvard Pilgrim Health Care breach | SC Media (scmagazine.com)

• Hot Topic confirms multiple new cyber attacks — customer details and payment info exposed online | TechRadar

• Ivanti-linked breach of CISA potentially affected more than 100,000 individuals | CyberScoop

• Prudential Insurance says data of 36,000 exposed during February cyber attack (therecord.media)

• OWASP discloses a data breach (securityaffairs.com)

• Hotel Self Check-In Kiosks Exposed Room Access Codes - Security Week

• Nearly 1M medical records feared stolen from City of Hope • The Register

• SurveyLama data breach exposes info of 4.4 million users (bleepingcomputer.com)

• Cyber criminals steal data of around 700,000 Apotheka pharmacy customers | News | ERR

• PandaBuy data breach allegedly impacted +1.3M customers (securityaffairs.com)

• OWASP discloses breach due to a Wiki web server misconfig • The Register

• US cancer center data breach exposes info of 827,000 patients (bleepingcomputer.com)

Organised Crime & Criminal Actors

• Escalating malware tactics drive global cyber crime epidemic - Help Net Security

• Threat Indicators Show 2024 Is Already Promising to be Worse Than 2023 - Security Week

• Calls to Incident Response Helpline Double in a Year - Infosecurity Magazine (infosecurity-magazine.com)

• Rise of non-tech hackers: new era of cyber threats - VnExpress International

• India rescuing citizens forced into cyber fraud schemes in Cambodia | Reuters

• Cyber criminal adoption of browser fingerprinting - Help Net Security

• With just $700 and a Raspberry Pi — you too can become a cyber criminal | TechRadar

Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain

• FTX founder Sam Bankman-Fried sentenced to 25 years for crypto fraud (cnbc.com)

• $1.28 Million Lost From Crypto Phishing Attacks (coinpedia.org)

Insider Risk and Insider Threats

• Is the Human Factor Overlooked in Cyber Security? - Infosecurity Magazine (infosecurity-magazine.com)

• Human risk is the top cyber threat for IT teams - Help Net Security

• Instilling the Hacker Mindset Organisation wide (darkreading.com)

Insurance

• Can cyber insurance help secure business? | Mint (livemint.com)

• How will the Merck settlement affect the insurance industry? (securityintelligence.com)

Supply Chain and Third Parties

• Thwarted supply-chain hack sets off alarm bells across DC - POLITICO

Cloud/SaaS

• How much does cloud-based identity expand your attack surface? - Help Net Security

• Who owns your data? SaaS contract security, privacy red flags | CSO Online

• Cloud Email Filtering Bypass Attack Works 80% of the Time (darkreading.com)

Identity and Access Management

• How much does cloud-based identity expand your attack surface? - Help Net Security

Linux and Open Source

• "We got lucky": What the XZ Utils backdoor says about the strength and insecurities of open source | ITPro

• New Linux Bug Could Lead to User Password Leaks and Clipboard Hijacking (thehackernews.com)

• Red Hat warns of backdoor in XZ tools used by most Linux distros (bleepingcomputer.com)

• A new XZ backdoor scanner will be able to safeguard any Linux binary from threats (msn.com)

• What we know about the xz Utils backdoor that almost infected the world | Ars Technica

• Malicious xz backdoor reveals fragility of open source • The Register

• Linux Version of DinodasRAT Spotted in Cyber Attacks Across Several Countries (thehackernews.com)

• German state switches to LibreOffice, promises Windows move • The Register

Passwords, Credential Stuffing & Brute Force Attacks

• Cisco warns of password-spraying attacks targeting VPN services (bleepingcomputer.com)

• American fast-fashion firm Hot Topic hit by credential stuffing attacks (securityaffairs.com)

Social Media

• Cyber criminals are spreading malware through Facebook pages impersonating AI brands (therecord.media)

• WhatsApp was down in Meta’s second big outage this year | TechCrunch

• YouTube Video Game ‘Hacks’ Contain Malware Links - Infosecurity Magazine (infosecurity-magazine.com)

Malvertising

• Apple macOS users targeted with more cyber attacks via dodgy ads and websites | TechRadar

• New Chrome feature aims to stop hackers from using stolen cookies (bleepingcomputer.com)

Training, Education and Awareness

• Human risk is the top cyber threat for IT teams - Help Net Security

• Instilling the Hacker Mindset Organisation wide (darkreading.com)

Regulations, Fines and Legislation

• Ransomware incidents reported to UK financial regulator have doubled - Digital Journal

• Financial cyber defence: gearing up for DORA (finextra.com)

• EU's reimagined NIS 2 cyber security vision to go live (electronicspecifier.com)

• Navigating Cyber Security and Data Privacy Regulations in the Insurance Industry | McGuireWoods LLP - JDSupra

• 6 business benefits of data protection and GDPR compliance | TechTarget

• Treasury accuses banks of 'insufficient data sharing' on fraud | American Banker

• A CISO's Guide to Materiality and Risk Determination (darkreading.com)

• NIS2 Requires Major Changes in EU SaaS Cyber Security - Infosecurity Magazine (infosecurity-magazine.com)

Models, Frameworks and Standards

• Using the NIST CSF for Strong Cyber Security Compliance | NAVEX - JDSupra

• NIST And CISA: 13 Must-Review Resources For SMBs (forbes.com)

• Are businesses prepared for the CSF 2.0 challenge? - Digital Journal

Backup and Recovery

• World Backup Day triggers call for holistic cyber security overhaul (securitybrief.co.nz)

• Ransomware attackers are increasingly targeting backups — so make sure yours are protected | TechRadar

• Data protection vs. data backup: How are they different? | TechTarget

Data Protection

• 3 Strategies to Future-Proof Data Privacy (darkreading.com)

• Navigating Cyber Security and Data Privacy Regulations in the Insurance Industry | McGuireWoods LLP - JDSupra

• 6 business benefits of data protection and GDPR compliance | TechTarget

• How to conduct a data privacy audit, step by step | TechTarget

• Data protection vs. data backup: How are they different? | TechTarget

Careers, Working in Cyber and Information Security

• The Complexity and Need to Manage Mental Well-Being in the Security Team - Security Week

• Cyber Leaders Struggle With Heightened Job Expectations, Communicating With Board - WSJ

• Hardest Cyber Security Jobs to Fill in 2024 Techopedia

• Unlocking Cyber Security Success: The Importance of Certifications - ClearanceJobs

• CISOs Are Facing Challenges In Proactive Threat Defence And Compliance Management (forbes.com)

• Are you okay? Understanding the world of a CISO | CSO Online

Misinformation, Disinformation and Propaganda

• AI abuse and misinformation campaigns threaten financial institutions - Help Net Security

• Microsoft GM on AI and elections: 'There will be fakes' • The Register

• How to Counter Disinformation Campaigns in Global Elections (darkreading.com)

Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity

Cyber Warfare and Cyber Espionage

• Wars prompt questions for facial recognition providers, and obscure the answers | Biometric Update

• UN Peace Operations Under Fire from State-Sponsored Hackers (darkreading.com)

Nation State Actors

China

• Chinese Spy Ops Attack 7 MSPs, Feds Allege | MSSP Alert

• UK minister confirmed as 12th target in Westminster ‘spear-phishing’ scandal – POLITICO

• Pulling the Curtain Back on China’s Cyberespionage (informationweek.com)

• MPs challenge government claims China cyber attack was unsuccessful (ft.com)

• Chinese hackers turn to AI to meddle in elections | CyberScoop

• Microsoft and OpenAI collaborated to counter North Korean cyber threats, China in the game as well - MSPoweruser

• OODA Loop - Government Agencies are in the Fight Against Chinese Human Targeting and Cyber Espionage. Will it be Enough?

• UK, Czech ministers among China’s hacking targets – POLITICO

• Security fears over supercomputer deal with Chinese firm Lenovo (thetimes.co.uk)

• Ministry of State Security releases bilingual report, urging Western forces to stop slandering and attacking China - China Military

Russia

• Ukraine gives award to foreign vigilantes for hacks on Russia - BBC News

• STA: Russian hackers take responsibility for cyber attack on Slovenia

• Exclusive: Hackers stole Russian prisoner database to avenge death of Navalny | CNN Politics

• Russian network that 'paid European politicians' busted, authorities claim - BBC News

• Russia charges suspects behind theft of 160,000 credit cards (bleepingcomputer.com)

Iran

• Iran's Evolving Cyber Enabled Influence Operations to Support Hamas (darkreading.com)

• Satellite Cyber Security, Iran, and the Israel-Hamas War | Geopolitical Monitor

North Korea

• Microsoft and OpenAI collaborated to counter North Korean cyber threats, China in the game as well - MSPoweruser

• A Vigilante Hacker Took Down North Korea’s Internet. Now He’s Taking Off His Mask | WIRED

Vulnerability Management

• Vulnerability database backlog due to increased volume, changes in 'support,' NIST says (therecord.media)

• CVE and NVD - A Weak and Fractured Source of Vulnerability Truth - Security Week

• Attack Surface Management vs. Vulnerability Management (thehackernews.com)

Vulnerabilities

• Are You Affected by the Backdoor in XZ Utils? (darkreading.com)

• Red Hat issues urgent alert for Fedora Linux users due to malicious code (betanews.com)

• Hosting firm's VMware ESXi servers hit by new SEXi ransomware (bleepingcomputer.com)

• Cisco warns of password-spraying attacks targeting VPN services (bleepingcomputer.com)

• Cisco addressed high-severity flaws in IOS and IOS XE software (securityaffairs.com)

• Ivanti commits to secure-by-design overhaul • The Register

• Ivanti Rushes Patches for 4 New Flaws in Connect Secure and Policy Secure (thehackernews.com)

• Apple GoFetch was caused by an obsession with speed • The Register

• Heartbleed is 10 Years Old – Farewell Heartbleed, Hello QuantumBleed! - Security Week

• Critical Security Flaw Found in Popular LayerSlider WordPress Plugin (thehackernews.com)

• WiFi WPS vulnerability: disable it, or else | Cybernews

• Critical Vulnerability in Progress Flowmon Allows Remote Access to Systems - Security Week

• Google fixed two actively exploited Pixel vulnerabilities (securityaffairs.com)

• Splunk Patches Vulnerabilities in Enterprise Product - Security Week

• JetBrains fixes 26 'security problems,' offering no details • The Register

Tools and Controls

• RDP Abuse Present in 90% of Ransomware Breaches - Infosecurity Magazine (infosecurity-magazine.com)

• New XZ backdoor scanner detects implant in any Linux binary (bleepingcomputer.com)

• The ‘complicated relationship’ between AI and cyber security (siliconrepublic.com)

• How much does cloud-based identity expand your attack surface? - Help Net Security

• How Pentesting-as-a-Service can Reduce Overall Security Costs (bleepingcomputer.com)

• Building a cyber security risk assessment template - Security Boulevard

• Microsoft unveils safety and security tools for generative AI | InfoWorld

• The Biggest Mistake Security Teams Make When Buying Tools (darkreading.com)

• World Backup Day triggers call for holistic cyber security overhaul (securitybrief.co.nz)

• Cloud Email Filtering Bypass Attack Works 80% of the Time (darkreading.com)

• Can cyber insurance help secure business? | Mint (livemint.com)

• 71% Website Vulnerable: API Security Becomes Prime Target for Hackers - Security Boulevard

• Old Technology, New Tricks: Why DNS Is Still A Major Security Target (forbes.com)

• Cyber Risk Management: A Beginner's Guide - Security Boulevard

• Microsoft Entra Recommendations adds several more for better user security - Neowin

• A CISO's Guide to Materiality and Risk Determination (darkreading.com)

• Ransomware attackers are increasingly targeting backups — so make sure yours are protected | TechRadar

• Attack Surface Management vs. Vulnerability Management (thehackernews.com)

• Why a Cloud Security Platform Approach is Critical | Trend Micro (US)

• The Importance Of Physical Cyber Security Testing (forbes.com)

• CISOs Are Facing Challenges In Proactive Threat Defence And Compliance Management (forbes.com)

• Human risk is the top cyber threat for IT teams - Help Net Security

• Data protection vs. data backup: How are they different? | TechTarget

• What is Threat Management? - Security Boulevard

• SIEM Implementation: Strategies and Best Practices | MSSP Alert

• Is Windows Defender All the Antivirus Protection You Need? (makeuseof.com)

Other News

• Cyber Attacks Wreaking Physical Disruption on the Rise (darkreading.com)

• Cyber attacks on critical infrastructure show advanced tactics and new capabilities - Help Net Security

• Is your pension protected from cyber attacks? - CityAM

• Cyber Safety Review Board: Microsoft security culture 'inadequate' (geekwire.com)

• Microsoft slammed for lax infosec that led to Exchange crack • The Register

• Infosec professionals praise CSRB report on Microsoft breach | TechTarget

• 76% of consumers don't see themselves as cyber crime targets - Help Net Security

• Shielding the lifelines: Protecting energy and infrastructure from cyber threats (betanews.com)

• Cyber Security Statistics In 2024: Is Your Law Firm Protected? - Above the Law

• Sellafield nuclear waste dump faces prosecution over cyber security failures (bitdefender.com)

• Australia Doubles Down On Cyber Security After Attacks (darkreading.com)

• Furry Hackers Use Church's Money To Buy Inflatable Sea Lions (dailydot.com)

• Windows 10 Support Deadline: Your Guide to Extended Security Updates (ESU) (mspoweruser.com)

• Healthcare's cyber resilience under siege as attacks multiply - Help Net Security

• Rise of non-tech hackers: new era of cyber threats - VnExpress International

• Why Cultural Institutions Are Rich Targets for Cyber Attackers  (informationweek.com)

• 5 top OT threats and security challenges | TechTarget

Sector Specific

Industry specific threat intelligence reports are available.

Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.

·         Automotive

·         Construction

·         Critical National Infrastructure (CNI)

·         Defence & Space

·         Education & Academia

·         Energy & Utilities

·         Estate Agencies

·         Financial Services

·         FinTech

·         Food & Agriculture

·         Gaming & Gambling

·         Government & Public Sector (including Law Enforcement)

·         Health/Medical/Pharma

·         Hotels & Hospitality

·         Insurance

·         Legal

·         Manufacturing

·         Maritime

·         Oil, Gas & Mining

·         OT, ICS, IIoT, SCADA & Cyber-Physical Systems

·         Retail & eCommerce

·         Small and Medium Sized Businesses (SMBs)

·         Startups

·         Telecoms

·         Third Sector & Charities

·         Transport & Aviation

·         Web3

As usual, contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.

Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.

You can also follow us on Facebook, Twitter and LinkedIn.

Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.