Black Arrow Cyber Threat Intelligence Briefing 15 November 2024

Welcome to this week’s Black Arrow Cyber Threat Intelligence Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.

Top Cyber Stories of the Last Week

Massive MOVEit Vulnerability Breach: Hacker Leaks Employee Data from Amazon, McDonald’s, HSBC, HP, and Potentially 1000+ Other Companies

A recent massive data breach exploiting a vulnerability in MOVEit file transfer software has exposed sensitive employee data from major companies globally. This incident is one of the largest corporate information leaks, affecting sectors such as finance, healthcare, technology, and retail. The breach resulted in detailed employee records being stolen from 25 leading organisations, including Amazon with over 2.8 million records and MetLife with over 585,000 records. The leaked data includes names, email addresses, phone numbers, and organisational structures, posing significant risks for phishing and identity theft. This incident highlights the critical importance of promptly applying security patches and reinforces the need for robust cyber security measures to protect sensitive corporate data.

Phishing Attacks Surge in 2024 as Cyber Criminals Adopt AI Tools and Multi-Channel Tactics

A recent report has found that phishing attacks surged by 28% in Q2 2024, with cybercriminals adopting AI tools and multi-channel tactics. Organisations with over 2,000 employees now face approximately 36 phishing emails per day, overwhelming security systems. There was a 52.2% increase in phishing attacks that bypass secure email gateways, using techniques like QR codes, deepfakes, and HTML smuggling. Payloadless attacks (phishing without links or attachments, instead using social engineering to deceive victims) have risen to nearly 19% of phishing attempts in 2024, up from 5.4% in 2021. Businesses must enhance security measures and foster awareness to combat these sophisticated threats.

Critical Vulnerabilities Persist in Finance and Insurance Sectors

Cyber security provider Black Duck has found that the finance and insurance sectors have the highest number of critical vulnerabilities, with small sites averaging 565 and medium sites 580. Healthcare and social assistance follow closely behind. The most critical issues identified were cryptographic failures and injection vulnerabilities, totalling over 34,800 instances. These weaknesses threaten sensitive data like personally identifiable information and financial records, posing significant business risks. The mean time to remediate varies, with finance addressing issues in 28 days due to strict regulations, while utilities take up to 107 days. Widespread security misconfigurations affect 98% of applications, endangering business continuity and service availability.

AI-Based Attacks Top Gartner’s List of Emerging Threats – Again

Gartner reports that AI-based threats remain the top emerging cyber risks for organisations, with 80% of surveyed executives highlighting AI-enhanced malicious attacks as a major concern. This marks the third consecutive quarter where AI leads in risk rankings. The difficulty in finding skilled AI and cyber security talent is prompting companies to turn to Managed Security Service Providers (MSSPs) for assistance. MSSPs are leveraging AI to combat sophisticated cyber attacks, and over 80% now offer AI-related security services. This represents a significant shift as enterprises struggle to protect themselves against increasingly complex AI-driven threats.

Here Are the Top 10 Passwords for 2024, and They're All Embarrassing

NordPass, in collaboration with NordStellar, has found that weak passwords remain a significant security risk for organisations and individuals alike. Their sixth annual report revealed that '123456' is the most common password globally, used by over 3 million personal users and more than 1.2 million corporate users. The report highlighted that despite increased awareness of password security, it takes less than a second to crack these widely used passwords. Nearly all organisations still face password management challenges, with many employees reusing simple passwords across accounts. The study underscores the need for stronger password practices, including adopting password managers.

Mishing: The Rising Mobile Attack Vector Facing Every Organisation

Recent research highlights that mobile-targeted phishing attacks, collectively termed "mishing", are an escalating threat to organisations. The widespread use of mobile devices for accessing sensitive data has made them prime targets for cyber criminals employing tactics like smishing, vishing and quishing. These attacks exploit unique mobile features, increasing user vulnerability. Despite this rising threat, many organisations lack adequate mobile security measures and underestimate the associated risks. To combat mishing, it is imperative for organisations to implement comprehensive mobile threat defences and educate employees on recognising and avoiding such attacks.

80% Of Surveyed Businesses Don’t Have Plans for an AI-Related Crisis

Riskonnect's recent report highlights that 80% of organisations lack a dedicated plan to address generative AI risks, including AI-driven fraud attacks. Among surveyed professionals, 72% reported that cyber security risks are having a significant or severe impact on their organisations (an increase from last year's 47%) and 24% believe AI-powered cyber security threats will have the biggest impact over the next 12 months. Despite growing concerns over AI ethics, privacy, and security, 65% of companies have not established policies governing the use of generative AI by partners and suppliers, leaving critical risk management gaps unaddressed.

BoE and Regulators Set Out Digital Rules to Cut Cyber Attack Risks

The Bank of England and UK financial regulators have introduced new rules to enhance IT resilience in financial firms, aiming to reduce risks from cyber attacks and power outages. Effective from 1 January next year, these measures require critical third-party providers to report major incidents and conduct resilience testing. While these providers boost competitiveness, reliance on a few increases systemic risk, potentially affecting consumers and the UK's financial stability. Regulators stress that firms remain accountable for operational resilience, underscoring the need to manage disruption risks to uphold the UK's reputation for stable financial services.

Employees Are Hiding Their AI Use from Their Managers. Here's Why

New research from Slack reveals that enthusiasm for artificial intelligence among employees is waning, with excitement dropping from 47% to 41% globally. Nearly half of desk workers feel uncomfortable with their managers knowing they use AI for common tasks, fearing perceptions of laziness or incompetence. Despite 99% of executives planning to invest in AI this year, a significant skills gap persists, with 61% of employees spending less than five hours learning to use AI tools. The report highlights the need for clear policies and training to address uncertainties and fully harness AI's potential.

CISOs in 2025: Balancing Security, Compliance, and Accountability

Recent regulatory changes, including new SEC and NYDFS rules in the US, have heightened CISO accountability by requiring rapid incident disclosures and increasing personal liability. This intensifies pressures on CISOs, making the role less attractive due to potential legal repercussions and heightened stress. Looking ahead to 2025, CISOs will need advanced skills in strategic communication, risk management, and understanding emerging technologies like AI. Top priorities now include optimising existing security investments, enhancing defences against AI-driven cyber attacks, and investing in advanced cloud security capabilities.

48% of Small Businesses Don’t Offer Cyber Security Training

Recent research has revealed that 48% of UK small businesses do not provide cyber security awareness training to employees. Cyber threats are increasing in volume and complexity, particularly with the rise of AI, yet nearly half (47%) lack up-to-date anti-virus software and 15% have no firewall protection. 81% do not have a valid disaster recovery plan, and 29% have no patch management in place. With 2.39 million businesses experiencing cyber crime in the last 12 months, there is a clear need for businesses to improve their cyber security stance, both technologically and through employee awareness.

Thousands of Employees Could be Falling Victim to Obvious Phishing Scams Every Month

Cyber security provider Netskope has found that phishing attacks are a significant threat in the banking sector, with three in every 1,000 employees clicking on phishing links each month. This equates to over 1,000 banking workers in the UK potentially compromising security monthly. Russian criminal groups are identified as the most active attackers.

Sources:

https://www.infostealers.com/article/massive-moveit-vulnerability-breach-hacker-leaks-employee-data-from-amazon-mcdonalds-hsbc-hp-and-potentially-1000-other-companies/

https://www.techradar.com/pro/phishing-attacks-surge-in-2024-as-cybercriminals-adopt-ai-tools-and-multi-channel-tactics

https://www.helpnetsecurity.com/2024/11/15/finance-industry-vulnerabilities/

https://www.msspalert.com/news/ai-based-attacks-top-gartners-list-of-emerging-threats-again

https://www.cnet.com/tech/services-and-software/here-are-the-top-10-passwords-for-2024-and-theyre-all-embarrassing/

https://www.zimperium.com/blog/mishing-the-rising-mobile-attack-vector-facing-every-organization/

https://www.forbes.com/sites/edwardsegal/2024/11/10/80-of-surveyed-businesses-dont-have-plans-for-an-ai-related-crisis/

https://www.mortgagestrategy.co.uk/news/boe-and-regulators-set-out-digital-rules-to-cut-cyber-attack-risks/

https://www.zdnet.com/article/employees-are-hiding-their-ai-use-from-their-managers-heres-why/

https://www.helpnetsecurity.com/2024/11/13/daniel-schwalbe-domaintools-cisos-2025/

https://www.nationalworld.com/business/48-of-small-businesses-dont-offer-cybersecurity-training-4858633

https://www.techradar.com/pro/security/thousands-of-employees-could-be-falling-victim-to-obvious-phishing-scams-every-month  



Threats

Ransomware, Extortion and Destructive Attacks

Scattered Spider, BlackCat criminals claw back • The Register

Critical Veeam RCE bug now used in Frag ransomware attacks

Tackling ransomware without banning ransom payments | TechRadar

The Role of Threat Intelligence in Preventing Ransomware - Security Boulevard

To Pay or Not to Pay: The Ransomware Dilemma - Security Boulevard

OpenText reveals 2024 nastiest malware, LockBit leads list

WHO, 50 countries warn United Nations of increasing ransomware attacks against hospitals - The Hindu

Remarks at a UN Security Council Briefing on Ransomware Attacks against Hospitals and Other Healthcare Facilities and Services – DataBreaches.Net

Cyber attacks on healthcare: A global threat that can’t be ignored | The United Nations Office at Geneva

New Ymir ransomware partners with RustyStealer in attacks

5 BCDR Oversights That Leave You Exposed to Ransomware

Cloud Ransomware Flexes Fresh Scripts Against Web Apps

Busting Ransomware’s Billion-Dollar Boom with Network Observability and Security - Security Boulevard

New ShrinkLocker ransomware decryptor recovers BitLocker password

Idaho Man Turns to RaaS to Extort Orthodontist

Ransomware Victims

Ransomware attack on Bucharest: data of hundreds of thousands of citizens involved – DataBreaches.Net

Cyber Attack Cost Oil Giant Halliburton $35 Million - SecurityWeek

Embargo ransomware claims breach of US pharmacy network • The Register

Phishing & Email Based Attacks

Phishing attacks surge in 2024 as cyber criminals adopt AI tools and multi-channel tactics | TechRadar

Thousands of employees could be falling victim to obvious phishing scams every month | TechRadar

Mishing: The Rising Mobile Attack Vector Facing Every Organisation - Zimperium

Man gets 10 years for stealing $20M in nest eggs from 400 US home buyers - Ars Technica

New Wave Of Phishing Attacks Exploits Microsoft Visio Files For Two-Step Credential Theft

Most prolific phishing campaign of 2024 | Professional Security Magazine

This new phishing strategy utilizes GitHub comments to distribute malware | TechRadar

This new phishing strategy utilizes GitHub comments to distribute malware | TechRadar

Microsoft Exchange adds warning to emails abusing spoofing flaw

If You Fall for a Phishing Email, Here’s What Happens Next

I Almost Fell For a Phishing Scam: Here’s What Happened

Other Social Engineering

Mishing: The Rising Mobile Attack Vector Facing Every Organisation - Zimperium

Winter Fuel Payment Scam Targets UK Citizens Via SMS | Tripwire

Scammers target UK senior citizens with Winter Fuel Payment texts

Pensioners Warned Over Winter Fuel Payment Scam Texts - Infosecurity Magazine

Malware being delivered by mail, warns Swiss cyber agency

North America sees social engineering scams multiply by a factor of 10

The terrifying Google Maps tactic now used by email scammers | Tech News | Metro News

Artificial Intelligence

AI-Based Attacks Top Gartner’s List of Emerging Threats – Again   | MSSP Alert

Execs identify AI-driven cyber attacks as top security threat | SC Media

Employees are hiding their AI use from their managers. Here's why | ZDNET

HackerOne: 48% of Security Professionals Believe AI Is Risky

Hackers Are Using AI Against You: Here Is How To Protect Yourself

3 key generative AI data privacy and security concerns | TechTarget

80% Of Surveyed Businesses Don’t Have Plans For An AI-Related Crisis

Risk of AI in CIISec survey | Professional Security Magazine

AI Threat to Escalate in 2025, Google Cloud Warns - Infosecurity Magazine

Inside The Duality of AI's Superpowers

Enterprises look to AI to bridge cyber skills gap — but will still fall short | CSO Online

How CISOs Can Lead the Responsible AI Charge

Organisations face mounting pressure to accelerate AI plans, despite lack of ROI | ZDNET

Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes

Artificial intelligence and cyber crime: implications for individuals and the healthcare sector – DataBreaches.Net

How to ward-off fraudulent job seekers propped up by AI   | SC Media

Sticker shock: Are enterprises growing disillusioned with AI? | ZDNET

Malware

AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services

ESET shines light on cyber criminal RedLine empire | Computer Weekly

Cyber Criminals Use Excel Exploit to Spread Fileless Remcos RAT Malware

Hackers now use ZIP file concatenation to evade detection

Hackers Abusing Google Ads To Deliver Fakebat Malware

Google Chrome extensions remain a security risk as Manifest V3 fails to prevent data theft and malware exploitation | TechRadar

Sophisticated Infostealers Top Malware Rankings

Hive0145 Targets Europe with Advanced Strela Stealer Campaigns - Infosecurity Magazine

New Glove Stealer malware bypasses Chrome's cookie encryption

This devious new malware is going after macOS users with a whole barrel of tricks | TechRadar

Hello again, FakeBat: popular loader returns after months-long hiatus | Malwarebytes

OpenText reveals 2024 nastiest malware, LockBit leads list

Watch out, that Excel document could be infected with dangerous malware | TechRadar

‘Top 10’ malware strain, Remcos RAT, now exploiting Microsoft Excel files | SC Media

Volt Typhoon rebuilds malware botnet following FBI disruption

North Korean hackers create Flutter apps to bypass macOS security

Malware being delivered by mail, warns Swiss cyber agency

This new phishing strategy utilizes GitHub comments to distribute malware | TechRadar

MacBook Pro Owners Warned As 99 New Security Problems Reported

New Ymir ransomware partners with RustyStealer in attacks

TA455’s Iranian Dream Job Campaign Targets Aerospace with Malware - Infosecurity Magazine

Bots/Botnets

AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services

Volt Typhoon rebuilds malware botnet following FBI disruption

Mobile

Mishing: The Rising Mobile Attack Vector Facing Every Organisation - Zimperium

To patch a dangerous flaw, Pixel users need to install the November security update ASAP - PhoneArena

iPhones in a law enforcement forensics lab mysteriously rebooted losing their After First Unlock (AFU) state

Apple indeed added a feature called "inactivity reboot" in iOS 18.1 that reboots locked devices

6 telltale signs that your Android phone has malware

US Gov Agency Urges Employees to Limit Phone Use After China ‘Salt Typhoon’ Hack - SecurityWeek

NatWest blocks bevy of messenger apps on staff devices • The Register

Google Confirms $1 Trillion AI Security Protection For Pixel Users

This Pixel phone feature listens in on calls to protect you from scams | ZDNET

Denial of Service/DoS/DDoS

Credit cards readers across Israeli stores crash in DDoS cyber attack - The Jerusalem Post

DDoS Attacks Targeting ISPs are Different – Here’s How - Security Boulevard

'Cyber attack' council in Tewkesbury working to ease backlog - BBC News

What will carpet bomb attacks mean for security teams in 2025? - Tech Monitor

Internet of Things – IoT

AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services

Burglars are jamming Wi-Fi security cameras. Here's what you can do | PCWorld

Unpatched Vulnerabilities Allow Hacking of Mazda Cars: ZDI - SecurityWeek

Data Breaches/Leaks

Massive MOVEit Vulnerability Breach: Hacker Leaks Employee Data from Amazon, McDonald's, HSBC, HP, and Potentially 1000+ Other Companies | InfoStealers

Here's what we know about the Snowflake data theft suspects • The Register

Amazon MOVEit Leaker Claims to Be Ethical Hacker - Infosecurity Magazine

Major cyber attacks and data breaches of 2024 - Security Boulevard

Debt Relief Firm Forth Discloses Data Breach Impacting 1.5 Million People - SecurityWeek

200,000 SelectBlinds customers have their cards skimmed in malware attack

Not to alarm you, but your Social Security number is already leaked | The Independent

300,000 Patients Impacted By Law Firm Data Breach

Business records on 100M+ people swiped, put up for sale • The Register

Leaked info of 122 million linked to B2B data aggregator breach

Another major US healthcare organisation has been hacked, with potentially major consequences | TechRadar

Embargo ransomware claims breach of US pharmacy network • The Register

Misconfigured Microsoft Power Pages could lead to data breaches

IT specialist Jack Teixeira jailed for 15 years after leaking classified military documents on Discord

HIBP notifies 57 million people of Hot Topic data breach

Organised Crime & Criminal Actors

Scattered Spider, BlackCat criminals claw back • The Register

US Prison Sentences for Nigerian Cyber Criminals Surge in Recent Months - SecurityWeek

How Global Threat Actors May Respond to a Second Trump Term

Here's what we know about the Snowflake data theft suspects • The Register

ESET shines light on cyber criminal RedLine empire | Computer Weekly

Crypto CEO safe after being kidnapped and held for $1 million ransom  | Fortune Crypto

Charges Unsealed for Alleged Hackers of Snowflake Customers

World Economic Forum calls for joint efforts to counter cyber threats - World - DAWN.COM

WEF Launches New Framework to Combat Cyber Crime - Infosecurity Magazine

Cyber crook devoid of boundaries gets 10-year prison stint • The Register

Bitfinex Hacker Sentenced to 5 Years, Guilty of Laundering $10.5 Billion in Bitcoin

What To Know About Cyber Criminal Ross Ulbricht And His Possible Release Under Trump

The spatiotemporal patterns and driving factors of cyber crime in the UK during the COVID-19 pandemic | Humanities and Social Sciences Communications

The UK will work with international partners to dismantle the cyber criminal ecosystem: UK statement at the UN Security Council - GOV.UK

FBI Warns US Organisations of Fake Emergency Data Requests Made by Cyber Criminals - SecurityWeek

Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain

Bitcoin Fog Founder Sentenced to 12 Years for Cryptocurrency Money Laundering

Criminal crypto launderer gets 12.5 years in prison • The Register

Crypto CEO safe after being kidnapped and held for $1 million ransom | Fortune Crypto

Bitfinex Hacker Sentenced to 5 Years, Guilty of Laundering $10.5 Billion in Bitcoin

Google Warns of Rising Cloaking Scams, AI-Driven Fraud, and Crypto Schemes

Insider Risk and Insider Threats

IT specialist Jack Teixeira jailed for 15 years after leaking classified military documents on Discord

Guardsman gets 15 years after leaking secret info on Discord • The Register

Redefining Cyber Resilience: Calculating the Human Factor | MSSP Alert

Insurance

Crum & Forster Introduces Professional Liability Insurance for Chief Information Security Officers

Supply Chain and Third Parties

BoE and regulators set out digital rules to cut cyber-attack risks – Mortgage Strategy

NIST publishes guide on due diligence for cyber supply chain risk management – DataBreaches.Net

Millions of records from MOVEit hack released on dark web | SC Media

Amazon MOVEit Leaker Claims to Be Ethical Hacker - Infosecurity Magazine

Single points of failure breed systemic risk to national security | SC Media

300,000 Patients Impacted By Law Firm Data Breach

Bank of England U-turns on Vulnerability Disclosure Rules - Infosecurity Magazine

Cloud/SaaS

AndroxGh0st Malware Integrates Mozi Botnet to Target IoT and Cloud Services

5 Ways to Save Your Organisation From Cloud Security Threats

Strategies for CISOs navigating hybrid and multi-cloud security - Help Net Security

Outages

Single points of failure breed systemic risk to national security | SC Media

Microsoft investigates OneDrive issue causing macOS app freezes

Identity and Access Management

Identity Security Is The Cornerstone Of Modern Cyber Defence

Machine Identities Outnumber Human Ones: 69% Of Companies Face Rising Security Risks"

Embracing The Future Of Cryptography And Identity Management

Encryption

Quantum cyber risk – securing tomorrow | BCS

Embracing The Future Of Cryptography And Identity Management

Linux and Open Source

Open Source Security Incidents Aren't Going Away

Passwords, Credential Stuffing & Brute Force Attacks

Here Are the Top 10 Passwords for 2024, and They're All Embarrassing - CNET

The true (and surprising) cost of forgotten passwords

Social Media

TikTok Pixel Privacy Nightmare: A New Case Study

Instagram purportedly subjected to widespread data scraping | SC Media

South Korea Fines Meta $15.7 Million For Collecting User Data - IT Security Guru

Malvertising

Hackers Abusing Google Ads To Deliver Fakebat Malware

Training, Education and Awareness

48% of small businesses don’t offer cyber security training

Cyber Security Education Needs a Team: Better Partner Up!

Regulations, Fines and Legislation

BoE and regulators set out digital rules to cut cyber-attack risks – Mortgage Strategy

CISOs in 2025: Balancing security, compliance, and accountability - Help Net Security

Preparing for DORA Amidst Technical Controls Ambiguity 

GDPR landscape | Professional Security Magazine

More Spyware, Fewer Rules: What Trump’s Return Means for US Cyber Security | WIRED

How the Trump Administration May Reshape Security, Privacy

US doubles down support for UN cyber crime treaty | SC Media

The UN cyber crime convention threatens security research. The US should do something about it | CyberScoop

Will cyber suffer under Trump’s goal to slash federal budgets? - Government Executive

HISAA: New Legislation Would Bring Cyber Security Requirements for HIPAA Covered Entities and Business Associates | Epstein Becker & Green - JDSupra

Why Future-proofing Cyber Security Regulatory Frameworks Is Essential

Bank of England U-turns on Vulnerability Disclosure Rules - Infosecurity Magazine

Ambitious cyber security regulations leave companies in compliance chaos - Help Net Security

Rand Paul says he wants to eliminate cyber security agency but will likely reorganise it instead | Just The News

Washington's Cyber Security Storm of Complacency

Models, Frameworks and Standards

Preparing for DORA Amidst Technical Controls Ambiguity 

NIST publishes guide on due diligence for cyber supply chain risk management – DataBreaches.Net

GDPR landscape | Professional Security Magazine

HISAA: New Legislation Would Bring Cyber Security Requirements for HIPAA Covered Entities and Business Associates | Epstein Becker & Green - JDSupra

NIST says exploited vulnerability backlog cleared but end-of-year goal for full list unlikely

Data Protection

South Korea Fines Meta $15.7 Million For Collecting User Data - IT Security Guru

Careers, Working in Cyber and Information Security

Cyber security jobs are paying better than ever right now — but there are still some major issues | TechRadar

Veterans’ military skills can help them fill cyber vacancies, State official says - Nextgov/FCW

Has the Cyber Security Workforce Peaked?

4 reasons why veterans thrive as cyber security professionals - Help Net Security

How Generative AI Will Change Jobs In Cyber Security

Tips for a successful cyber security job interview - Help Net Security

Law Enforcement Action and Take Downs

Scattered Spider, BlackCat criminals claw back • The Register

Bitcoin Fog Founder Sentenced to 12 Years for Cryptocurrency Money Laundering

Here's what we know about the Snowflake data theft suspects • The Register

iPhones Seized by Cops Are Rebooting, and No One’s Sure Why

Man gets 10 years for stealing $20M in nest eggs from 400 US home buyers - Ars Technica

Charges Unsealed for Alleged Hackers of Snowflake Customers

Apple indeed added a feature called "inactivity reboot" in iOS 18.1 that reboots locked devices

New iOS Security Feature Reboots Devices to Protect User Data: Reports - SecurityWeek

Cyber crook devoid of boundaries gets 10-year prison stint • The Register

Bitfinex Hacker Sentenced to 5 Years, Guilty of Laundering $10.5 Billion in Bitcoin

IT specialist Jack Teixeira jailed for 15 years after leaking classified military documents on Discord

The UK will work with international partners to dismantle the cyber criminal ecosystem: UK statement at the UN Security Council - GOV.UK

Misinformation, Disinformation and Propaganda

German interior minister warns of cyber threat ahead of elections


Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare, Cyber Espionage and Geopolitical Threats/Activity

Cyber Warfare and Cyber Espionage

China’s Hacker Army Outshines America | Miami Herald

CISA, FBI Confirm China Hacked Telecoms Providers for Spying - SecurityWeek

Massive Telecom Hack Exposes US Officials to Chinese Espionage - Infosecurity Magazine

China-linked hackers stole surveillance data from telecom companies, US says | Reuters

Toolkit Vastly Expands APT41's Surveillance Powers

Nation State Actors

China

China’s Hacker Army Outshines America | Miami Herald

Chinese hacking effort is far more pervasive than previously reported, sources say - ABC News

US Gov Agency Urges Employees to Limit Phone Use After China ‘Salt Typhoon’ Hack - SecurityWeek

Volt Typhoon rebuilds malware botnet following FBI disruption

CISA, FBI Confirm China Hacked Telecoms Providers for Spying - SecurityWeek

Massive Telecom Hack Exposes US Officials to Chinese Espionage - Infosecurity Magazine

Breaking Down Earth Estries Persistent TTPs in Prolonged Cyber Operations | Trend Micro (US)

Toolkit Vastly Expands APT41's Surveillance Powers

TikTok Pixel Privacy Nightmare: A New Case Study

Russia

How a Windows zero-day was exploited in the wild for months (CVE-2024-43451) - Help Net Security

Windows Zero-Day Exploited by Russia Triggered With File Drag-and-Drop, Delete Actions - SecurityWeek

German interior minister warns of cyber threat ahead of elections

Households should keep enough cash on hand for three days, BoF says | Yle News | Yle

Pro-Russia Hackers Ramp Up Cyber Attacks on South Korea, Presidential Office Says - The Moscow Times

Iran

Adversarial advantage: Using nation-state threat analysis to strengthen US cyber security

TA455’s Iranian Dream Job Campaign Targets Aerospace with Malware - Infosecurity Magazine

Credit cards readers across Israeli stores crash in DDoS cyber attack - The Jerusalem Post

North Korea

North Korean hackers create Flutter apps to bypass macOS security

Lazarus Group Uses Extended Attributes for Code Smuggling in macOS - Infosecurity Magazine

Pro-Russian Groups Target South Korea as North Korea Joins Ukraine - Infosecurity Magazine

Other Nation State Actors, Hacktivism, Extremism, Terrorism and Other Geopolitical Threat Intelligence

1,400 Pegasus spyware infections detailed in WhatsApp’s lawsuit filings

More Spyware, Fewer Rules: What Trump’s Return Means for US Cyber Security | WIRED

How Italy became an unexpected spyware hub


Tools and Controls

48% of small businesses don’t offer cyber security training

Failed security controls cost businesses billions

The Role of Threat Intelligence in Preventing Ransomware - Security Boulevard

Identity Security Is The Cornerstone Of Modern Cyber Defence

Steps Organisations Can Take to Improve Cyber Resilience - Security Boulevard

How cyber security failures are draining business budgets - Help Net Security

Maximizing cyber security ROI: Best practices for CISOs today | TechRadar

API Security in Peril as 83% of Firms Suffer Incidents - Infosecurity Magazine

Machine Identities Outnumber Human Ones: 69% Of Companies Face Rising Security Risks"

Improve Your Organisation’s Data Security Posture- IT Security Guru

New iOS Security Feature Reboots Devices to Protect User Data: Reports - SecurityWeek

Cyber security network to make the UK safer and more resilient – UKRI

How Generative AI Will Change Jobs In Cyber Security

The ROI of Security Investments: How Cyber Security Leaders Prove It

Leveraging Threat Intelligence Feeds for Proactive Cyber Defence

80% Of Surveyed Businesses Don’t Have Plans For An AI-Related Crisis

Embracing The Future Of Cryptography And Identity Management

Redefining Cyber Resilience: Calculating the Human Factor | MSSP Alert

Experts Uncover 70,000 Hijacked Domains in Widespread 'Sitting Ducks' Attack Scheme

How Developers Drive Security Professionals Crazy

EU Ramps Up Cyber Resilience with Major Crisis Simulation Exercise - Infosecurity Magazine

Adversarial advantage: Using nation-state threat analysis to strengthen US cyber security

Enterprises look to AI to bridge cyber skills gap — but will still fall short | CSO Online

The UN cyber crime convention threatens security research. The US should do something about it | CyberScoop

Dependency Management is Critical for Disaster Recovery After a Security Incident | HackerNoon

5 BCDR Oversights That Leave You Exposed to Ransomware

Half of businesses now using AI for cyber security | theHRD

Bank of England U-turns on Vulnerability Disclosure Rules - Infosecurity Magazine

O2’s AI Granny Outsmarts Scam Callers with Knitting Tales - Infosecurity Magazine

This Pixel phone feature listens in on calls to protect you from scams | ZDNET



Vulnerability Management

Zero-days dominate top frequently exploited vulnerabilities - Help Net Security

Five Eyes nations reveal the top 15 most exploited flaws • The Register

NIST says exploited vulnerability backlog cleared but end-of-year goal for full list unlikely

NCSC on cyber threat landscape | Professional Security Magazine

Outdated PCs are Holes in Your Cyber Security Armor | Dell USA

Vulnerabilities

Microsoft Patch Tuesday security updates for November 2024 fix two actively exploited zero-days

HPE Patches Critical Vulnerabilities in Aruba Access Points - SecurityWeek

Veeam Patches High-Severity Vulnerability as Exploitation of Previous Flaw Expands - SecurityWeek

Patch Tuesday: Critical Flaws in Adobe Commerce, Photoshop, InDesign, Illustrator - SecurityWeek

Citrix Issues Patches for Zero-Day Recording Manager Bugs

Exploit code released for RCE attack on Citrix VDI solution • The Register

Palo Alto Advises Securing PAN-OS Interface Amid Potential RCE Threat Concerns

Critical Veeam RCE bug now used in Frag ransomware attacks

Fortinet Releases Security Updates for Multiple Products | CISA

Ivanti Patches 50 Vulnerabilities Across Several Products - SecurityWeek

High-Severity Vulnerabilities Patched in Zoom, Chrome  - SecurityWeek

Citrix, Fortinet Patch High-Severity Vulnerabilities - SecurityWeek

WordPress Security Plugin Vulnerability Endangers 4 Million+ Sites

High-severity Fortinet VPN flaw allows privilege escalation • The Register

CISA Flags Two Actively Exploited Palo Alto Flaws; New RCE Attack Confirmed

D-Link won’t fix critical flaw affecting 60,000 older NAS devices

Google Chrome Warning—New Drive-By Cyber Attack, No 0-Day Needed

Chipmaker Patch Tuesday: Intel Publishes 44 and AMD Publishes 8 New Advisories - SecurityWeek

High-Severity Flaw in PostgreSQL Allows Hackers to Exploit Environment Variables

Unpatched Flaw in Legacy D-Link NAS Devices Exploited Days After Disclosure   - SecurityWeek

D-Link won’t fix critical bug in 60,000 exposed EoL modems

To patch a dangerous flaw, Pixel users need to install the November security update ASAP - PhoneArena


Sector Specific

Industry specific threat intelligence reports are available.

Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.

·       Automotive

·       Construction

·       Critical National Infrastructure (CNI)

·       Defence & Space

·       Education & Academia

·       Energy & Utilities

·       Estate Agencies

·       Financial Services

·       FinTech

·       Food & Agriculture

·       Gaming & Gambling

·       Government & Public Sector (including Law Enforcement)

·       Health/Medical/Pharma

·       Hotels & Hospitality

·       Insurance

·       Legal

·       Manufacturing

·       Maritime & Shipping

·       Oil, Gas & Mining

·       OT, ICS, IIoT, SCADA & Cyber-Physical Systems

·       Retail & eCommerce

·       Small and Medium Sized Businesses (SMBs)

·       Startups

·       Telecoms

·       Third Sector & Charities

·       Transport & Aviation

·       Web3


Contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.

Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.

You can also follow us on Facebook, Twitter and LinkedIn.

Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.

Previous
Previous

Black Arrow Cyber Threat Intelligence Briefing 22 November 2024

Next
Next

Black Arrow Cyber Advisory 13 November 2024 – Microsoft, Ivanti, Adobe, Fortinet, Citrix, AMD, Intel, Chrome and Zoom Security Updates