Welcome to this week’s Black Arrow Cyber Threat Briefing – a weekly digest, collated and curated by our cyber experts to provide senior and middle management with an easy to digest round up of the most notable threats, vulnerabilities, and cyber related news from the last week.

Top Cyber Stories of the Last Week

Cloud Hosting Firm Loses All Customer Data After Ransomware Attack

CloudNordic, a Danish cloud hosting provider, has told customers to consider all of their data as having been lost following a ransomware infection that encrypted the large Danish cloud provider. The threat actors had destroyed the organisation’s backups, which prevented the firm from recovering effectively. The attack also impacted AzeroCloud, which is owned by the same company.

Worryingly, many organisations believe that having backups and using the cloud is enough for them to be able to recover from any cyber incident; unfortunately, as shown in the CloudNordic and AzeroCloud attacks, it is not enough. Organisations need to have a recovery plan in place which is tested and improved, to best strengthen themselves in the event of a cyber incident.

Sources: [The Register] [Bleeping Computer] [Help Net Security]

Would You Infect Others to Rid Yourself of Ransomware?

Hackers continually develop ransomware with new and creative attack methods that keep internet security professionals on their toes and pose challenges for people trying to detect threats. Victims of ransomware usually see messages asking them to pay for file access restoration; however, the Popcorn Time ransomware group takes a different approach to getting victims involved.

The Popcorn Time ransomware approach works via the referral method. The ransomware group is willing to give victims access to their files if they send the referral link to two other people, extending the attacker’s reach. Most people would hesitate to distribute a ransomware link through email, WhatsApp, or another method that is easy for victims to identify them as the perpetrators. Law enforcement bodies categorise ransomware attacks as crimes that come with hefty fines and prison time. Even those choosing to send the links to people they know face disastrous consequences beyond law enforcement, including the loss of jobs and relationships.

Source: [CyberNews]

Artificial Intelligence and USBs Drive 8% Rise in Cyber Attacks

Checkpoint’s 2023 Mid-Year Security Report shows an 8% surge in global weekly cyber attacks during Q2, marking the most significant increase in two years. The report highlights the fusion of advanced artificial intelligence (AI) technology with traditional tools like USB devices used for disruptive cyber attacks.

Other significant findings include the evolution of ransomware tactics. The report found that ransomware groups are exploiting vulnerabilities in common corporate software and shifting focus from encrypting data to stealing it. USB devices have resurfaced as threats, employed by both state-affiliated groups and cyber-criminals to distribute malware globally. The misuse of AI has escalated, as attackers use generative AI tools for phishing emails, keystroke monitoring malware and basic ransomware code.

Source: [InfoSecurity Magazine]

Ransomware Attacks Broke Records in July, Mainly Driven By One Group

A number of ransomware actors are utilising the threat of releasing sensitive data to get organisations to pay ransoms; in some cases this is combined with encryption to give the actor two avenues of payment. A report has found there were over 500 attacks last month, an increase of 153% compared to one year ago, and a 16% increase compared to June. Within Europe, there was a 59% increase in ransomware attacks from June to July.

Part of the significant rise is due to the ransomware group called Cl0p, whose attack on the MOVEit software has accounted for hundreds of victims this year. The Cl0p ransomware group has kept its promise to publish files on the clearweb of all its victims if contact was not made. The clearweb is simply what we know as the internet; anyone can access it. As such, there will be many organisations who are now having their sensitive data published and readily viewable for anyone who has access to the internet.

Sources: [Gov Info Seccurity] [Security Week] [ZDNET] [Cyber News]

Cyber Risk in The Boardroom

The relationship between the CISO and the wider boardroom has become increasingly cooperative, with 77% of CEO’s seeing cyber as a strategic function and a potential source of competitive advantage. While it is ultimately up to the board to take steps to keep cybersecurity high on the agenda, the CISO also has a responsibility to press the message and bridge any gaps.

CISOs must deliver concerns, strategies and recommendations in a business-first manner, while avoiding jargon and overly technical language. Attracting and retaining good quality senior security professionals is very challenging in the current market and Black Arrow offer a fractional CISO service, giving access to a whole team of specialists with wider expertise, experience and backgrounds, for less than the cost of hiring one individual.

Sources: [Security Week] [TechRadar]

Malware-Infected Advertising Grows Ever More Sophisticated, And More Damaging

The malware exploits known as malware-infected ads, or malvertising, have been around for decades, but new reports point to a steady rise in efficacy. With malvertising, the infected ads are typically placed on legitimate ad networks, which makes them more difficult to spot and remove. The technique continues to use more and more sophisticated mechanisms for getting their infections spread throughout the web and keeping them running for a long time. The exploits can operate in one of several ways, including intercepting a user’s clickstream on random hyperlinks and substituting them with redirects to advertising websites.

Adblockers either on endpoints or at the network level can also help to prevent malvertising from causing harm.

Source: [SiliconAngle]

Cyber Security is Everyone’s Responsibility

A recent survey found that 41% of respondents said that poor quality training, or a lack of training altogether, and insider threats were impacting their organisation’s security. Cyber security involves everyone as any employee can be an entry point for a cyber incident, but they also have the power to prevent one. It is important to make sure all employees are provided adequate training. Not every role requires the same training however, so it is important for organisations to identify and provide training that is appropriate to employees. Black Arrow provide live in person and online instructor lead cyber security training, both through Cyber Risk and Governance Workshops for Senior Leadership and Awareness, Behaviour and Culture Training for employees and contractors.

Source: [IT Pro Today]

QR Code Hacks Are Another Thing to Worry About Now

One of the upcoming technologies thrust upon us is QR codes. At this point, you can find them at most restaurants and parking sites. You simply scan the code and you are taken to the relevant site, for example, the menu for the restaurant. Attackers have cottoned on to this and started to use QR codes in phishing attacks; the idea being that the victim will scan the code without scrutinising it and be taken to a malicious website instead.

Source: [Bloomberg]

Security Basics Aren’t So Basic Anymore

The basics of cyber security, it turns out, aren’t so basic anymore. What was considered basic has moved way beyond just having firewalls and antivirus, and the most basic controls nowadays include more advanced controls such as robust identity and access management, multi-factor authentication (MFA) and patching and vulnerability management. Many of these now basic controls are lacking or non-existent across the economy according to cyber security experts. A report found that only 28% of Microsoft users had MFA enabled as 2022 closed.

You can’t solve all the problems at once. However, progress on these fronts also relies heavily on the need for a cultural shift. Organisations need to get to the point where they view cyber security in the same light as locks on doors and seatbelts in cars.

Source: [CioDive]

Apple MacOS Security Myths

Apple has maintained a reputation as being more secure than other manufacturers, and whilst Apple has put many different security mechanisms into its operating system, no technology is bulletproof. Assuming an Apple device is invulnerable can lead users to believe that their Mac will not get viruses or be subject to a plethora of other cyber threats. As a result, this can lead to poor cyber hygiene from the individual, as they assume they are safe regardless of what they do. Apple users need to remain every bit as aware of risks, social engineering, keeping devices up to date, and having appropriate security controls.

Source: [Huntress]

Security Leaders Report Misalignment of Investments and Risk Reduction

The cyber risk landscape was analysed in a recent report that examined the amount of risk that organisations are willing to accept, their resource constraints and key priorities for approaching cyber risk in the future. The report found 66% of respondents indicating that they have limited visibility and insight into their cyber risk profiles, hindering their ability to prioritise investments and allocate resources effectively. 67% of organisations experienced a breach requiring attention within the last two years despite having traditional threat-based security measures in place. Further, 61% of security executives expressed concerns over the current misalignment between cyber security investments and their organisation's risk reduction priorities.

Source: [InfoSecurity Magazine]

Many CISOs Tout SaaS (Cloud) Cyber Security Confidence, but 79% Admit to Incidents

Cyber security, IT, and business leaders alike recognise SaaS (cloud) cyber security as an increasingly important part of the cyber threat landscape. And at first glance, respondents appear generally optimistic about their SaaS cyber security as 85% answered that they are confident or very confident in their company's or customer's data security in sanctioned SaaS apps.

Despite the confidence, 79% of respondents confirmed that their organisation had identified SaaS cyber security incidents over the past 12 months. Many of those incidents occurred in environments with cyber security policies in place and enforced, as 66% of respondents claimed in their responses.

Source: [The Hacker News]

If You Ever Used Duolingo, Watch Out for Phishing Email

Users of Duolingo, past and present, should be wary of phishing emails as data on about 2.6 million accounts were scraped through an exposed application programming interface (API), and then offered on a hacking forum back in January. Login and real names, email addresses, phone numbers, and courses studied were part of the collection, which went for $1,500. Now that data has resurfaced on a different forum, and at a substantially lower cost of just a few dollars, users of the service can expect this data to be used in fresh phishing campaigns.

Source: [PCWorld]

91% of Security and IT Professionals: Criminals are Already Using AI in Email Attacks

Recent research found that 91% of security and IT professionals are noticing cyber criminals already using AI as part of email attack campaigns, with 74% indicating they have experienced an increase in the use of AI by cyber criminals in the past six months. This is worrying as 52% reported that email security is among one of their top three concerns.

Organisations need to make sure that their technologies, procedures and policies are updated to factor in AI-enabled email attacks to help reduce the risk they pose to the organisation. Such improvements should also include employees.

Source: [PR Newswire]

Governance, Risk and Compliance

• Cyber security 'number one on the agenda in boardrooms,' Cramer says (cnbc.com)

• Firms have mere hours to deflect cyber attacks, warns cyber security CEO (cointelegraph.com)

• The End of “Groundhog Day” for the Security in the Boardroom Discussion? - SecurityWeek

• Cyber risk: the view across the boardroom table | TechRadar

• Too many businesses struggling to hire and retain talent, amplifying security risks – Digital Journal

• How Cyber Security Leaders Can Help Lower Expenses While Reducing Risk (informationweek.com)

• Who’s Your Next Cyber Chief? Good Question. (wsj.com)

• Cyber crime: A Multi-Billion-Dollar Industry (thecyberwire.com)

• How the downmarket impacted enterprise cyber security budgets - Help Net Security

• What is Risk Analysis? | Definition from TechTarget

• When Leadership Style Is a Security Risk (darkreading.com)

• The Changing Landscape of Cyber Security Education (inforisktoday.com)

• Protect Your Cyber Security Budget and Your Organisation | Dell USA

• Rapid cyber attacks demand modernised security, says Palo Alto CEO (crypto.news)

• Cyber security Is Everyone’s Responsibility | ITPro Today: IT News, How-Tos, Trends, Case Studies, Career Tips, More

• The Cost of 'Good Enough' Security - GovInfoSecurity

Threats

Ransomware, Extortion and Destructive Attacks

• Cl0p dumps all MOVEit victim data on clearnet, threat insiders talk ransom strategy | Cybernews

• Cuba ransomware gang looking for unpatched Veeam installations: Report | IT Business

• Ransomware attacks broke records in July, mainly driven by this one group | ZDNET

• Hosting firm says it lost all customer data after ransomware attack (bleepingcomputer.com)

• FE News | 70% of secondary schools have experienced a cyber incident. BIP shares three ways they can protect against attacks ahead of results day

• Cyber Attacks have left some hospital computers offline for 2 weeks, closing ERs and postponing surgeries

• Continued MOVEit Exploitation Drives Record Ransomware Attacks - Infosecurity Magazine (infosecurity-magazine.com)

• Would You Infect Others to Rid Yourself of Ransomware? (makeuseof.com)

• How Application Allowlisting Combats Ransomware Attacks (securityintelligence.com)

• Akira ransomware gang spotted targeting Cisco VPN products to hack organisations-Security Affairs

• Scarab Ransomware Deployed Worldwide Via Spacecolon Toolset - Infosecurity Magazine (infosecurity-magazine.com)

• Why Ransomware Gangs Opt for Encryption-Less Attacks (govinfosecurity.com)

• MOVEit Health Data Breach Tally Keeps Growing (inforisktoday.com)

• British intelligence is tipping off ransomware targets to disrupt attacks (therecord.media)

• What the Hive Ransomware Case Says About RaaS and Cryptocurrency (darkreading.com)

• 6 Ransomware Trends & Evolutions For 2023 (trendmicro.com)

• New Study Sheds Light on ADHUBLLKA Ransomware Network - Infosecurity Magazine (infosecurity-magazine.com)

• North Korea ready to cash out more than $40 million in Bitcoin after summer of attacks, warns FBI | Tripwire

• Ransomware dwell time hits new low - Help Net Security

• Three trends to watch in the growing threat landscape (betanews.com)

Ransomware Victims

• Cl0p dumps all MOVEit victim data on clearnet, threat insiders talk ransom strategy | Cybernews

• Hosting firm says it lost all customer data after ransomware attack (bleepingcomputer.com)

• Cyber attacks have left some hospital computers offline for 2 weeks, closing ERs and postponing surgeries

• BlackCat ransomware group claims the hack of Seiko network -Security Affairs

• Ransomware gang threatens Raleigh Housing Authority months after devastating attack (therecord.media)

• The Estée Lauder Cos. Addresses Cyber security Attack – WWD

• Mysterious Cyber Attack Shuts Down Yet More Telescopes For Weeks | IFLScience

• St Helens Council hit by suspected Ransomware cyber attack | St Helens Star

Phishing & Email Based Attacks

• 91% of security pros say cyber criminals are using AI in email attacks | Security Magazine

• Insurer Denies Coverage Under Professional Liability Policy for Lawyer’s Email Compromise | Robinson+Cole Data Privacy + Security Insider - JDSupra

• Cyber criminals turn to AI to bypass modern email security measures - Help Net Security

• New Generation of Phishing Hides Behind Trusted Services (securityintelligence.com)

• New phishing campaign recognised in Europe and South America | Security Magazine

• If you ever used Duolingo, watch out for phishing emails | PCWorld

• Open redirect flaws increasingly exploited by phishers - Help Net Security

• How to spot phishing on a hacked WordPress website | Kaspersky official blog

• The Dual Role of AI in Email Security - GovInfoSecurity

• New Telegram Bot "Telekopye" Powering Large-scale Phishing Scams from Russia (thehackernews.com)

• eBay Users Beware Russian 'Telekopye' Telegram Phishing Bot (darkreading.com)

• Phish in a Barrel: Real-World Cyber Attack Examples (govinfosecurity.com)

• Email Security: Top 5 Threats and How to Protect Your Business - ReadWrite

BEC – Business Email Compromise

• 91% of security pros say cyber criminals are using AI in email attacks | Security Magazine

• Breaking Down BEC: The Modern CISO’s Framework for Identifying, Classifying and Stopping Email Fraud (govinfosecurity.com)

Other Social Engineering; Smishing, Vishing, etc

• Blockchain Capital’s Bart Stephens Lost $6.3 Million In SIM-Swap Hack (forbes.com)

• What Is Virtual Kidnapping and How Can You Fight It? (makeuseof.com)

Artificial Intelligence

• 91% of Security and IT Professionals Agree Cyber Criminals are Already Using AI in Email Attacks, per Report from SlashNext and Osterman Research (prnewswire.com)

• Artificial Intelligence and USBs Drive 8% Rise in Cyber-Attacks - Infosecurity Magazine (infosecurity-magazine.com)

• Deceptive AI Bots Spread Malware, Raise Security Concerns - Infosecurity Magazine (infosecurity-magazine.com)

• Cyber criminals turn to AI to bypass modern email security measures - Help Net Security

• Compliance, Risk Management and Security Are Being Impact by Generative AI... But How? | The Fintech Times

• Tricks for making AI chatbots break rules are freely available online | New Scientist

• What Is Virtual Kidnapping and How Can You Fight It? (makeuseof.com)

• Generative AI Is Scraping Your Data. So, Now What? (darkreading.com)

• Fake versions of Google Bard are spreading malware | TechRadar

• AI and the evolution of surveillance systems - Help Net Security

• The Dual Role of AI in Email Security - GovInfoSecurity

• Thinking of Deploying Generative AI? You May Already Have (govinfosecurity.com)

• Three trends to watch in the growing threat landscape (betanews.com)

• Careful -- Hackers are targeting Google Bard ads for malware | Digital Trends

Malware

• Deceptive AI Bots Spread Malware, Raise Security Concerns - Infosecurity Magazine (infosecurity-magazine.com)

• Serious WinRAR Flaw Can Be Exploited to Launch Malware (pcmag.com)

• Hackers use VPN provider's code certificate to sign malware (bleepingcomputer.com)

• HiatusRAT Malware Resurfaces: Taiwan Firms and US Military Under Attack (thehackernews.com) Ask the Mac Guy: macOS Security Myths (huntress.com)

• New Variant of XLoader macOS Malware Disguised as 'OfficeNote' Productivity App (thehackernews.com)

• New "Whiffy Recon" Malware Triangulates Infected Device Location via Wi-Fi Every Minute (thehackernews.com)

• Researchers Uncover New Lazarus Group Malware Details | Decipher (duo.com)

Mobile

• New stealthy Android malware stumps antivirus, poses huge threat to phones, study reveals | Tech News (hindustantimes.com)

• Thousands of Android Malware Apps Using Stealthy APK Compression to Evade Detection (thehackernews.com)

• “Snakes in airplane mode” – what if your phone says it’s offline but isn’t? – Naked Security (sophos.com)

• Google wants to fight pre-installed Android malware | TechSpot

• Children and smartphones: How to protect and guide them from bullying, phishing and grooming – The Irish Times

Denial of Service/DoS/DDOS

• DDoS Attacks in H1 2023 Up 200% from 2022 According to New Zayo Data | Business Wire

Internet of Things – IoT

• TP-Link smart bulbs can let hackers steal your WiFi password (bleepingcomputer.com)

• When Your Home Security System Turns the Camera on You | The Epoch Times

• Anticipating the next wave of IoT cyber security challenges - Help Net Security

• The Physical Impact of Cyber Attacks on Cities (darkreading.com)

• Smart Cities: Utopian Dream, Security Nightmare, or Political Gimmick? - SecurityWeek

• Yes, Your Electric Vehicle Could Be Hacked - IEEE Spectrum

Data Breaches/Leaks

• Insurer Denies Coverage Under Professional Liability Policy for Lawyer’s Email Compromise | Robinson+Cole Data Privacy + Security Insider - JDSupra

• Tesla Data Breach Investigation Reveals Inside Job (darkreading.com)

• Leak of 75k staff records was insiders' fault, Tesla claims • The Register

• Guernsey CCTV investigation widened after more footage leaked | Bailiwick Express Jersey

• Scraped data of 2.6 million Duolingo users released on hacking forum (bleepingcomputer.com)

• Thousands of Charity Donors Have Details Leaked Onto Dark Web | The Epoch Times

• How a Christie’s website revealed where people kept their art | The Seattle Times

• Defence contractor Belcan leaks admin password with a list of flaws-Security Affairs

• Critical Insight Report: 15% Drop in Breaches, 31% Surge in Victims - Infosecurity Magazine (infosecurity-magazine.com)

• What lessons must be learned from the Electoral Register cyber attack? | theHRD (thehrdirector.com)

• 5 Early Warning Indicators That Are Key to Protecting National Secrets (darkreading.com)

• Sensitive Data of 10m at Risk After French Employment Agency Breach - Infosecurity Magazine (infosecurity-magazine.com)

• University of Minnesota Confirms Data Breach, Says Ransomware Not Involved - SecurityWeek

Organised Crime & Criminal Actors

• Check Point reveals 8% spike in global cyber attacks by mid-2023 (securitybrief.co.nz)

• Attack Dwell Times Fall but Threat Actors Are Moving Faster - Infosecurity Magazine (infosecurity-magazine.com)

• UK Court Convicts Lapsus$ Hacker for Breaching ISP BT and EE UPDATE - ISPreview UK

• Cyber crime: A Multi-Billion-Dollar Industry (thecyberwire.com)

• Bruce Schneier gets inside the hacker's mind | CyberScoop

• Hacking group KittenSec claims to 'pwn anything we see' to expose corruption | CyberScoop

• Ransomware dwell time hits new low - Help Net Security

Cryptocurrency/Cryptomining/Cryptojacking/NFTs/Blockchain

• Blockchain Capital’s Bart Stephens Lost $6.3 Million In SIM-Swap Hack (forbes.com)

• What the Hive Ransomware Case Says About RaaS and Cryptocurrency (darkreading.com)

• North Korea ready to cash out more than $40 million in Bitcoin after summer of attacks, warns FBI | Tripwire

Insider Risk and Insider Threats

• Leak of 75k staff records was insiders' fault, Tesla claims • The Register

• Police Insider Tipped Off Criminal Friend About EncroChat Bust - Infosecurity Magazine (infosecurity-magazine.com)

• Three trends to watch in the growing threat landscape (betanews.com)

• Phish in a Barrel: Real-World Cyber Attack Examples (govinfosecurity.com)

Fraud, Scams & Financial Crime

• Interpol arrest 14 who allegedly scammed $40m from victims • The Register

• Germany Hunts for Cyber Criminals Amid Billion-Euro Scams - Bloomberg

• Billion Dollar Heist: The simple typo that stopped the Bangladesh bank robbers from stealing $1 billion (ladbible.com)

• Sneaky Amazon Google ad leads to Microsoft support scam (bleepingcomputer.com)

• Blockchain Capital’s Bart Stephens Lost $6.3 Million In SIM-Swap Hack (forbes.com)

• Surge in identity crime victims reporting suicidal thoughts - Help Net Security

Impersonation Attacks

• How to spot phishing on a hacked WordPress website | Kaspersky official blog

Deepfakes

• What Is Virtual Kidnapping and How Can You Fight It? (makeuseof.com)

Insurance

• Insurer Denies Coverage Under Professional Liability Policy for Lawyer’s Email Compromise | Robinson+Cole Data Privacy + Security Insider - JDSupra

• Cyber security insurance is missing the risk - Help Net Security

• Cyber Security Insurance Market worth $17.6 billion by 2028 - Exclusive Report by MarketsandMarkets™ (prnewswire.com)

• Cyber Security Insurance Market Size & Share Analysis - (globenewswire.com)

• The Shifting Dynamics of Cyber Insurance - BankInfoSecurity

• Global Cyber Security Insurance Market to Reach USD 33.4 Billion by 2028, Driven by Rising Cyber Threats and Regulatory Compliance (prnewswire.com)

Dark Web

• Thousands of Charity Donors Have Details Leaked Onto Dark Web | The Epoch Times

Supply Chain and Third Parties

• New Chinese APT Group Launches Supply Chain Attacks - Infosecurity Magazine (infosecurity-magazine.com)

• New Supply Chain Attack Hit Close to 100 Victims—and Clues Point to China | WIRED

• Supply chain as kill chain | ITPro

Cloud/SaaS

• The Importance Of SaaS Backup And Disaster Recovery: Reasons To Consider (informationsecuritybuzz.com)

• Cloud hosting firms hit by devastating ransomware attack - Help Net Security

• Warning: Attackers Abusing Legitimate Internet Services (inforisktoday.com)

• How to conduct a cloud security assessment | TechTarget

• Maintaining consistent security in diverse cloud infrastructures - Help Net Security

• How API authentication vulnerabilities are at the center of cloud security concerns | CSO Online

• CISOs Tout SaaS Cyber Security Confidence, But 79% Admit to SaaS Incidents, New Report Finds (thehackernews.com)

• Lack of visibility into cloud access policies leaves enterprises flying blind - Help Net Security

• Cloud services are creating more cyber-risks for telcos   - Mobile Europe

Identity and Access Management

• Ongoing Duo outage causes Azure Auth authentication errors (bleepingcomputer.com)

• Cisco's Duo Security suffers major authentication outage • The Register

Encryption

• Apple security updates could be banned by British government (9to5mac.com)

API

• Understanding how attackers exploit APIs is more important than ever - Help Net Security

• How API authentication vulnerabilities are at the centre of cloud security concerns | CSO Online

Biometrics

• ICO publishes guidance on use of biometric data in the UK - Tech Monitor

• Is Facial Recognition Technology Becoming a Privacy Risk? (makeuseof.com)

• Facial Recognition Technology (FRT) Statistics for 2023 (techreport.com)

• Biometric payment systems raise privacy concerns (iapp.org)

Social Media

• Global warning issued on social media data scraping (iapp.org)

Malvertising

• Sneaky Amazon Google ad leads to Microsoft support scam (bleepingcomputer.com)

• Malware-infected advertising grows ever more sophisticated, and lethal - SiliconANGLE

• Careful -- Hackers are targeting Google Bard ads for malware | Digital Trends

Training, Education and Awareness

• 2023 Cyber Security Awareness Month Appeal: Make Online Security Easier (govtech.com)

• The Changing Landscape of Cyber Security Education (inforisktoday.com)

Parental Controls and Child Safety

• Report reveals insights on cyber security conversations with children | Security Magazine

• Children and smartphones: How to protect and guide them from bullying, phishing and grooming – The Irish Times

Cyber Bullying, Cyber Stalking and Sextortion

• Nearly a third of young people preyed on by "text pest" delivery drivers (bitdefender.com)

Regulations, Fines and Legislation

• Apple security updates could be banned by British government (9to5mac.com)

• How EU lawmakers can make mandatory vulnerability disclosure responsible - Help Net Security

• Cyber Security Laws and Regulations in Germany | UpGuard

• Morgan Stanley Fined for UK Energy Trading WhatsApp Breach (yahoo.com)

• New NCUA Rule Requires Swift Cyber Incident Reporting - Infosecurity Magazine (infosecurity-magazine.com)

• SEC Cyber Security Rules: Considerations for Incident Response Planning | Holland & Knight LLP - JDSupra

• Controversial Cyber crime Law Passes in Jordan (darkreading.com)

• Experian Pays $650,000 to Settle Spam Claims - Infosecurity Magazine (infosecurity-magazine.com)

• Strengthening Cyber Security In Finance: A Look At EU DORA Regulations (forbes.com)

• Proposed bill would require vulnerability disclosure policies for all federal contractors (therecord.media)

Backup and Recovery

• The Importance Of SaaS Backup And Disaster Recovery: Reasons To Consider (informationsecuritybuzz.com)

Data Protection

• ICO publishes guidance on use of biometric data in the UK - Tech Monitor

• Experian Pays $650,000 to Settle Spam Claims - Infosecurity Magazine (infosecurity-magazine.com)

Careers, Working in Cyber and Information Security

• Too many businesses struggling to hire and retain talent, amplifying security risks – Digital Journal

• Unrealistic expectations exacerbate the cyber security talent shortage - Help Net Security

• It's Time to Approach The Cyber Security Skills Gap Differently - IT Security Guru

• How To Become Chief Information Security Officer - The Economic Times (indiatimes.com)

• 4 ways simulation training alleviates team burnout - Help Net Security

• Government Urges More Students to Be Cyber Explorers - Infosecurity Magazine (infosecurity-magazine.com)

• Tens of thousands of students receive free training to build cyber skills - The Business Magazine

• 90% of Consumers Worry Cyber Security’s Future Is in Jeopardy if Students Aren’t Exposed to the Field at an Earlier Age - IT Security Guru

• 5 Ways SMBs Can Bridge the Cyber Security Skills Gap | Mimecast

• The Importance of Accessible and Inclusive Cyber Security (securityintelligence.com)

Law Enforcement Action and Take Downs

• Interpol arrest 14 who allegedly scammed $40m from victims • The Register

• UK Court Convicts Lapsus$ Hacker for Breaching ISP BT and EE UPDATE - ISPreview UK

• Two dozen arrested, hundreds of malicious IPs taken down in African cyber crime operation | CyberScoop

• Germany Hunts for Cyber Criminals Amid Billion-Euro Scams - Bloomberg

• Police Insider Tipped Off Criminal Friend About EncroChat Bust - Infosecurity Magazine (infosecurity-magazine.com)

Privacy, Surveillance and Mass Monitoring

• Is Facial Recognition Technology Becoming a Privacy Risk? (makeuseof.com)

• When Your Home Security System Turns the Camera on You | The Epoch Times

• Biometric payment systems raise privacy concerns (iapp.org)

• AI and the evolution of surveillance systems - Help Net Security

Nation State Actors, Advanced Persistent Threats (APTs), Cyber Warfare and Cyber Espionage

Russia

• Intelligence agencies warn foreign spies are targeting US space companies - Times of India (indiatimes.com)

• Incident response lessons learned from the Russian attack on Viasat | CSO Online

• Ukrainian hackers claim to leak emails of Russian parliament deputy chief (therecord.media)

• New Telegram Bot "Telekopye" Powering Large-scale Phishing Scams from Russia (thehackernews.com)

China

• Mounting Cyber Espionage and Hacking Threat from China - Modern Diplomacy

• Cyberespionage campaign by China's Ministry of State Security. CSRB will look into cyberespionage against Microsoft Exchange. Attacks against industrial systems. Threats to satellite communications. (thecyberwire.com)

• HiatusRAT Malware Resurfaces: Taiwan Firms and US Military Under Attack (thehackernews.com)

• New Chinese APT Group Launches Supply Chain Attacks - Infosecurity Magazine (infosecurity-magazine.com)

• New Supply Chain Attack Hit Close to 100 Victims—and Clues Point to China | WIRED

• Exposed: the Chinese spy using LinkedIn to hunt UK secrets (thetimes.co.uk)

• FBI: Suspected Chinese actors continue Barracuda ESG attacks | TechTarget

• Microsoft says Chinese hacking crew is targeting Taiwan | CyberScoop

• US space companies face foreign spy threat, intelligence agencies say (usatoday.com) 

North Korea

• N. Korean Kimsuky APT targets S. Korea-US military exercises-Security Affairs

• Researchers Uncover New Lazarus Group Malware Details | Decipher (duo.com)

• North Korea ready to cash out more than $40 million in Bitcoin after summer of attacks, warns FBI | Tripwire

Misc/Other/Unknown

• Syrian Threat Actor EVLF Unmasked as Creator of CypherRAT and CraxsRAT Android Malware (thehackernews.com)

Vulnerability Management

• NCSC issues warning on cyber vulnerabilities (ukdefencejournal.org.uk)

• How EU lawmakers can make mandatory vulnerability disclosure responsible - Help Net Security

Vulnerabilities

• Juniper Networks fixes flaws leading to RCE in firewalls and switches - Help Net Security

• Serious WinRAR Flaw Can Be Exploited to Launch Malware (pcmag.com)

• Ivanti issues fix for third zero-day flaw exploited in the wild | TechTarget

• Ivanti Ships Urgent Patch for API Authentication Bypass Vulnerability - SecurityWeek

• FBI: Patches for Recent Barracuda ESG Zero-Day Ineffective - SecurityWeek

• GDS: Microsoft, Intel confirm "Downfall" of 7th, 8th, 9th, 10th, 11th Gen CPUs, firmware out - Neowin

• Critical Adobe ColdFusion Flaw Added to CISA's Exploited Vulnerability Catalog (thehackernews.com)

• 3,000 Openfire Servers Exposed to Attacks Targeting Recent Vulnerability - SecurityWeek

• Western Digital patches potentially dangerous security flaw, so update now | TechRadar

Tools and Controls

• The Importance Of SaaS Backup And Disaster Recovery: Reasons To Consider (informationsecuritybuzz.com)

• How Cyber Security Leaders Can Help Lower Expenses While Reducing Risk (informationweek.com)

• Security leaders report misalignment of investments and risk reduction | Security Magazine

• Cyber security insurance is missing the risk - Help Net Security

• Cyber security Insurance Market worth $17.6 billion by 2028

• Bolstering Cyber Security: Why Browser Security Is Crucial (inforisktoday.com)

• How Application Allowlisting Combats Ransomware Attacks (securityintelligence.com)

• The Vanishing Data Loss Prevention (DLP) Category - IT Security Guru

• Cyber Security: CASB vs SASE-Security Affairs

• Unveiling the Hidden Risks of Routing Protocols (darkreading.com)

• Hackers use VPN provider's code certificate to sign malware (bleepingcomputer.com)

• Network detection and response in the modern era - Help Net Security

• What’s Beyond SASE? The Next Steps (informationsecuritybuzz.com)

• Prevention First: Don’t Neglect Endpoint Security | CSO Online

• More Than Half of Browser Extensions Pose Security Risks (darkreading.com)

• Protect Your Cyber Security Budget and Your Organisation | Dell USA

• How the downmarket impacted enterprise cyber security budgets - Help Net Security

• Compliance, Risk Management and Security Are Being Impact by Generative AI... But How? | The Fintech Times

• SEC Cyber Security Rules: Considerations for Incident Response Planning

• How to conduct a cloud security assessment | TechTarget

• Maintaining consistent security in diverse cloud infrastructures - Help Net Security

• How API authentication vulnerabilities are at the centre of cloud security concerns | CSO Online

• The Needs of a Modernized SOC for Hybrid Cloud (securityintelligence.com)

• 2023 Cyber Security Awareness Month Appeal: Make Online Security Easier (govtech.com)

• The MOVEit hack and what it taught us about application security (bleepingcomputer.com)

• The Changing Landscape of Cyber Security Education (inforisktoday.com)

• The Dual Role of AI in Email Security - GovInfoSecurity

• Akamai Survey Finds Third-Party Defences Help Reduce Risk from Online Threats (prnewswire.com)

• The Shifting Dynamics of Cyber Insurance - BankInfoSecurity

• Global Cyber Security Insurance Market to Reach USD 33.4 Billion by 2028, Driven by Rising Cyber Threats and Regulatory Compliance (prnewswire.com)

• 5 Best Practices for Implementing Risk-First Cyber Security (darkreading.com)

• What's Going on With LastPass, and is it Safe to Use? (securityintelligence.com)

• Malicious web application transactions skyrocket 500% (securitybrief.co.nz)

Other News

• Our health care system may soon receive a much-needed cyber security boost | Ars Technica

• Swan Retail cyber attack: 300 retailers crippled by breach (techmonitor.ai)

• Cyber Attackers lie in wait as federal tech agencies brace for a mass exit of top officials - Washington Times

• Cyber Attack on Energy One affects corporate systems in Australia and the UK | CSO Online

• Vendors criticize Microsoft for repeated security failings | TechTarget

• Microsoft's become a cyber security titan. That could be a problem - Tech Monitor

• Global Naval Communication Market Research Report (globenewswire.com)

• The CSO guide to top security conferences | CSO Online

• IT's rising role in physical security technology - Help Net Security

• Construction businesses are at risk as nation-state attacks are on the rise - Construction & Civil Engineering magazine (ccemagazine.com)

• Hackers knocked out San Francisco's main real estate database | Fortune

• Microsoft's 6 Biggest Hacks: Is Better Security Needed? (makeuseof.com)

Sector Specific

Industry specific threat intelligence reports are available.

Contact us to receive tailored reports specific to the industry/sector and geographies you operate in.

·         Automotive

·         Construction

·         Critical National Infrastructure (CNI)

·         Defence & Space

·         Education & Academia

·         Energy & Utilities

·         Estate Agencies

·         Financial Services

·         FinTech

·         Food & Agriculture

·         Gaming & Gambling

·         Government & Public Sector (including Law Enforcement)

·         Health/Medical/Pharma

·         Hotels & Hospitality

·         Insurance

·         Legal

·         Manufacturing

·         Maritime

·         Oil, Gas & Mining

·         OT, ICS, IIoT, SCADA & Cyber-Physical Systems

·         Retail & eCommerce

·         Small and Medium Sized Businesses (SMBs)

·         Startups

·         Telecoms

·         Third Sector & Charities

·         Transport & Aviation

·         Web3

As usual, contact us to help assess where your risks lie and to ensure you are doing all you can do to keep you and your business secure.

Look out for our ‘Cyber Tip Tuesday’ video blog and on our YouTube channel.

You can also follow us on Facebook, Twitter and LinkedIn.

Links to articles are for interest and awareness and linking to or reposting external content does not endorse any service or product, likewise we are not responsible for the security of external links.