Among the range of data leak sites monitored by JUMPSEC, our attention has been drawn to a recent variant called “UnSafeLeaks”, due to its distinctively malicious and personalised approach, setting it apart from typical leak sites that focus primarily on explicit financial extortion. Perhaps more remarkably, a number of targeted organisations also appear to have previously been compromised by closely affiliated groups, suggesting the potential re-extortion of victim organisations.
Having recently finished an extensive and eye-opening purple team engagement, I took some time to reflect on the sheer amount of ground that we had covered in just 6 short weeks.
As Aviation, Maritime, Rail and Road transport organisations are reportedly experiencing increased levels of ransomware activity across Europe as per ENISA’s recent report, JUMPSEC analysts have combined the findings with JUMPSEC’s attacker reported data scraped from a variety of sources (including the dark web) providing further context to the risks currently posed to European transport organisations.
This vector abuses Microsoft Direct Send service in order to propagate phishing emails from an external sender to an internal user, whilst spoofing the properties of a valid internal user. This “feature” has existed since before 2016. However, threat intelligence available to JUMPSEC has only observed it being abused recently.
Matt Lawrence, Head of Defensive Security, and Dan Green, Head of Solutions, write about why compromise is inevitable – and the practical steps that organisations can take to build a security operating model capable of weathering the storm of cyber threats today.
Matt Lawrence, Head of Defensive Security, and Dan Green, Head of Solutions, write about why compromise is inevitable – and the practical steps that organisations can take to build a security operating model capable of weathering the storm of cyber threats today.
To cope with increasingly costly pay-outs, providers are redefining the terms of cyber insurance to reduce their exposure. The implications could spell myriad changes for the cyber security industry. Whatever the outcome, it’s time for organisations to re-evaluate whether their policy will cover them against the attacks they are most susceptible to.
In a key bulletin published in August 2022, Tony Chaudhry, the Underwriting Director of Lloyds, addressed the risk posed by cyber security threats to the insurance industry, stating that “losses have the potential to greatly exceed what the insurance market is able to absorb”.