Welcome to this week’s Cyber Threat Intelligence Summary, where we bring you the latest updates and insights on significant cyber threats. This edition covers the UK-based winter fuel payment scams, a China-linked telecom hack targeting US politicians, and a new Google Chrome flaw exploited by Lazarus.

Welcome to this week’s Cyber Threat Intelligence Summary, where we bring you the latest updates and insights on significant cyber threats. This edition covers the SuperShell malware targeting Linux SSH servers, an in-depth analysis of three Chinese-linked clusters responsible for cyberattacks in Southeast Asia, and CitrineSleet exploiting a zero-day Chromium vulnerability.

Hacktivism is by its very nature reactive, as it involves the use of computer-based techniques as a form of civil disobedience to promote a political agenda or social change. Groups conduct attacks in response to the actions of others, both to encourage or discourage these actions. With the emergence and developments of the Russia-Ukraine war and the Israel-Palestine conflict escalations, there has been a resurgence in hacktivism over the past few years.

In today’s increasingly digital world, cybercrime and online criminal activities pose significant threats to individuals, businesses, and governments alike. One of the most effective strategies in combating these threats is the comprehensive monitoring of criminal forums and platforms.

On Friday 19 July 2024, CrowdStrike suffered a serious outage in which over 8.5 million computers were taken offline. Whilst it may have first appeared to be a cyber-attack, it was actually a faulty update to CrowdStrike Falcon which led to computers crashing to a blue screen on boot. Many organisations were affected, and in some cases were unable to access computer systems for multiple hours.

As the threat landscape continues to develop, ransomware and data brokerage groups constantly emerge, develop, and disband. Cyjax observed a relatively high level of data-leak site (DLS) emergence in July 2024, with a total of nine new sites. For reference, the highest observed number of ransomware groups that have emerged in a single month is ten (September 2022).

By Olivia Betts and Adam Price In July 2024, CloudFlare identified that it can take cybercriminals as little as 22 minutes to weaponise a publicly available Proof-of-Concept (PoC) exploit following its release. The IT services management company noted an increase in scanning for disclosed Common and in attempts to weaponise available PoCs across 2023 and 2024.

Welcome to this week’s Cyber Threat Intelligence Summary, where we bring you the latest updates and insights on significant cyber threats. This edition covers a supply-chain attack conducted using Trojanized jQuery, the sale of fake Olympic Games tickets, and a phishing campaign targeting banking users in India.

The UK General Election marks a monumental time in UK politics. There has been a lot of internal tension regarding the future of the Conservatives, with a large majority of individuals voting to ensure that the party did not continue its 14 years in power. On 5 July 2024, Labour won the General Election in a major landslide victory for the party, putting them in power for the first time since 2010.

Welcome to this week’s Cyber Threat Intelligence Summary, where we bring you the latest updates and insights on significant cyber threats. This edition covers alleged access to high-revenue organisations advertised by IntelBroker, TransparentTribe targeting the gaming industry with spyware, and an analysis of the FakeBat loader.