Welcome to this week’s Cyber Threat Intelligence Summary, where we bring you the latest updates and insights on significant cyber threats. This edition covers zero-day exploits advertised on a cybercriminal forum, a new AI threat taxonomy from Google DeepMind, and a newly identified side-channel attack method called SnailLoad.

To find out, check out Episode 23 of the Cyjax Geopolitical and Cybersecurity Podcast. Here’s a summary of what’s on the table…

Welcome to this week’s Cyber Threat Intelligence Summary, where we bring you the latest updates and insights on significant cyber threats. This edition analyses cyberattacks related to a new malware campaign targeting Docker APIs, a Phishing-as-a-Service platform attacking Microsoft 365, and an analysis of the cyberespionage group UNC3886.

Welcome to this week’s Cyber Threat Intelligence Summary, where we bring you the latest updates and insights on significant cyber threats. This edition analyses cyberattacks related to the Israel-Palestine conflict, global DNS probing by a Chinese threat actor, and a significant data leak involving the New York Times.

Welcome to this week’s Cyber Threat Intelligence Summary, where we bring you the latest updates and insights on significant cyber threats. This edition covers an alleged data breach at Ticketmaster, a cyberattack on Synnovis affecting London hospitals, and a data breach disclosed by the BBC. The full reports are available to CYMON users. Request access here.

From late 2023 and into 2024, the ransomware ecosystem has become more diverse than ever, with an ever-expanding cast of extortion groups. Established players continue to compromise large companies globally, while smaller, newer groups are breaking into the scene with increasing frequency. From January to mid-May 2024 alone, 22 new ransomware groups emerged. In comparison, only 22 groups emerged during the entire two-and-a-half-year period between January 2018 and August 2020.

This blog provides a comprehensive update on a major data breach at the UK Ministry of Defence, a strategic shift in ransomware targets towards smaller businesses, and the increasing utilisation of generative AI in cybercrime.

The realm of hacktivism is rapidly expanding, its contours continually shifting and adapting to the geopolitical climate. Within this dynamic landscape, specific regions and industry sectors face heightened risks. Hacktivism, by its very essence, thrives in the public eye, as its actors strive to effect political or social change.

One issue that is raised frequently is the way in which security or IT teams struggle to speak the “business language” to members of the senior leadership that take the final decisions on spending and investment.

When it comes to cybersecurity and online protection, many regional ISP and telco providers are very late to the party to defend against malicious actors, like in the case of Russian APT groups. The COVID-19 crisis outlined the importance of the internet and computers. However, it also emphasized the importance of online security. One report showed that over 7.9 billion records had been exposed by data breaches from January to September of 2019.