• Darknet Quarterly Review – Q4 2021

    The final quarter of 2021 saw disruption across the English-language darknet market landscape, with multiple well-established markets ceasing operations. This created a void that has yet to be filled. This quarter also saw the darknet forum RAMP experience significant growth, creating a new place for ransomware operators and cybercriminals to gather. Shifting Market Landscape In…

  • Geopolitical and Cybersecurity Weekly Brief – 10 January 2022

    In the Americas, on 6 January US Secretary of State Antony Blinken announced a travel ban on eight unnamed Cuban officials involved in a crackdown on anti-government protests in July 2021. In a statement, Blinken said that those who ‘jail peaceful protesters and sentence them to unjust prison terms must be held accountable’. Responding to…

  • Russia and Ukraine: avoiding war

    As 2021 draws to a close, there are increasing fears around the world that Russia is planning to invade Ukraine in an effort to prevent its former ally from moving further towards the West and possibly even joining the NATO military alliance. The tensions between these two former Soviet states are now at a critical…

  • Geopolitical and Cybersecurity Weekly Brief – 6 December 2021

    In the Americas, a suspected Chinese advanced persistent threat (APT) group has over the past three months breached four US defence and technology firms, it was revealed on 2 December. Globally at least 13 organisations across industries including defence, health care, energy, and transportation have been breached. The report indicates an escalation in alleged cyber-espionage…

  • Exploring the threat of cyberattacks on businesses

    Kevin McMahon, CEO of Cyjax Limited, discusses the ever-looming threat of cyberattacks facing small and medium-sized businesses today. In March 2021, an important new report on national defence and foreign policy in the UK was published – ‘Global Britain in a Competitive Age’.1 While in the report there is a focus on traditional forms of…

  • Ransomware Review – November 2021

    The Snatch ransomware operators, a group that began operating in 2019 and disappeared in 2020, has resurfaced after almost a year of silence. The group has created a new leaks blog and has already added 10 new victims. They are also one of the multiple groups about which Native American tribes have been warned. An…

  • Honeywell Experion PKS vulnerabilities – What are they? How do they affect your business?

    Honeywell creates and develops a wide range of products used across sectors, including manufacturing and industry. Researchers recently discovered three vulnerabilities affecting the Honeywell Experion Process Knowledge System (PKS), two of which were rated as critical. Experion PKS is a distributed control system (DCS) used for the automation of production lines and industrial processes. The…

  • Geopolitical and Cybersecurity Weekly Brief – 15 November 2021

    In the Americas, US President Joe Biden announced a one-year extension to a ban on US investments in some Chinese companies owned or controlled by China’s military. The move, which extends a policy first imposed by the Trump administration, affects 59 Chinese firms including telecoms giant Huawei, chipmaker SMIC, and oil group CNOOC. Multinational wholesale…

  • Ransomware Review – October 2021

    In late October, the operators of the REvil (also known as Sodinokibi) ransomware announced they were shutting down their operations due to an infrastructure compromise. Subsequently, it was confirmed that this compromise was conducted as part of a joint operation by multiple law enforcement and intelligence agencies from various countries. The initial takedown of REvil…

  • Geopolitical and Cybersecurity Weekly Brief – 8 November 2021

    In this week’s monitoring brief, US-China relations revolved around technology and security. During the reporting period, FBI Director Chris Wray revealed that the majority of cyberattacks against American companies originated from China, warning that these attacks are becoming increasingly sophisticated. There has been a rising trend with attack or espionage operations vectoring into an organisation’s…

  • Cyjax research sees TeamTNT added to Mitre ATT&CK framework

    A wide variety of malware and threat actors target cloud and container technologies, such as Docker, Kubernetes, and Amazon Web Services. The two main techniques for initial access that are leveraged by threat actors against these technologies are misconfigured instances with unsafe ports open and improper access control, and users downloading malicious versions of popular…

  • Geopolitical and Cybersecurity Weekly Brief – 2 November 2021

    In the Americas, Michigan-based automaker Ford announced it will halt production at its plant in Hermosillo, Sonora state, from 1 to 5 November amid unspecified material shortages. While the union’s statement does not name the materials in short supply, they are highly likely to be semiconductors amid an ongoing global chip shortage which has significantly…

Scroll to Top