Welcome to this week’s Cyber Threat Intelligence Summary, where we bring you the latest updates and insights on significant cyber threats. This edition covers an alleged data breach at Ticketmaster, a cyberattack on Synnovis affecting London hospitals, and a data breach disclosed by the BBC. The full reports are available to CYMON users. Request access […]
Weekly Cyber Threat Intelligence Summary Read More »
Introduction From late 2023 and into 2024, the ransomware ecosystem has become more diverse than ever, with an ever-expanding cast of extortion groups. Established players continue to compromise large companies globally, while smaller, newer groups are breaking into the scene with increasing frequency. From January to mid-May 2024 alone, 22 new ransomware groups emerged. In
Here, There, Ransomware: The Surge of New Ransomware Groups Read More »
This blog provides a comprehensive update on a major data breach at the UK Ministry of Defence, a strategic shift in ransomware targets towards smaller businesses, and the increasing utilisation of generative AI in cybercrime. To access the complete report, request a demo. Major Data Breach at the UK Ministry of Defence A significant data
Introduction The realm of hacktivism is rapidly expanding, its contours continually shifting and adapting to the geopolitical climate. Within this dynamic landscape, specific regions and industry sectors face heightened risks. Hacktivism, by its very essence, thrives in the public eye, as its actors strive to effect political or social change. Notably, Telegram has emerged as
Hacktivism Roundup Q1 2024: Warfare in the Digital World Read More »
One issue that is raised frequently is the way in which security or IT teams struggle to speak the “business language” to members of the senior leadership that take the final decisions on spending and investment. This problem could have its roots in IT – and later security – teams historically having their management lines
The Cyber Threat Intelligence Analyst – Speaking Your Language Read More »
This article was originally published on Cybernews When it comes to cybersecurity and online protection, many regional ISP and telco providers are very late to the party to defend against malicious actors, like in the case of Russian APT groups. The COVID-19 crisis outlined the importance of the internet and computers. However, it also emphasized the
Author: Roman Faithfull, Cyber Intelligence Lead Introduction Initial access brokers (IABs) form a key part of the cybercriminal ecosystem. They facilitate access for ransomware groups, data leakers, and advanced persistent threat groups (APTs) into corporate networks. They are highly specialised, and professional, and operate in an established, lucrative market often characterised by rigid rules and
Initial Access Brokers Explained Read More »
Separating fact from fiction To find out, check out Episode 20 of the Cyjax Geopolitical and Cybersecurity Podcast. Here’s a summary of what’s on the table… In the latest episode of the Cybersecurity & Geopolitical Discussion, the hosts Ian Thornton-Trump CD, CISO for Cyjax, Lisa Forte of Red Goat Security and Philip Ingram MBE of
The Cybersecurity and Geopolitical Discussion — Broken China? — Episode 20 Read More »
Introduction Cyjax analysts have identified the distribution of STOP ransomware on Google Groups through mass spam attacks on Usenet. Over 385,000 posts have been observed, which contain malicious links resulting in ransomware infection. This campaign, henceforth referred to as “STOPNET.GG”, has been in operation since at least May 2023, and is ongoing at the time
STOP ransomware spamming in Usenet Read More »
