Newsletters

Foreign intelligence services are experimenting with new ways of using domestic proxies to facilitate overseas operations. 

In the Netherlands, two teenagers have been arrested after reportedly being recruited by pro-Russian hackers on Telegram to assist with cyber espionage operations. Dutch authorities allege that the pair were tasked with Wi-Fi collection along a route in The Hague that went past Europol, Eurojust and the Canadian embassy.  

A mysterious threat actor is abusing Milesight industrial cellular routers to send SMS spam, also known as smishing, to users in several European countries.

According to French security firm Sekoia, the campaign has been silently going on without detection since at least February 2022.

The attackers are targeting a feature of Milesight routers that lets admins configure to receive SMS alerts. Such a feature is common in industrial routers that connect remote equipment to a larger network via a cellular modem, with admins receiving alerts when the equipment connection goes offline and may not be in a state where it can be managed.

The UK government has agreed to underwrite a £1.5 billion loan to Jaguar Land Rover to help the carmaker deal with the increasingly costly aftermath of a recent cyberattack that has crippled its production and shut down factories for almost a month.

The underwrite was approved on Sunday after a visit from UK Business Secretary Peter Kyle to the headquarters of JLR and its main supply chain firm Webasto this week.

JLR fell victim to a ransomware attack—supposedly from the HellCat group—on August 31. Production lines at all JLE factories have been shut down ever since, and are expected to last into October.

Most European users will receive Windows 10 Extended Security Updates (ESU) for free.

These are security updates that Microsoft will provide to users after the Windows 10 operating system reaches end-of-life on October 14, less than three weeks away.

Normally, ESUs are available to enterprise customers, but last year, Microsoft took the novel step of providing the first-ever ESUs to home consumers. For $30, half the sum a company would pay, Windows 10 home users could have received security updates for an extra year.

In recent years we've seen an evolution of the online funnel that turns kids into cybercriminals. 

Over the last decade, cybercrime's reach has broadened, it's become more lucrative and more violent. Governments need to attack and disrupt this funnel at all levels, instead of solely focussing on prosecuting these kids after the damage is done.

Bloomberg has described the path that turned one key individual associated with Scattered Spider from a self-described "weird kid" into an inmate, having been sentenced to ten years in prison. Noah Urban, now 20 years old, stole more than USD$13 million in cryptocurrency after becoming involved in SIM swapping when he was 15. 

The US Secret Service has raided and dismantled a SIM farm operating at five locations across the New York tri-state area.

Officials seized 300 SIM servers running more than 100,000 SIM cards.

Officials began investigating the SIM farms after they were used earlier this year to make anonymous threats against senior US officials. According to the NYT, two White House and one Secret Service official were on the receiving end of some of those threats.

A cyberattack has disrupted flights at multiple airports across Europe and elsewhere over the weekend.

The attack brought down self-service kiosks used by passengers to check in, drop luggage, and print boarding passes for their flights.

While the kiosks are installed in hundreds of airports, the disruption forced an usually large number of travelers to manual check-in counters, creating cascading delays that slowly bogged down the larger airports as time went on.

The US Department of Defense has more than 70,000 individuals working on cybersecurity and cyberspace operations, according to a report published this week that provided the first accurate number for such a task force.

The figure includes 61,000 military and civilian personnel and 9,500 temporary contractors, spread across 504 organizations. They work for Cyber Command, the Army, Navy, Marine Corps, Air Force, and Space Force.

The report, from the US Government Accountability Office, was commissioned by Congress in 2023, after Russia's invasion of Ukraine, to help lawmakers identify all the Pentagon's cyber capabilities and help review and optimize its operations, in light of Russia's invasion of Ukraine and after several hacks of US government networks.

In 2024, the number of US investors in the spyware market skyrocketed, and the country became the largest investor by deal count, according to new research from the Atlantic Council. The researchers say these investments undermine US government efforts to control abusive spyware, but we think they present an opportunity to exert more control over the industry. 

Spyware is not inherently bad. Abusive spyware is used to violate human rights, rather than for lawful purposes.

The increase in US investment is a key finding of an update to the Atlantic Council's 2024 Mythical Beasts report. That report mapped the global spyware industry through to the end of 2023. At the time vendors were concentrated in Israel, India and Italy. The US was the third-largest investor by deal count. 

The internet's top AI chatbots provide answers with false claims twice as much as they did last year.

The disinformation rates of the top 10 leading chatbots have doubled, going from 18% in August 2024 to 35% a year later, according to a study from disinformation-fighting group NewsGuard.

Chatbots reproduced false claims on topics such as health, politics, international affairs, companies, and business brands.