.png)
We are sharing our two most recent Information Assurance reports. These are designed to provide a Western Europe-focused report on information and data security related to cyber threats, various vulnerabilities, and changes in the technology landscape that may impact your business. Both reports are in-depth (over 12 pages) and have actionable insights for threat mitigation.
Summaries and Key Takeaways
October
Chinese “Salt Typhoon” Breaches Wiretapping Systems:
A Chinese state-sponsored threat actor, Salt Typhoon, has infiltrated critical wiretapping systems used by major US telecom providers. This breach could grant the attackers access to sensitive surveillance data and has raised severe national security concerns. The incident highlights vulnerabilities in systems designed for lawful surveillance and is likely to influence global discussions around encryption and cybersecurity policies.
“GoldenJackal” Breaches European Government Air-Gapped Systems:
Threat actor, “GoldenJackal”, successfully breached air-gapped systems used by European government entities, stealing sensitive data through malware-laden USB drives. The attackers used custom tools to exfiltrate valuable information, including encryption keys and documents, showing that even isolated systems can be compromised if physical devices are improperly secured.
Infostealer Malware Bypasses Chrome's Cookie Encryption:
Various infostealer malware, including Lumma Stealer and WhiteSnake, have developed methods to bypass Google Chrome’s App-Bound Encryption, a defense intended to secure sensitive data like cookies and passwords. These malware variants can now steal user data without requiring elevated privileges, increasing the risk of unnoticed data theft in enterprise environments.
September
Google Faces Legal Challenges Over Ad Monopoly:
Google is facing significant antitrust legal battles in both the U.S. and Europe. The U.S. Department of Justice (DOJ) is pushing for the company to divest parts of its advertising business, particularly Ad Manager, after claims that Google manipulated the online ad market. This lawsuit, combined with recent accusations of evidence tampering, could reshape the ad tech industry and have far-reaching impacts on advertisers and business users of Google's services.
Aalberts N.V. Data Breach Exposes Senior Management Information:
A significant data breach at Dutch company Aalberts N.V. led to the leaking of personal details of senior management, including C-Level executives. The data, which is being sold on the dark web, includes sensitive information such as emails, phone numbers, and network details, putting the affected individuals at risk of further cyberattacks. This breach highlights the growing risks facing Dutch companies and the increasing sophistication of cybercriminals targeting high-profile organizations.
New China-Linked IoT Botnet 'Raptor Train' Discovered:
A new Internet-of-Things (IoT) botnet, dubbed Raptor Train, has been attributed to the Chinese APT group, Flax Typhoon. This botnet has compromised over 200,000 IoT devices globally, including small office and home routers, IP cameras, and other internet-connected devices. Raptor Train’s design allows for large-scale distributed denial-of-service (DDoS) attacks, though its full capabilities have not yet been deployed. This discovery demonstrates the ongoing threat of state-sponsored cyber activity targeting critical infrastructure.