Building on the joint publication we made with @enisa_eu to encourage all EU orgs to boost their cyber resilience, we have now practical guidance for you to prevent and mitigate critical #cybersecurity threats!. Enjoy while supplies last!.🧯🔥🚒.

💶 55 ransomware operations in Europe, 900+ victims in Europe. Lockbit, accounting for 25% of the total cases.

🏥 ✈️ 🔬 13 sectors of interest highly targeted in our vicinity: diplomacy, defence, transport, finance, health, energy, technology, justice, telecoms, research, education, fundamental rights, and space.

🎣🇪🇺 177 spearphishing attacks in our vicinity. A number of adversaries used specific lures related to EU affairs.

💻 ☁️ 104 products targeted in 241 distinct malicious activities: exploitation of internet-facing products, supply-chain attacks, fake versions of software, abuse of public repositories used by programmers, misuse, other forms of exploitation after initial access.

🥷 80 active threat actors in our vicinity. Cyberespionage, hacktivism, cybercrime or info ops. Based on reliable sources info, several were linked with 🇷🇺, 🇨🇳. We also noticed a diversification in the origin of cyber attacks and the role played by PSOAs.

We have compiled our Threat Landscape Report 2023 - Year Review - 🎯 602 malicious activities analysed targeting Union entities or their vicinity.

💥 Disruption: attacks on government, energy, transport and finance sector (4/4).

🕵️‍♀️ Cyberespionage: 🇷🇺 🇨🇳 🇹🇷 threat actors active in Europe ; two major breaches against prominent technology companies attributed to 🇷🇺 APT29. 💶 Cybercrime: top ransomware in 🇪🇺: Lockbit, 8Base, Hunters International, MedusaLocker, Akira, BlackBasta (3/4).

🔖 Policy: 🇪🇺 chief diplomat warned global elections are prime targets for disinformation campaigns; cybercriminals involved in malware development and operation or darknet forum administration arrested, sentenced or sanctioned. (2/4).

We have compiled our Cyber Brief for the month of January 2024, with a summary of the main IT security developments, reported by open sources. It is available at - we hope you will like the new presentation (1/4).

💥 Disruption: attacks in the telecommunications, healthcare, water supply, energy, and legislative sectors. (4/4).

🕵️‍♀️ Cyberespionage: 🇷🇺 and 🇰🇵 threat actors active in Europe. 🇮🇷 threat actors active in other regions. 💶 Cybercrime: top ransomware in 🇪🇺: Lockbit, 8Base, Cactus, Play, BlackBasta, Akira. (3/4).

🔖 Policy: 🇪🇺 adopts Regulation to enhance cybersecurity across its institutions, initiates formal proceedings against company X under the Digital Services Act. Star Blizzard cyberattacks linked to 🇷🇺's FSB. (2/4).

We have compiled our Cyber Brief for the month of December 2023, with a summary of the main IT security developments, reported by open sources. It is available at (1/4).

Critical Vulnerability in Ivanti Endpoint Management Software (CERT-EU Security Advisory 2024-002) -

Vulnerability in Wordpress Google Fonts Plugin (CERT-EU Security Advisory 2024-001) -

UPDATE: High Severity Vulnerability in Google Chrome (CERT-EU Security Advisory 2023-100) -

High Severity Vulnerability in Google Chrome (CERT-EU Security Advisory 2023-100) -

Critical Vulnerabilities in Ivanti Avalanche (CERT-EU Security Advisory 2023-099) -

SMTP Smuggling Vulnerability in CISCO Secure Email Gateway (CERT-EU Security Advisory 2023-098) -