Cyber Fusion Team @SecAlliance

New research from SecAlliance: Chinese smishing syndicates are now targeting digital wallets like Apple Pay & Google Wallet. Up to 115M cards may be affected. Read more: secalliance.com/blog/the-evolu…

Ban-somware? The UK is planning a partial ban on ransomware payments, targeting public sector and CNI organisations. Will it help break the cycle — or just shift the risk elsewhere? Our latest blog explores the policy, its potential impact, and the challenges ahead. Read more: secalliance.com/blog/ban-somwa…

Missed this last week? Disinformation is not a buzzword. It’s a weapon. New on the SecAlliance blog: - What disinformation is - Why it matters for business - Real-world risks and impact Read now: secalliance.com/blog/disinform…

🚨Protest alert The Wimbledon 2025 Championships event will start on 30 June at the All England Lawn Tennis and Croquet Club in Wimbledon, London. 3 pro-Palestine groups (Campaign Against Arms Trade, Palestine Solidarity Campaign, and War on Want), intend to target Wimbledon sponsors in the banking sector. The protest will take place outside Centre Court from 1000 to 1200. These groups believe that Wimbledon’s organisers are allowing sponsors to use tennis to improve their reputations, by 'sportwashing', that may be tarnished by supporting arms companies within Israel’s weapons supply chain. Given that the same groups protested last year at Wimbledon for the same reason, it is likely that their TTPs will include not only holding Palestine flags and placards with spoof posters, but also theatrical actions using replicas of, for example, fake corpses to attract attention. While the threat severity is assessed low, the ongoing Gaza conflict make it realistically possible that motivated activists choose more disruptive TTPs. We recommend for staff and general public to avoid large groupings of activists if possible, while entering or leaving the event. We do recommend sponsors and event staff to take into consideration the security of individuals representing the sponsors themselves, as there is a realistic possibility that activists may attempt direct targeting, if visual confirmation is achieved. SecAlliance monitor all significant events for disruption of all types, as part of our Physical Threat Monitoring service. #wimbledon #protest

Another angle of the Israel-Iran conflict is unfolding in Western Europe, where protest activity remains high. Our Fusion Team is monitoring these developments closely, providing insights on how protest dynamics may shift in the coming weeks. Read our full assessment in the blog post: secalliance.com/blog/israel-ir… #physicalintelligence #protests #Iran #Israel

Following U.S. strikes on Iranian nuclear sites and Iran’s response, the cyber threat landscape is shifting again. While a major Iranian state cyberattack is unlikely, hacktivist activity and asymmetric threats remain highly possible. Read our full assessment in the blog post: secalliance.com/blog/cyber-imp… #ThreatIntelligence #Israel #Iran

Hacktivist groups are now a key part of the Israel-Iran cyber landscape. Our latest analysis looks at pro- and anti-Israeli hacktivist activity, regional targeting patterns, and the growing risk to Western organisations – especially those seen as supporting Israel. Read our full assessment in the blog post: secalliance.com/blog/cyber-imp… #ThreatIntelligence #Israel #Iran #Hacktivism

As the Israel-Iran conflict escalates, a major Iranian cyberattack remains unlikely – but espionage and sabotage efforts are ongoing. Less-protected regional targets may face increased risk. Read our full assessment in the blog post: secalliance.com/blog/cyber-imp… #ThreatIntelligence #Israel #Iran

As the conflict between Israel and Iran grows, Iran is likely to increase its cyberattacks. Our latest analysis explains Iran’s cyber strategy, main actors, and what organisations should prepare for in the coming weeks. secalliance.com/blog/irans-cyb…

🚨 The Premiership Rugby Final 2025 event is taking place at Twickenham Stadium, London on 14 June 2025, at 1500 BST. Extinction Rebellion UK (XR) intends to target the event with their campaign Insure Our Survival. XR intent is to target this event's sponsors and more specifically, insurance sector sponsors. The claim is that these companies support fossil fuels industries by, for example, insuring pipelines, oil platforms, and coal mines damaging the environment. It is likely that XR TTPs will include handing out leaflets, engaging rugby fans with surveys and holding placards near the stadium before and after the event. It is likely that activists will stand in the flows of fans, probably near entrances and exits to make themselves seen and heard. While it is assessed that the disruption of the event will be minimal, there is a low likelihood of some sort of escalation. We recommend for staff and general public to avoid large groupings of activists if possible, while entering or leaving the event. We do recommend sponsors and event staff take into consideration the security of individuals representing the sponsors themselves, as direct targeting by the activists if visual confirmation is achieved, is realistically possible. SecAlliance monitor all significant events including the world's premier sporting events, for disruption of all types, as part of our Physical Threat Monitoring service.

The Roland-Garros 2025 event is underway. Taxi drivers trade unions have stated that they intend to continue strike actions and threaten to block access to Roland-Garros stadium, Parisian airports and train stations until Saturday 31 May, for now. It has the realistic possibility to occur, because current negotiations with the French government have failed and spontaneous action is encouraged by the unions. It is likely that TTPs will include slow-down driving with hundreds of participants in Paris city centre, near critical transport infrastructure and the Roland-Garros stadium. While officials aim to limit the effects on the Roland-Garros tournament, it is likely to negatively impact the traffic in Paris and accessibility of the event. If a compromise is not reached, it is likely that the strike will be extended, affecting the entire last week of the tournament. Such threat actors pick events like this because they can take advantage of international media coverage to add pressure upon officials to cede to their demands. We recommend for executives, staff and general public to follow real-time information about the strike action in case of escalation. SecAlliance monitor all significant events including the world's premier sporting events, for disruption of all types, as part of our Physical Threat Monitoring service: secalliance.com/physical-intel… #RolandGarros #ThreatMonitoring

@j0hn__f @virustotal @Google Our subscription would increase by a factor of 37 to keep the same coverage 😂 I honestly just thought the sales team had been miss-briefed or misunderstood. At least it will drive innovation & revenue at other providers and diversify the market. No direct competitors yet....

The Dynamics of Russian Influence in the 2024 U.S. Presidential Election Following on from the 2024 U.S. Presidential election, the latest Security Alliance report, "Changing Ballots and Minds: Russian Influence Operations and the 2024 U.S. Presidential Election", delves into the complex methods and motives behind Russia’s ongoing influence efforts in the physical and digital realm, used to influence the cognitive understanding of the American electorate. This comprehensive report examines: - Evolving tactics and platforms used in Russian influence campaigns. - Key vulnerabilities in the information ecosystem. - The broader implications for democratic institutions worldwide. Read the full report here: secalliance.com/blog/changing-… #CyberThreatIntelligence #InformationSecurity #InfluenceOperations #ElectionSecurity #2024Election #Cybersecurity #Intelligence

Tim Haines of @SecAlliance on Chinese pre-placement activity

@CRESTadvocate One of the most comprehensive guides available! Applicable to both producers of and consumers of CTI.

On 13 March, the EU Parliament voted to pass its landmark Artificial Intelligence Act. Check out our analysis here: linkedin.com/feed/update/ur…

We're delighted to have collaborated with @SECFORCE_LTD for #UnderstandingDORA, a series of videos on the #DigitalOperationalResilienceAct. Watch the video below to learn more about #IntelligenceSharing or get in touch for any enquiries. x.com/SECFORCE_LTD/s…

SECFORCE @SECFORCE_LTD

2 years ago

ℹ️🤝 This week we talk about #IntelligenceSharing, with the collaboration of our partner @SecAlliance2, in this sixth and final chapter of #UnderstandingDORA, our series of videos on the #DigitalOperationalResilienceAct. youtube.com/watch?v=_m1YRJ… More info:secforce.com/dora-complianc…

0 2 2 373 0

Some key stats include: ➡️European entities were targeted in 68% of incidents ➡️36 European countries were targeted in 2023 ➡️The most targeted sectors were government, transportation and financial services You can read the full research on our blog: secalliance.com/blog/russia-uk…

Over the past two years, SecAlliance has monitored online sources to collect data on hacktivist activity related to the Russia-Ukraine war.

The rise of environmental activism has proliferated across the globe – and this has not been without coordination. SecAlliance has been investigating the activities of the A22 Network, a global collective of groups targeting critical national infrastructure. Read more of our analysis of their autumn 2023 activities here: secalliance.com/blog/report-th…