Business Email Compromise (BEC)

August 2025

31 Aug 2025
Vol. 8, Iss. 35

31 Aug 2025 Vol. 8, Iss. 35

Salt Typhoon comp'd over 200 organisations. Anthropic says cybercrims run ransomware ops using Claude. SK Telecom lacked pretty much any security.

18 Aug 2024
Vol. 7, Iss. 33

18 Aug 2024 Vol. 7, Iss. 33

Large data set published from US Data broker. Trump campaign blames Iran for leaked emails. Critical zero-click TCP/IP vulnerability in Windows.

11 Feb 2024
Vol. 7, Iss. 6

11 Feb 2024 Vol. 7, Iss. 6

No, 3 million toothbrushes didn't DDoS anything. But... Deepfake video used in CFO scam to steal £20 million. TfL has been trialling AI surveillance.

24 Sep 2023
Vol. 6, Iss. 39

24 Sep 2023 Vol. 6, Iss. 39

International Criminal Court breached by attackers. Cisco set to acquire Splunk in largest-ever acquisition. Agreement on UK-US data flows.

19 Mar 2023
Vol. 6, Iss. 12

19 Mar 2023 Vol. 6, Iss. 12

Critical vulnerabilities in Microsoft Outlook, Samsung chips in Android phones. ALPHV claims ransomware attack against Ring.

18 Dec 2022
Vol. 5, Iss. 51

18 Dec 2022 Vol. 5, Iss. 51

Microsoft certs used to sign malware. AWS API exposed ability to modify, delete container images. BEC scammers are targeting sugar and milk powder.

29 May 2022
Vol. 5, Iss. 22

29 May 2022 Vol. 5, Iss. 22

Verizon DBIR 2022. ICO fines Clearview AI. Suspected leader of 'SilverTerrier' arrested. Fake IDs for everyone!

26 Jul 2020
Vol. 3, Iss. 30

26 Jul 2020 Vol. 3, Iss. 30

Garmin 'ran somewhere.' UK Test & Trace doesn't have a DPIA. Emotet serving up Hackerman memes.

7 Jun 2020
Vol. 3, Iss. 23

7 Jun 2020 Vol. 3, Iss. 23

REvil launch auction site, while Maze and LockBit team up to pool resources, know-how. Plus inside a BEC scam and DROP DATABASE tickets.