Evolve MGA

This Thanksgiving, we’re feeling extra grateful for the incredible brokers and agents who help us grow every day. Thank you for your partnership, perseverance, and trust!

From our Evolve MGA team to yours, Happy Thanksgiving!

We provide brokers with the insights and resources to confidently sell cyber & tech E&O to SMEs. Reach out to schedule a webinar or request a white paper!

Bridgestone has confirmed a cyberattack that disrupted operations at key facilities, including the Joliette plant in Quebec, Canada, around August 31.

What Happened:

🔹 The Joliette plant suspended operations, impacting over 1,400 workers and raising concerns about job security and production delays.

🔹 Internal reports suggest other North American sites may have also been affected.

🔹 At this stage, there is no evidence of compromised employee or customer data.

🔹 Bridgestone’s cybersecurity team initiated containment measures, though details of the targeted systems remain undisclosed.

Have you discussed the ripple effects of cyberattacks with your industrial clients?

Good morning brokers. This past Labor Day weekend, we saw two major cyber incidents. WhatsApp faced a stealth spyware attack, while Jaguar Land Rover was hit with a ransomware and data theft operation. Here's what you should share with your clients.

🔹 WhatsApp: A zero-click spyware exploit (CVE-2025-55177 & CVE-2025-43300) let attackers compromise iOS/macOS devices with no user action. Meta confirmed fewer than 200 personalized warning notices sent. Amnesty International flagged risks for journalists & activists.

🔹 Jaguar Land Rover: The HELLCAT ransomware group stole 350GB of employee data, source code, and documents, exploiting stolen Jira credentials from years-old infostealer infection.

Would your client’s policy cover losses tied to stolen employee data, source code, or intellectual property, or are they exposed?

Researchers are warning of active cyberattacks exploiting a critical SQL injection vulnerability in Fortinet’s FortiWeb Fabric Connector. For organizations that rely on multiple Fortinet products, this poses heightened risk of data breach, system downtime, and potential ransomware.

Details:

🔹 The flaw stems from improper neutralization of special elements in SQL commands.

🔹 Exploitation allows attackers to send crafted HTTP/HTTPS requests that execute unauthorized code and grant unrestricted system access.

🔹 First observed in active exploitation July 11, 2025, with dozens of confirmed compromised devices.

🔹 The FortiWeb Fabric Connector enables SSO, policy enforcement, and inter-product data sharing, making exploitation a potential gateway for lateral movement and security control bypass.

🔹 Risks include data breaches, operational downtime, and ransomware deployment.

Does your client’s cyber policy include proactive risk assessment?

Good morning brokers. Here's what you and your clients need to know about from the last three months.

Ransomware Surge:
July saw major hits on brands, IT giants, and critical infrastructure. Groups like Qilin & Akira exploit VPN flaws, causing operational shutdowns and double extortion.

New Malware Families / Threats span all platforms:
🔹 NimDoor (macOS, Web3)
🔹 Batavia (phishing spyware)
🔹 AMOS (macOS stealer/backdoor)
🔹 Anatsa & TapTrap (Android)
🔹 Kosake (Linux stego)
🔹 LameHug (AI-generated attacks)

Zero-Days & Vulnerabilities:
Active exploitation of flaws in Google Chrome and Microsoft SharePoint.

Attack Volume Rising:
Global avg: 2,011 attacks/week (+10% YoY).
Highest growth: Education, Telecom, Gov, Agriculture. Europe leads in regional surge (+15%).

DDoS Escalation:
Record-breaking hyper-volumetric attacks, often IoT-powered.

Targeted Espionage & AI Abuse:
State-backed groups hit dev supply chains, hide malware in npm/PyPI, and leverage AI to adapt attacks.

Good morning brokers. DEF CON Franklin, a new initiative, is deploying ethical hackers to safeguard vulnerable US water utilities from state-sponsored cyberattacks. It partners with the National Rural Water Association (NRWA) and the University of Chicago’s Cyber Policy Initiative.

More Details:

🔹 The initiative is sparked by a 2023 attack on a Pennsylvania water authority that exposed major security gaps.

🔹 The US has 50,000+ mostly small utilities lacking dedicated cybersecurity staff.

🔹 Volunteers provide free on-site help: network mapping, password upgrades, and OT vulnerability assessments.

🔹 Teams have assisted utilities in Indiana, Oregon, Utah, and Vermont, with more states to follow.

🔹 Partners include DEF CON, NRWA, Cyber Resilience Corps, Aspen Digital, and the American Water Works Association.

If state actors can target water utilities, how prepared are your utility service clients in critical infrastructure? Is their cyber policy built for OT and ICS risks?