Home Security Top 3 Threat Report Insights for Q2 2024

Top 3 Threat Report Insights for Q2 2024

by


Sep 12, 2024The Hacker NewsThreat Intelligence / Cybercrime

Cato CTRL (Cyber Threats Research Lab) has released its Q2 2024 Cato CTRL SASE Threat Report. The report highlights critical findings based on the analysis of a staggering 1.38 trillion network flows from more than 2,500 of Cato’s global customers, between April and June 2024.

Key Insights from the Q2 2024 Cato CTRL SASE Threat Report

The report is packed with unique insights that are based on thorough data analysis of network flows. The top three insights for enterprises are as follows.

1) IntelBroker: A Persistent Threat Actor in the Cyber Underground

    During an in-depth investigation into hacking communities and the dark web, Cato CTRL identified a notorious threat actor known as IntelBroker. IntelBroker is a prominent figure and moderator within the BreachForums hacking community and has been actively involved in the sale of data and source code from major organizations. These include AMD, Apple, Facebook, KrypC, Microsoft, Space-Eyes, T-Mobile and the US Army Aviation and Missile Command.

    2) 66% of Brand Spoofing Focuses on Amazon

      Cybersquatting is the spoofing and exploitation of a brand’s domain name to profit from its registered trademark. The report finds that Amazon was the most frequently spoofed brand, with 66% of such domains targeting the retail giant. Google followed, albeit at a distant second, with 7%.

      3) Log4j Still Being Exploited

        Despite being discovered in 2021, the Log4j vulnerability remains a favored tool among threat actors. From Q1 to Q2 2024, Cato CTRL recorded a 61% increase in attempted Log4j exploits in inbound traffic and a 79% rise in WANbound traffic. Similarly, the Oracle WebLogic vulnerability, first identified in 2020, saw a 114% increase in exploitation attempts within WANbound traffic over the same period.

        Security Recommendations

        Based on the findings of the report, Cato CTRL advises organizations to adopt the following best practices:

        1. Regularly monitor dark web forums and marketplaces for any mention of your company’s data or credentials being sold.
        2. Employ tools and techniques to detect and mitigate phishing and other attacks that leverage cybersquatting.
        3. Establish a proactive patching schedule focused on critical vulnerabilities, particularly those actively targeted by threat actors, such as Log4j.
        4. Create a step-by-step plan for responding to a data breach.
        5. Adopt an “assume breach” mentality with methods like ZTNA, XDR, pen testing and more.
        6. Develop an AI governance strategy.

        Read additional recommendations with more details in the report.

        Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Twitter and LinkedIn to read more exclusive content we post.





Source link

Related Articles

xxxanti beeztube.mobi hot sexy mp4 menyoujan hentaitgp.net jason voorhees hentai indian soft core chupatube.net youjzz ez2 may 8 2023 pinoycinema.org ahensya ng pamahalaan pakistani chut ki chudai pimpmovs.com www xvedio dost ke papa zztube.mobi 300mbfilms.in صور مص الزب arabporna.net نهر العطش لمن تشعر بالحرمان movierulz plz.in bustyporntube.info how to make rangoli video 穂高ゆうき simozo.net 四十路五十路 ロシアav javvideos.net 君島みお 無修正 افلام سكس في المطبخ annarivas.net فيلم سكس قديم rashmi hot videos porncorn.info audiosexstories b grade latest nesaporn.pro high school girls sex videos real life cam eroebony.info painfull porn exbii adult pics teacherporntrends.com nepali school sex