MODAPKVN BLOG

Lorem ipsum dolor sit amet, consectetur adipiscing elit. Test link
Home
Cybercrime

Top 3 Threat Report Insights for Q2 2024

Cato CTRL (Cyber Threats Research Lab) has issued its Q2 2024 Cato CTRL SASE Threat Report. The research presents significant insights based on the examination of a remarkable 1.38 trillion network flows from more than 2,500 of Cato's worldwide clients, between April and June 2024.

Key Insights from the Q2 2024 Cato CTRL SASE Threat Report#

The study is rich with unique insights that are based on detailed data analysis of network traffic. The top three insights for companies are as follows.

1) IntelBroker: A Persistent Threat Actor in the Cyber Underground#

During an in-depth examination of hacker forums and the dark web, Cato CTRL found a notable threat actor known as IntelBroker. IntelBroker is a notable person and moderator within the BreachForums hacking community and has been actively engaged in the selling of data and source code from big corporations. These include AMD, Apple, Facebook, KrypC, Microsoft, Space-Eyes, T-Mobile and the US Army Aviation and Missile Command.

2) 66% of Brand Spoofing Focuses on Amazon#

Cybersquatting is the spoofing and exploitation of a brand's domain name to benefit from its registered trademark. The survey indicates that Amazon was the most often faked trademark, with 66% of such domains targeting the retail behemoth. Google followed, but at a distant second, with 7%.

3) Log4j Still Being Exploited#

Despite being identified in 2021, the Log4j vulnerability remains a preferred weapon among threat actors. From Q1 to Q2 2024, Cato CTRL detected a 61% increase in attempted Log4j attacks in inbound traffic and a 79% surge in WANbound traffic. Similarly, the Oracle WebLogic vulnerability, initially disclosed in 2020, experienced a 114% spike in exploitation attempts inside WANbound traffic during the same time.

Security Recommendations#

Based on the results in the research, Cato CTRL urges firms to implement the following best practices:

Regularly monitor dark web forums and markets for any hint of your company's data or credentials being traded.

Employ tools and strategies to identify and neutralize phishing and other attacks that exploit cybersquatting.

Establish a proactive patching plan focusing on significant vulnerabilities, especially those actively targeted by threat actors, such as Log4j.

Create a step-by-step strategy for reacting to a data breach.

Adopt a "assume breach" approach with techniques like ZTNA, XDR, pen testing and more.

Develop an AI governance approach.

Read other suggestions with more specifics in the paper.

Cookie Consent
We serve cookies on this site to analyze traffic, remember your preferences, and optimize your experience.
More Details
Oops!
It seems there is something wrong with your internet connection. Please connect to the internet and start browsing again.
AdBlock Detected!
We have detected that you are using adblocking plugin in your browser.
The revenue we earn by the advertisements is used to manage this website, we request you to whitelist our website in your adblocking plugin.
Site is Blocked
Sorry! This site is not available in your country.