September 17, 2024
Top 3 Threat Report Insights for Q2 2024
Cato CTRL (Cyber Threats Research Lab) has released its Q2 2024 Cato CTRL SASE Threat Report. The report highlights critical findings based on the analysis of a staggering 1.38 trillion network flows from more than 2,500 of Cato’s global customers, between April and June 2024. Key Insights from the Q2 2024 Cato CTRL SASE Threat Report The report is packed with unique insights that are based on

Sep 12, 2024The Hacker NewsThreat Intelligence / Cybercrime

Cato CTRL (Cyber Threats Research Lab) has released its Q2 2024 Cato CTRL SASE Threat Report. The report highlights critical findings based on the analysis of a staggering 1.38 trillion network flows from more than 2,500 of Cato’s global customers, between April and June 2024.

Key Insights from the Q2 2024 Cato CTRL SASE Threat Report

The report is packed with unique insights that are based on thorough data analysis of network flows. The top three insights for enterprises are as follows.

1) IntelBroker: A Persistent Threat Actor in the Cyber Underground

During an in-depth investigation into hacking communities and the dark web, Cato CTRL identified a notorious threat actor known as IntelBroker. IntelBroker is a prominent figure and moderator within the BreachForums hacking community and has been actively involved in the sale of data and source code from major organizations. These include AMD, Apple, Facebook, KrypC, Microsoft, Space-Eyes, T-Mobile and the US Army Aviation and Missile Command.

2) 66% of Brand Spoofing Focuses on Amazon

Cybersquatting is the spoofing and exploitation of a brand’s domain name to profit from its registered trademark. The report finds that Amazon was the most frequently spoofed brand, with 66% of such domains targeting the retail giant. Google followed, albeit at a distant second, with 7%.

3) Log4j Still Being Exploited

Despite being discovered in 2021, the Log4j vulnerability remains a favored tool among threat actors. From Q1 to Q2 2024, Cato CTRL recorded a 61% increase in attempted Log4j exploits in inbound traffic and a 79% rise in WANbound traffic. Similarly, the Oracle WebLogic vulnerability, first identified in 2020, saw a 114% increase in exploitation attempts within WANbound traffic over the same period.

Security Recommendations

Based on the findings of the report, Cato CTRL advises organizations to adopt the following best practices:

  1. Regularly monitor dark web forums and marketplaces for any mention of your company’s data or credentials being sold.
  2. Employ tools and techniques to detect and mitigate phishing and other attacks that leverage cybersquatting.
  3. Establish a proactive patching schedule focused on critical vulnerabilities, particularly those actively targeted by threat actors, such as Log4j.
  4. Create a step-by-step plan for responding to a data breach.
  5. Adopt an “assume breach” mentality with methods like ZTNA, XDR, pen testing and more.
  6. Develop an AI governance strategy.

Read additional recommendations with more details in the report.

Found this article interesting? This article is a contributed piece from one of our valued partners. Follow us on Twitter and LinkedIn to read more exclusive content we post.

Related News

Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense

Google Chrome Switches to ML-KEM for Post-Quantum Cryptography Defense

U.S. Treasury Sanctions Executives Linked to Intellexa Predator Spyware Operation U.S. Treasury Sanctions Executives Linked to Intellexa Predator Spyware Operation

U.S. Treasury Sanctions Executives Linked to Intellexa Predator Spyware Operation

How to Investigate ChatGPT activity in Google Workspace How to Investigate ChatGPT activity in Google Workspace

How to Investigate ChatGPT activity in Google Workspace

Binance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency Users Binance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency Users

Binance Warns of Rising Clipper Malware Attacks Targeting Cryptocurrency Users

You may have missed

Elon Musk says SpaceX will sue FAA for ‘regulatory overreach’ Elon Musk says SpaceX will sue FAA for 'regulatory overreach'

Elon Musk says SpaceX will sue FAA for ‘regulatory overreach’

Bitcoin climbs above $60,000 ahead of Fed rate decision Bitcoin climbs above ,000 ahead of Fed rate decision

Bitcoin climbs above $60,000 ahead of Fed rate decision

Snap unveils latest AR glasses despite ongoing struggles in core ad business Snap unveils latest AR glasses despite ongoing struggles in core ad business

Snap unveils latest AR glasses despite ongoing struggles in core ad business

The Apple Watch Series 10 offers mostly minor upgrades, but faster charging is a big plus The Apple Watch Series 10 offers mostly minor upgrades, but faster charging is a big plus

The Apple Watch Series 10 offers mostly minor upgrades, but faster charging is a big plus

Amazon is using generative AI to drive more same-day shipping using smarter robots and better routes Amazon is using generative AI to drive more same-day shipping using smarter robots and better routes

Amazon is using generative AI to drive more same-day shipping using smarter robots and better routes

Samsung Reportedly Testing One UI 7 Ahead of Anticipated Beta Release Samsung Reportedly Testing One UI 7 Ahead of Anticipated Beta Release

Samsung Reportedly Testing One UI 7 Ahead of Anticipated Beta Release