High 3 Risk Report Insights for Q2 2024

Sep 12, 2024The Hacker InformationRisk Intelligence / Cybercrime

Cato CTRL (Cyber Threats Analysis Lab) has launched its Q2 2024 Cato CTRL SASE Risk Report. The report highlights important findings based mostly on the evaluation of a staggering 1.38 trillion community flows from greater than 2,500 of Cato’s international clients, between April and June 2024.

Key Insights from the Q2 2024 Cato CTRL SASE Risk Report

The report is full of distinctive insights which can be based mostly on thorough information evaluation of community flows. The highest three insights for enterprises are as follows.

1) IntelBroker: A Persistent Risk Actor within the Cyber Underground

Throughout an in-depth investigation into hacking communities and the darkish internet, Cato CTRL recognized a infamous risk actor referred to as IntelBroker. IntelBroker is a outstanding determine and moderator inside the BreachForums hacking group and has been actively concerned within the sale of knowledge and supply code from main organizations. These embody AMD, Apple, Fb, KrypC, Microsoft, House-Eyes, T-Cell and the US Military Aviation and Missile Command.

2) 66% of Model Spoofing Focuses on Amazon

Cybersquatting is the spoofing and exploitation of a model’s area title to revenue from its registered trademark. The report finds that Amazon was essentially the most ceaselessly spoofed model, with 66% of such domains focusing on the retail large. Google adopted, albeit at a distant second, with 7%.

3) Log4j Nonetheless Being Exploited

Regardless of being found in 2021, the Log4j vulnerability stays a well-liked instrument amongst risk actors. From Q1 to Q2 2024, Cato CTRL recorded a 61% enhance in tried Log4j exploits in inbound visitors and a 79% rise in WANbound visitors. Equally, the Oracle WebLogic vulnerability, first recognized in 2020, noticed a 114% enhance in exploitation makes an attempt inside WANbound visitors over the identical interval.

Safety Suggestions

Primarily based on the findings of the report, Cato CTRL advises organizations to undertake the next greatest practices:

1. Often monitor darkish internet boards and marketplaces for any point out of your organization’s information or credentials being bought.
2. Make use of instruments and strategies to detect and mitigate phishing and different assaults that leverage cybersquatting.
3. Set up a proactive patching schedule centered on important vulnerabilities, notably these actively focused by risk actors, corresponding to Log4j.
4. Create a step-by-step plan for responding to a knowledge breach.
5. Undertake an “assume breach” mentality with strategies like ZTNA, XDR, pen testing and extra.
6. Develop an AI governance technique.

Learn further suggestions with extra particulars within the report.