Threat IntelligenceCross Industry

Q3 Threat Intelligence Report: Trending Malware, Breaches, and Vulnerabilities

Q3 Threat Intelligence Report: Trending Malware, Breaches, and Vulnerabilities

Each quarter, the Cradlepoint Threat Research and Analysis (TR&A) Team publishes a threat intelligence report to inform customers about relevant changes in the threat landscape. This report covers events from April through June 2024.

Our Views on Recent Attacks

In the past quarter, warnings and reports of attacks on critical infrastructure published by government organizations such as the Cyber and Infrastructure Security Agency (CISA) topped cybersecurity headlines, followed closely by company data breach reports. CISA issued #StopRansomware reports for Black Basta and Akira ransomware, stating that affiliates gained initial access by exploiting application vulnerabilities. Application vulnerabilities were the most exploited category at 39% per the CISA Known Exploited Vulnerabilities (KEV) list, likely indicating an increased threat to unpatched, internet-facing applications. Info-stealer and loader malware were leading initial access techniques in data breach and ransomware attacks, with SocGholish and Atomic Stealer reported as the most active. CISA also published warnings of increased activity from APT40 using living-off-the-land techniques, and that proRussian hacktivists are likely to increase the impact of their attacks by using more sophisticated tooling.

Over 55 million people were impacted by non-Snowflake-related data breaches, losing sensitive information such as medical records, payment details, and passwords. Reports of data loss from attacks on customers using the Snowflake data cloud continued as organizations who failed to implement MFA on their accounts gradually disclosed the sensitive data they lost. However, only 11 of the estimated 165 impacted companies have confirmed a data breach as of June 2024. Additional reporting is expected as companies reach regulation time requirements for reporting a data breach.

RELATED CONTENT

Two firefighters in operation.
|Bruce Johnson
Cross IndustrySD-WAN

Intelligent bonding in a wireless world

How flow duplication, flow balancing, and bandwidth aggregation maximize every connection across cellular, satellite, and beyondMost of us don’t think...

The foundations of an autonomous IoT network
|Ericsson Enterprise Wireless Solutions
Connectivity for IoT5GCross Industry

The foundations of an autonomous IoT network

Why 5G is required to close the loop between detection and actionEnterprises have spent years connecting their physical operations to digital systems....

Sitemap