The latest cybersecurity threats and trends have been highlighted in a recent recap, showcasing the evolving landscape of cybercrime. Here are the key points:
**Cybercrime Hits Global Networks**
Cybercrime has been on the rise globally, with authorities taking down major threat actors. The LockBit ransomware gang has been a significant target, and Russian domains have been seized in a joint operation by the U.S. Department of Justice (DoJ) and Microsoft. This move aims to disrupt credential harvesting campaigns targeting NGOs and think tanks that support government employees and military and intelligence officials.
**Record-Breaking DDoS Attack**
A record-breaking distributed denial-of-service (DDoS) attack was thwarted by Cloudflare, peaking at 3.8 terabits per second (Tbps) and lasting 65 seconds. This attack is part of a broader wave of hyper-volumetric L3/4 DDoS attacks targeting financial services, internet, and telecommunication industries. The activity has not been attributed to any specific threat actor.
**North Korean Hackers Deploy New VeilShell Trojan**
North Korean hackers have deployed a new VeilShell Trojan, which is designed to evade detection by security software. This move highlights the ongoing trend of sophisticated cyber threats from North Korea, which continues to target various sectors with advanced malware.
**700,000+ DrayTek Routers Vulnerable to Remote Attacks**
A significant number of DrayTek routers, approximately 700,000, have been found vulnerable to remote attacks due to 14 security flaws dubbed DRAY:BREAK. These vulnerabilities could be exploited to take over susceptible devices, emphasizing the need for immediate patching.
**Salt Typhoon Breaches AT&T, Verizon, and Lumen Networks**
A Chinese nation-state actor known as Salt Typhoon has breached the networks of U.S. broadband providers, including AT&T, Verizon, and Lumen. The hackers likely accessed information from systems used for court-authorized network wiretapping requests, highlighting the extensive nature of the breach.
**U.K. and U.S. Warn of Iranian Spear-Phishing Activity**
Cyber actors working on behalf of the Iranian government have been identified as engaging in spear-phishing activities. This warning underscores the ongoing threat from Iranian cyber actors, who continue to target various sectors with sophisticated phishing campaigns.
**Resource Public Key Infrastructure (RPKI) Vulnerabilities**
Researchers have highlighted significant vulnerabilities in the current implementations of Resource Public Key Infrastructure (RPKI). These vulnerabilities include denial-of-service and authentication bypass, as well as cache poisoning and remote code execution. This issue affects the Border Gateway Protocol (BGP) and underscores the need for robust security measures in network infrastructure.
**Telegram’s Data Policy Shift**
Telegram’s decision to provide users’ IP addresses and phone numbers to authorities in response to valid legal requests has prompted cybercrime groups to seek alternative messaging apps. This shift has led to a decline in Telegram usage among cybercriminals, who are now exploring options like Jabber, Tox, Matrix, Signal, and Session.
**Cybersecurity Resources & Insights**
To stay ahead of these evolving threats, cybersecurity professionals can leverage various resources and insights. These include:
– **Modernization of Authentication:** Discover the benefits of passwordless technology and multi-factor authentication (MFA) in protecting against cyber threats.
– **Interactive Training Platforms:** Utilize interactive training platforms to build a culture of security awareness and avoid mistakes.
– **Compliance Reporting:** Automate compliance reporting using ServiceNow GRC to simplify documentation.
– **Zero Trust Strategies:** Implement zero trust strategies like micro-segmentation and continuous identity verification to strengthen defenses.
– **Vulnerability Management:** Use tools like Tenable.io to find and fix vulnerabilities early, saving on compliance expenses while maintaining strong security.
The recent cybersecurity recap underscores the dynamic nature of cyber threats, emphasizing the need for continuous vigilance and adaptation in the face of evolving attacks. By staying informed and leveraging the right tools and strategies, organizations can better protect themselves against the latest threats.
Discover more from Altralto
Subscribe to get the latest posts sent to your email.
Be the first to comment