Cato CTRL’s Q2 2024 SASE Threat Report reveals critical findings based on analyzing 1.38 trillion network flows from over 2,500 customers. Key takeaways for enterprises include the persistence of threat actor IntelBroker, cybersquatting trends, and Log4j exploits.
IntelBroker, a prominent figure in the BreachForums hacking community, has been involved in selling data and source code from major organizations like AMD, Apple, Facebook, and more.
Interestingly, Amazon was the most frequently spoofed brand, accounting for 66% of cybersquatting domains. Google followed with 7%.
Despite being discovered in 2021, Log4j vulnerabilities continue to be exploited. Cato CTRL recorded a 61% increase in attempted Log4j exploits and a 79% rise in WAN-bound traffic.
To mitigate these threats, Cato CTRL recommends:
* Monitoring dark web forums for mentions of your company’s data or credentials
* Employing tools to detect and mitigate phishing attacks
* Prioritizing proactive patching for critical vulnerabilities like Log4j
* Developing a step-by-step response plan for data breaches
* Adopting an “assume breach” mentality with techniques like ZTNA, XDR, pen testing, and AI governance.
Source: https://thehackernews.com/2024/09/top-3-threat-report-insights-for-q2-2024.html?m=1