Welcome to the October 2023 Threat Highlight Report!
This month's report covers a range of cybersecurity topics, including phishing campaigns, infostealer markets, and DDoS techniques.
October report covers
- An ongoing phishing campaign impacting Finland
- The state of the infostealer market
- Fallout following the compromise of Okta
- A new HTTP/2 rapid reset DDoS technique
- The state of the hacktivist landscape, which has been further shaped by ongoing conflict in Israel
- Tracking the ransomware landscape, including statistics from known attacks
- Reference to a wider piece of research on the malware Darkgate
- Phishing campaign impacting Finland
Phishing campaign that is targeting Finnish organizations. The attackers are using a variety of tactics to trick users into giving up their login credentials, including sending fake emails that appear to be from legitimate sources. - Infostealer market
Current state of the infostealer market, which is a type of malware that is designed to steal sensitive information from infected systems. The report notes that the market is currently dominated by a few key players, and that the malware is often sold on underground forums. - Fallout following the compromise of Okta
Overview of the fallout following the compromise of Okta, a company that provides identity and access management services to many other third parties. The report notes that the attackers were able to access customer accounts at 1Password, Beyond Trust, and Cloudflare by abusing credentials, cookies, and session tokens contained within HAR files. - HTTP/2 rapid reset DDoS technique
A new DDoS technique that is designed to exploit a vulnerability in the HTTP/2 protocol. The technique involves sending a series of specially crafted requests that cause the server to reset the connection, which can result in a denial of service. - Hacktivist landscape
Current state of the hacktivist landscape, which has been further shaped by ongoing conflict in Israel. The report notes that hacktivist groups are increasingly using social media to spread their message and coordinate their activities. - Ransomware landscape
Statistics on known ransomware attacks, including the number of attacks and the amount of ransom demanded. The report notes that ransomware attacks continue to be a major threat to organizations of all sizes - Darkgate malware
The report includes a reference to a wider piece of research on the Darkgate malware, which is a financially motivated cybercrime actor that is using multiple malware families to target digital marketing professionals.
Stay informed about the latest cybersecurity threats and trends.
Be Ahead of the Game!
Stay informed about the latest cybersecurity threats and trends by subscribing to WithSecure's monthly threat highlights report!
Our comprehensive report provides an overview of last month's cybersecurity news, the changing threat landscape, and relevant advice.
Don't miss out on valuable insights - fill out the form to receive our report now!