Welcome to the September 2023 Threat Highlight Report!

Report provides an overview of the latest cybersecurity news, threat landscape, and advice to help you stay protected.

September report covers

  • Monthly highlights
  • Ransomware
  • Other notable highlights in brief

Here’s a bit more detail:

1. QakBot and DarkGate
QakBot is a banking Trojan that has been active since 2007. In recent years, it has been used to distribute ransomware and other malware. DarkGate is a new malware family that has been observed filling the void left by QakBot.

2. TeamsPhisher and Storm-0324
TeamsPhisher is a phishing tool that is designed to target Microsoft Teams users. Storm-0324 is a threat actor that has been observed using TeamsPhisher to distribute malware.

3. Malicious takeover of subdomains
This refers to a technique where threat actors take control of a subdomain belonging to a legitimate website and use it to host malware or launch phishing attacks.

4. Mis-scoring of a vulnerability in Juniper firewalls and switches
Refers to a vulnerability in Juniper firewalls and switches that was initially scored as low severity, but was later found to be more serious. The vulnerability could allow an attacker to bypass authentication and gain access to sensitive information.

5. Hacktivist attacks in Canada and Europe
Hacktivism refers to the use of hacking and other forms of digital activism to promote a political or social cause. The report highlights recent hacktivist attacks in Canada and Europe, including attacks on government websites and critical infrastructure.

6. Ransomware trends
Ransomware is a type of malware that encrypts a victim's files and demands payment in exchange for the decryption key. The report provides statistics and trends on ransomware attacks, as well as highlighting several new ransomware families.

7. High-profile vulnerability and exploit issues
The report highlights several vulnerabilities and exploits that could be used by attackers to gain access to sensitive information or disrupt critical infrastructure. These include CVE-2018-0802, CVE-2018-8653, CVE-2018-0798, CVE-2023-23397, CVE-2017-0199, CVE-2017-11882, CVE-2010-0033, CVE-2023-28274, CVE-2010-4452, and CVE-2023-21716.

Stay informed about the latest cybersecurity threats and trends.

Be Ahead of the Game!

Stay informed about the latest cybersecurity threats and trends by subscribing to WithSecure's monthly threat highlights report!

Our comprehensive report provides an overview of last month's cybersecurity news, the changing threat landscape, and relevant advice.

Don't miss out on valuable insights - fill out the form to receive our report now!