Welcome to the September 2023 Threat Highlight Report!

Report provides an overview of the latest cybersecurity news, threat landscape, and advice to help you stay protected.

September report covers

Monthly highlights
Ransomware
Other notable highlights in brief

Here’s a bit more detail:

1. QakBot and DarkGate
QakBot is a banking Trojan that has been active since 2007. In recent years, it has been used to distribute ransomware and other malware. DarkGate is a new malware family that has been observed filling the void left by QakBot.

2. TeamsPhisher and Storm-0324
TeamsPhisher is a phishing tool that is designed to target Microsoft Teams users. Storm-0324 is a threat actor that has been observed using TeamsPhisher to distribute malware.

3. Malicious takeover of subdomains
This refers to a technique where threat actors take control of a subdomain belonging to a legitimate website and use it to host malware or launch phishing attacks.

4. Mis-scoring of a vulnerability in Juniper firewalls and switches
Refers to a vulnerability in Juniper firewalls and switches that was initially scored as low severity, but was later found to be more serious. The vulnerability could allow an attacker to bypass authentication and gain access to sensitive information.

5. Hacktivist attacks in Canada and Europe
Hacktivism refers to the use of hacking and other forms of digital activism to promote a political or social cause. The report highlights recent hacktivist attacks in Canada and Europe, including attacks on government websites and critical infrastructure.

6. Ransomware trends
Ransomware is a type of malware that encrypts a victim's files and demands payment in exchange for the decryption key. The report provides statistics and trends on ransomware attacks, as well as highlighting several new ransomware families.

7. High-profile vulnerability and exploit issues
The report highlights several vulnerabilities and exploits that could be used by attackers to gain access to sensitive information or disrupt critical infrastructure. These include CVE-2018-0802, CVE-2018-8653, CVE-2018-0798, CVE-2023-23397, CVE-2017-0199, CVE-2017-11882, CVE-2010-0033, CVE-2023-28274, CVE-2010-4452, and CVE-2023-21716.

Stay informed about the latest cybersecurity threats and trends.

Read report here!

Read our previous reports

March 2024

February 2024

January 2024

December 2023

November 2023

October 2023

September 2023

August 2023

July 2023

June 2023

May 2023

April 2023

March 2023

February 2023

January 2023

Be Ahead of the Game!

Stay informed about the latest cybersecurity threats and trends by subscribing to WithSecure's monthly threat highlights report!

Our comprehensive report provides an overview of last month's cybersecurity news, the changing threat landscape, and relevant advice.

Don't miss out on valuable insights - fill out the form to receive our report now!

First Name

Last Name

Business Email

Company *

Country *

About us

What's new

Latest updates

WithSecure uncovers Kapeka, a new malware with links to Russian nation-state threat group Sandworm

Understanding Continuous Threat Exposure Management

Understanding Cloud Security Posture Management

Understanding Your Attack Surface

Select your location and language

Europe

North America

Central and South America

Asia - Pacific

Global

Managed services

Co-Security services

Consulting

WithSecure™ Solutions

Outcome-based strategies

CISO Toolbox

Keep learning

WithSecure™ Security Outcomes

Watch & Read

Let us know

Featured article

Endpoint Protection Emotional Footprint

Become a partner

For current partners

Find a partner

Partner's corner

Importance of Data and Security Literacy for Salesforce Users

Disrupting the Kill Chain with WithSecure™ Cloud Protection for Salesforce

Self-help

Contact support

Important updates

WithSecure Support