Category | Details |
---|---|
Chinese Cyber-Espionage Campaign | FBI and CISA issued a joint statement on a major Chinese cyber-espionage campaign by APT group Salt Typhoon, targeting U.S. telecommunications infrastructure (AT&T, Verizon, T-Mobile, Lumen Technologies). The campaign stole call records and intercepted communications, using Cisco router vulnerabilities. |
INC Ransomware Attack | Hungary’s Defense Procurement Agency confirmed a cyberattack by INC Ransomware, demanding $5 million for encrypted military procurement data. The Ministry of National Defense states no sensitive data was stored by VBÜ. |
City of Sheboygan Ransomware Attack | The City of Sheboygan, Wisconsin suffered a ransomware attack leading to unauthorized access to its network. No evidence of sensitive personal information being compromised. Forensic investigation is ongoing. |
Embargo Ransomware Attack | American Associated Pharmacies (AAP) was targeted by Embargo ransomware group, claiming to have stolen 1.469 TB of data. AAP reportedly paid $1.3 million in ransom and faced a second demand. |
DDoS Attack in Israel | A DDoS attack disrupted credit card readers in Israeli gas stations and supermarkets, causing payment issues. The hacktivist group Anonymous for Justice is linked to the attack. |
Microsoft Patch Tuesday Update | Microsoft released a patch fixing 89 vulnerabilities, including two zero-days (CVE-2024-43451 and CVE-2024-49039) actively exploited in the wild. |
Palo Alto Networks Zero-Day | Critical zero-day vulnerability in Palo Alto’s Next-Generation Firewalls (PAN-SA-2024-0015), allowing unauthenticated remote code execution. Exploited in attacks targeting internet-exposed interfaces. |
WordPress Plugin Vulnerability | Critical authentication bypass vulnerability in Really Simple Security plugin, allowing unauthenticated attackers to gain admin access to WordPress sites with two-factor authentication enabled. |
October 2024 Malware Report | Check Point Research highlighted a rise in infostealer malware (AgentTesla and Lumma Stealer) and the new version of Necro mobile malware as significant threats in October 2024. |
Hamas-linked WIRTE APT Activity | Check Point Research reported on Hamas-linked APT group WIRTE, conducting espionage and disruptive attacks against Israel using custom malware and SameCoin wiper malware. |
WezRAT by Iranian Threat Group | Check Point Research reported on WezRAT, a modular RAT used by Iranian group Emennet Pasargad, which has expanded its activity to target Israel, France, Sweden, and the U.S. |
Read full article: https://research.checkpoint.com/2024/18th-november-threat-intelligence-report/
Disclaimer: The above summary has been generated by an AI language model
Leave a Reply