September 4, 2024

Monthly Threat Digest: August 2024

For a detailed threat digest, download the pdf file here

Summary

In August, the cybersecurity arena gained significant attention following the identification of sixteen zero-day vulnerabilities. Among them, the “0.0.0.0 Day” vulnerability stands out as a critical security flaw affecting major web browsers like Chromium, Firefox, and Safari, allowing malicious websites to exploit localhost APIs through the 0.0.0.0 IP address. Google also patched two critical zero-day vulnerabilities in Chrome, CVE-2024-7971 and CVE-2024-7965, which allow remote code execution and heap corruption. Both have been actively exploited in the wild.

During this same period, there was a marked increase in ransomware attacks, with variants such as Akira, Black Basta, Babuk, Lockbit, Kuiper, Hunters International, Mad Liberator, and BlackByte Ransomware aggressively targeting victims. As ransomware tactics become increasingly sophisticated, it is imperative for organizations to bolster their defenses by implementing comprehensive backup and disaster recovery strategies. Additionally, training employees to detect and prevent phishing attacks remains essential.

Concurrently, thirteen threat actors were engaged in various campaigns. The Chinese APT group Volt Typhoon has been exploiting a Versa Director zero-day vulnerability, CVE-2024-39717, to deploy the VersaMem web shell for credential harvesting. Earth Baku, another APT group, has expanded its attacks from the Indo-Pacific to Europe, the Middle East, and Africa, using new tools against public-facing applications. As the cybersecurity landscape evolves, organizations must remain vigilant and proactively address emerging threats.

Subscribe to keep up on a weekly basis with our weekly threat digests and newsletters.

Recent Resources

Dive into our library of resources for expert insights, guides, and in-depth analysis on maximizing Uni5 Xposure’s capabilities

Book a demo and find out more about how Hive Pro can double your operational efficiency

Book a Demo