Summary of Vulnerabilities, Actors & Attacks: February 2024
Vulnerabilities Exploited | Adversaries in Action | Attacks Executed | Targeted Countries | Targeted Industries | MITRE ATT&CK TTPs |
22 | 14 | 38 | 206 | 42 | 319 |
Download the pdf file to learn more
Summary
In February, the cybersecurity landscape witnessed a surge in attention due to the discovery of eight zero-day vulnerabilities. Zero-Day in Ivanti, ScreenConnect, and Microsoft are currently under widespread exploitation. Particularly concerning is the exploitation of ScreenConnect by various threat actors, who are deploying ransomware, RATs, and other malware. Security teams are urged to promptly patch their systems to mitigate these risks.
During the same period, ransomware attacks experienced a noticeable uptick, with strains such as Blackcat, Abyss Locker, LockBit and Akira actively targeting victims. As ransomware continues to advance in sophistication, organizations are urged to fortify their defenses by implementing robust backup and disaster recovery strategies. Additionally, employee training to recognize and thwart phishing attacks is crucial.
In parallel, fourteen adversaries were active across diverse campaigns. The LockBit Gang has resurged following enforcement takedowns, while BlackCat has made a significant comeback, causing critical disruptions in the US healthcare sector. Organizations must promptly patch vulnerabilities and implement robust cybersecurity measures to effectively defend against such persistent threats.
Download the pdf file to learn more