Weekly Threat Digest: October 28 – November 03, 2024
For a detailed threat digest, download the pdf file here
Summary
HiveForce Labs recently reported a series of critical cybersecurity threats, underscoring the increasing frequency and sophistication of cyber incidents. Over the past week, eleven attacks were detected, four critical vulnerabilities were exploited, and three active threat groups were tracked, reflecting a relentless rise in cyber intrusions.
A particularly notable vulnerability involves SonicWall’s SonicOS, identified as CVE-2024-40766. Since August 2024, attacks leveraging this access control flaw have risen, with more than 30 incidents attributed to the Akira and Fog ransomware strains across various industries. Meanwhile, the Embargo ransomware, operating as a Ransomware-as-a-Service (RaaS) model since mid-2024, poses a dual-platform threat to both Windows and Linux systems.
Adding to the concerns, the Chinese APT group Evasive Panda employs a toolset called CloudScout to infiltrate organizations in Taiwan. In other developments, QNAP recently addressed a critical vulnerability (CVE-2024-50388) after it was exploited to breach a TS-464 NAS device during the Pwn2Own Ireland 2024. These growing threats highlight an urgent need for strengthened cybersecurity defenses worldwide.
Subscribe to receive our weekly threat digests and newsletters directly in your inbox.