September 12, 2024 at 07:18AM
In its Q2 2024 SASE Threat Report, Cato CTRL revealed critical insights from analyzing 1.38 trillion network flows. Notable findings include the identification of IntelBroker as a major threat actor, 66% of brand spoofing targeting Amazon, and the continued exploitation of Log4j and Oracle WebLogic vulnerabilities. Security recommendations from the report include dark web monitoring and proactive patching. For more details, refer to the full report.
Key Takeaways from the Q2 2024 Cato CTRL SASE Threat Report:
1) Identification of a persistent threat actor, IntelBroker, involved in the sale of data and source code from major organizations.
2) 66% of brand spoofing focuses on Amazon, with cybersquatting being a prevalent issue.
3) Continued exploitation of Log4j and Oracle WebLogic vulnerabilities, indicating the persistence of these threats.
Security Recommendations from the report:
1) Regular monitoring of dark web forums for any mention of company data or credentials being sold.
2) Employment of tools to detect and mitigate phishing attacks leveraging cybersquatting.
3) Implementation of a proactive patching schedule focused on critical vulnerabilities, especially Log4j.
4) Creation of a data breach response plan and adoption of an “assume breach” mentality.
5) Adoption of methods like ZTNA, XDR, pen testing, and development of an AI governance strategy.
Additional detailed recommendations are available in the full report.