Top Cybersecurity Threats for September 2023 Business
We've got some great deals going on right now exclusively for our online customers... chat now to hear more! Author: Phil Muncaster,On the third Wednesday of every month, the Verizon Threat Research Advisory Center (VTRAC) holds a Monthly Intelligence Briefing (MIB) to discuss the current cybersecurity threat landscape. Below is the summary of their most recent briefing and here is the . 1. LockBit is considering changes to its ransom policy, which could have a major impact on victims,2. Apple patched two new zero-day bugs being exploited to deliver commercial spyware,3. North Korea's Lazarus Group stole tens of millions of dollars from two crypto firms,If you'd like to receive new articles, solutions briefs, whitepapers and more—just let us know. Prolific ransomware group LockBit was by far the most successful outfit in August, listing 126 victims on its leak site, according to Verizon intelligence. However, the group is being forced to address internal policy issues, after observing a major inconsistency in the amount of ransom demanded by different affiliates. It to these affiliates earlier this month, which could have a significant impact on victims. The options offered to affiliates were:,Already, one affiliate dubbed the National Hazard Agency has said it will not accept less than 3% of victims' annual revenue and has vowed to destroy data if negotiators try to bargain them down. The debate highlights the struggle ransomware groups are having in monetizing their attacks but could also signal a new hard line on payments, which may harm victims financially. Apple was forced to patch two critical zero-day vulnerabilities exploited in the wild to deliver Pegasus spyware from notorious cyber mercenary firm NSO Group. Non-profit it discovered the BlastPass exploit chain after detecting spyware on the device of an individual employed by a Washington, DC-based civil society organization with international offices. The two WebP Codec vulnerabilities are buffer overflow bug , which affects the ImageIO framework, and , a validation issue in Apple Wallet. Google updated the Chrome browser for an additional WebP vulnerability, . Both have been added to CISA's . It is claimed that Apple devices in lockdown mode are . However, all users are urged to update their devices, as they could enable threat actors to silently deploy spyware to a user's device without requiring interaction. NSO Group is one of many commercial spyware makers that develop such exploits for government clients. North Korea's prolific Lazarus threat group has been blamed for several new raids on cryptocurrency firms, which netted more than $100 million. The a September 4 heist at crypto casino Stake.com. The attack enabled hackers to steal $41 million in Ethereum, Binance Smart Chain (BSC) and Polygon from the firm's hot wallets. A later attack on crypto-exchange CoinEx resulted in a $53 million loss and stemmed from a hot wallet private key that got into the wrong hands. That was to North Korea. is one of several groups working to collect funds for the Kim Jong Un regime's missile and nuclear programs. It has already been blamed for several attacks earlier this year, including ($35 million), . That brings the total haul for 2023 to $226 million, although it could be even greater. Given the recent decision by North Korea to send arms to Russia, these cybersecurity breaches also have a significant geopolitical dimension. Learn more about the ever-evolving nature of security threats and complex risk environments. Verizon Business Internet Security,Qualified Verizon Business Internet customers have access to powerful internet security solutions designed to help protect your business from cyber threats. Verizon Mobile Device Management (MDM),MDM provides powerful resources to mitigate mobile risk and help protect against cyberattacks that target corporate, education and business data and personal information. Mobile Threat Defense (MTD),Safeguard the data used by your remote workforce with advanced mobile security from Verizon and our partners. Managed Detection and Response,Take your security program to the next level by quickly identifying and responding to security incidents. Managed Security Information and Event Management,Get a tailored operational model that integrates Verizon security and intelligence capabilities with your own SIEM solution. Advanced Security Operations Center (SOC),To help detect and contain sophisticated threats and help prevent them from spreading. Rapid Response Retainer,To help accelerate response to serious attacks. Cyber Risk Programs,Identify security risks and threats before they can seriously harm your organization,To find out more, listen to the full threat intelligence briefing from the . If you are already a Verizon customer, we have several options to help you get the support you need. Choose your country to view contact details. Existing customers, to your business account or . . * Indicates a required field. We will follow up from your contact request using the information provided. These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information. These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. We use both third party and first party cookies for this purpose. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site, and will not be able to monitor its performance. These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly. These cookies may be set through our site by Verizon and third parties. They are used to present Verizon advertising on third party sites that you may visit. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising from Verizon. BackClear Filters,All Consent Allowed
Learn more