October 2023 Threat Highlights Report

  • An ongoing phishing campaign impacting Finland.
  • The state of the infostealer market.
  • Fallout following the compromise of Okta.
  • A new HTTP/2 rapid reset DDoS technique.
  • The state of the hacktivist landscape, which has been further shaped by ongoing conflict in Israel.
  • Tracking the ransomware landscape, including statistics from known attacks.
  • Reference to a wider piece of research on the malware Darkgate.

 

  1. Phishing campaign impacting Finland
    Phishing campaign that is targeting Finnish organizations. The attackers are using a variety of tactics to trick users into giving up their login credentials, including sending fake emails that appear to be from legitimate sources.
  2. Infostealer market
    Current state of the infostealer market, which is a type of malware that is designed to steal sensitive information from infected systems. The report notes that the market is currently dominated by a few key players, and that the malware is often sold on underground forums.
  3. Fallout following the compromise of Okta
    Overview of the fallout following the compromise of Okta, a company that provides identity and access management services to many other third parties. The report notes that the attackers were able to access customer accounts at 1Password, Beyond Trust, and Cloudflare by abusing credentials, cookies, and session tokens contained within HAR files.
  4. HTTP/2 rapid reset DDoS technique
    A new DDoS technique that is designed to exploit a vulnerability in the HTTP/2 protocol. The technique involves sending a series of specially crafted requests that cause the server to reset the connection, which can result in a denial of service.
  5. Hacktivist landscape
    Current state of the hacktivist landscape, which has been further shaped by ongoing conflict in Israel. The report notes that hacktivist groups are increasingly using social media to spread their message and coordinate their activities.
  6. Ransomware landscape
    Statistics on known ransomware attacks, including the number of attacks and the amount of ransom demanded. The report notes that ransomware attacks continue to be a major threat to organizations of all sizes
  7. Darkgate malware
    The report includes a reference to a wider piece of research on the Darkgate malware, which is a financially motivated cybercrime actor that is using multiple malware families to target digital marketing professionals.

Stay informed about the latest cybersecurity threats and trends.

Download the Report