NetSecurity Cyber Threat Brief | July 2023

In the month of July 2023, the threat landscape witnessed a significant increase in Clop ransomware attacks, which accounted for a staggering 34 percent of overall observed cyber attacks. This Russian-linked malicious ransomware group has continued to evolve and wreak havoc on various organizations across the globe, leaving more than 160 victims just in the month of July 2023 and allegedly claiming more than 490 victims overall. The rise of Clop ransomware is alarming, as it signifies the increasing threat landscape which suggests Organizations must remain vigilant and take proactive measures to protect their systems and data from this relentless threat.

Source: ransomware.live

Apart from Clop, several other ransomware variants made their mark in July 2023. The top five ransomware of the month, in addition to Clop, were LockBit 3.0, 8Base, ALPHV, and BianLian. These ransomware have been responsible for a significant number of attacks, highlighting the diverse range of threats organizations face in the digital landscape.

Source: ransomware.live

Meanwhile, Microsoft researchers identified and mitigated a China-based threat actor group called Storm-0558 targeting of customer email. The company claimed Storm-0558 used forged authentication tokens to access user emails from approximately 25 organizations, including government agencies and consumer accounts.

In addition to the ransomware and nation-state threat actor onslaught, July 2023 saw several zero-day vulnerabilities making headlines. These vulnerabilities exposed vulnerabilities in popular software such as MoveIt [CVE-2023-34362], Citrix ADC [CVE-2023-3519], Ivanti EPMM [CVE-2023-35078]. Zero-day vulnerabilities are particularly concerning as they exploit unknown flaws, making it difficult for organizations to defend against them. The discovery of these vulnerabilities emphasizes the importance of timely patching and maintaining robust security measures.

The prevalence of Clop ransomware and the emergence of zero-day vulnerabilities in crucial software serve as stark reminders of the ever-evolving threat landscape. Organizations must prioritize cybersecurity and adopt a multi-layered defense strategy to mitigate the risk of falling victim to these malicious attacks.

As we move forward, it is imperative for organizations to stay informed about the latest threats and vulnerabilities, and to collaborate with cybersecurity experts to enhance their overall security posture. By doing so, they can effectively safeguard their systems, data, and reputation from the relentless onslaught of cyber threats.

Stay tuned for more updates and insights in the next edition of NetSecurity’s Threat Briefing.

Try ThreatResponder

Want to try our ThreatResponder, cutting-edge Endpoint Detection & Response (EDR), and ThreatResponder FORENSICS, the Swiss knife for forensic investigators in action? Click on the below button to request a free demo of our NetSecurity’s ThreatResponder platform.

Start a Free Demo

Disclaimer

The page’s content shall be deemed proprietary and privileged information of NETSECURITY CORPORATION. It shall be noted that NETSECURITY CORPORATION copyrights the contents of this page. Any violation/misuse/unauthorized use of this content “as is” or “modified” shall be considered illegal and subjected to articles and provisions that have been stipulated in the General Data Protection Regulation (GDPR) and Personal Data Protection Law (PDPL).