Nuspire's Q3 2024 Threat Report Shows 50% Spike in Exploit Attempts and Rise in Ransomware Extortion Activity
Nuspire's Q3 2024 Threat Report Shows 50% Spike in Exploit Attempts and Rise in Ransomware Extortion Activity
Dark Web Infostealer Lumma Resurges, Targeting VPN Technologies
暗網信息竊取者Lumma再次出現,瞄準VPN技術
COMMERCE, Mich., Oct. 29, 2024 /PRNewswire/ -- Nuspire, a leading managed security services provider (MSSP) and PDI Technologies company, today released its Q3 2024 Cyber Threat Report, offering an in-depth analysis of cyber threats over the past quarter. Significant findings in the report include a surge in exploit attempts, a change in ransomware group dominance and shifting trends in dark web behavior.
密歇根州商業,2024年10月29日 /路透社/ - 領先的託管安全服務提供商(MSSP)和PDI Technologies公司Nuspire今天發佈了其2024年第三季度網絡威脅報告,深入分析了過去一個季度的網絡威脅。報告中的重要發現包括攻擊嘗試激增、勒索軟件組的主導地位轉變以及暗網行爲趨勢的變化。
According to the report, exploit activity increased by over 50%, driven by a sharp rise in attacks against VPN technologies. On the ransomware front, a power shift emerged as RansomHub dethroned LockBit as the top extortion publication group, signaling evolving tactics in the ransomware ecosystem.
根據報告,攻擊活動增長超過50%,主要是對VPN技術的攻擊激增。在勒索軟件方面,RansomHub取代LockBit成爲頂級勒索組織,標誌着勒索軟件生態系統戰術的演變。
"This quarter's findings highlight a clear shift in how cybercriminals are attacking—particularly their exploitation of VPN vulnerabilities, which organizations often overlook in their broader security strategy," said J.R. Cunningham, Chief Security Officer at Nuspire. "It's no longer enough to rely on reactive measures. Businesses must adopt a more preemptive approach, strengthening their remote access controls and continuously assessing potential entry points. The rise of RansomHub also signals that ransomware actors are getting bolder, which calls for more robust incident response capabilities, not just at the technical level, but in how organizations manage the human and financial impact of these attacks."
「本季度的發現突顯了黑客們如何轉變攻擊方式-特別是他們對VPN漏洞的利用,這是組織在更廣泛的安全策略中經常忽視的部分,」Nuspire首席安全官J.R. Cunningham說。「僅依賴被動的措施已經不夠了。企業必須採用更爲主動的方法,加強遠程訪問控制,不斷評估潛在的入口點。RansomHub的崛起也表明,勒索軟件行爲者變得更加大膽,這要求建立更強大的事件響應能力,不僅僅是在技術層面上,還要關注組織如何管理這些攻擊對人員和財務影響。」
Key insights from Nuspire's Q3 2024 Cyber Threat Report include:
Nuspire 2024年第三季度網絡威脅報告的關鍵見解包括:
-
Exploit Activity:
- A total of 16,964,624 exploitation events were detected in Q3, marking a 50.96% increase over Q2.
- Over 60% of these attacks targeted unpatched or outdated systems, focusing on VPN vulnerabilities.
- The Fortinet FortiOS SSL-VPN vulnerability (CVE-2022-42475) was the most exploited, with a significant uptick in attack attempts.
- Exploits targeting remote work environments saw a 45% increase, further highlighting the risks posed by hybrid workforces.
- 攻擊活動:
- 第三季度共檢測到16,964,624次攻擊事件,較第二季度增長了50.96%。
- 超過60%的攻擊針對未打補丁或過時系統,主要集中在vpn漏洞上。
- Fortinet FortiOS SSL-vpn漏洞(CVE-2022-42475)是最受利用的漏洞,攻擊嘗試顯著增加。
- 針對遠程辦公概念環境的利用增加了45%,進一步突顯了混合辦公帶來的風險。
-
Ransomware Trends:
- RansomHub ransomware overtook LockBit as the leading ransomware group, with an 8.06% rise in ransomware publications.
- Nearly 30% of all ransomware-related extortion in Q3 was attributed to RansomHub's activity.
- 40% of successful ransomware attacks were initiated through phishing or exploited vulnerabilities.
- Smaller ransomware groups are adopting more agile tactics to evade law enforcement and detection.
- 勒索軟件趨勢:
- RansomHub勒索軟件取代LockBit成爲領先的勒索軟件組織,在勒索軟件發佈上升8.06%。
- 2022年第三季度幾乎30%的涉勒索軟件的勒索歸因於RansomHub的活動。
- 40%的成功勒索軟件攻擊是通過網絡釣魚或利用漏洞發起的。
- 較小的勒索軟件組織採用更靈活的策略來逃避執法和檢測。
-
Dark Web Listings:
- Dark web activity decreased by 5.41% overall, but the Lumma Stealer infostealer saw a resurgence, with a 12% increase in listings.
- Demand for compromised VPN and cloud service credentials surged, with listings for these credentials increasing by 15%.
- High-value targets, particularly in healthcare, financial services and critical infrastructure, were prioritized in dark web transactions.
- 暗網列表:
- 整體而言,暗網活動減少了5.41%,但Lumma Stealer信息竊取者出現了復甦,列表增加了12%。
- 對受損的VPN和雲服務憑據的需求激增,這些憑據的列表增加了15%。
- 暗網交易中,特別是在醫療保健、金融服務和關鍵基礎設施領域的高價值目標被優先考慮。
"Q3 2024 saw a dramatic increase in exploit attempts, underscoring the continued evolution of cybercriminal tactics," said Craig Robinson, VP of Security Services Research at IDC. "With remote access technologies like VPNs under constant attack, organizations can no longer depend on patch management alone. A comprehensive, forward-looking approach is necessary—one that integrates real-time monitoring, adaptive threat management and advanced solutions like generative AI to accelerate detection and response. As ransomware and dark web threats rise, prioritizing identity security and adopting zero-trust frameworks will be essential for long-term protection."
"2024年第三季度爆發性漏洞嘗試大幅增加,凸顯了網絡犯罪策略持續演變,"IDC安全服務研究副總裁克雷格·羅賓遜說。"隨着遠程訪問技術如VPN不斷遭受攻擊,組織不能再僅依賴補丁管理。必須採取綜合、前瞻性的方法,整合實時監控、自適應威脅管理和生成式AI等先進解決方案,加速檢測和響應。隨着勒索軟件和暗網威脅的上升,優先考慮身份安全並採用零信任框架對於長期保護至關重要。"
To access the complete Q3 2024 Cyber Threat Report and learn more about protecting your organization, visit Nuspire's website.
要獲取完整的2024年第三季度網絡威脅報告並了解如何保護您的組織,請訪問Nuspire的網站。
About Nuspire
With over 25 years of expertise, Nuspire, a PDI Technologies company, is redefining cybersecurity through intelligent unification and unparalleled protection. Our company delivers innovative managed security services (MSS), managed detection and response (MDR), endpoint detection and response (EDR) and consulting solutions tailored to clients' needs. Our technology-agnostic platform provides holistic visibility across entire security tech stacks, seamlessly integrating human expertise, advanced AI and cutting-edge technologies. This comprehensive approach offers unprecedented control and predictive intelligence across clients' cybersecurity infrastructure. With features like an AI-powered assistant for streamlined operations and a mobile application for on-the-go threat management, we empower organizations to confidently navigate the evolving threat landscape. Driven by uncompromising excellence, our experts and 24x7 SOCs enable clients to stay ahead of emerging threats while optimizing their security investments. For more information, visit .
關於Nuspire
憑藉超過25年的專業經驗,PDI Technologies旗下的Nuspire正在通過智能統一和無與倫比的保護重新定義網絡安全。我們公司提供創新的託管安全服務(MSS)、託管檢測和響應(MDR)、端點檢測和響應(EDR)以及諮詢解決方案,量身定製以滿足客戶的需求。我們的技術無關平台提供整體安全技術棧的全面可視性,無縫集成人類專業知識、先進人工智能和尖端技術。這種全面方法爲客戶的網絡安全基礎設施提供了前所未有的控制和預測智能。藉助AI助手實現流程簡化和移動應用程序進行隨時處理威脅管理等功能,我們使組織能夠自信地應對不斷變化的威脅環境。憑藉毫不妥協的卓越品質,我們的專家和24x7SOC讓客戶能夠在崛起的威脅前保持領先,並優化他們的安全投資組合。欲了解更多信息,請訪問。
For more information, visit and follow the company on LinkedIn @Nuspire.
欲了解更多信息,請訪問公司LinkedIn主頁@Nuspire。
About PDI Technologies
With 40 years of industry leadership, PDI Technologies, Inc. resides at the intersection of productivity and sales growth, delivering powerful solutions that serve as the backbone of the convenience retail and petroleum wholesale ecosystem, as well as other specialty retail and restaurant environments like quick-service restaurants (QSRs), fast casual dining, and more. By "Connecting Convenience" across the globe, we empower businesses to increase productivity, make informed decisions, and engage faster with their customers. From large-scale ERP and logistics operations to loyalty programs and cybersecurity, we're simplifying the industry supply chain for whatever comes next. Today, we serve over 200,000 locations worldwide with solutions like the Fuel Rewards program and GasBuddy, two popular brands representing more than 30 million users. Visit the PDI Technologies website.
關於PDI科技
擁有40年行業領導地位的PDI科技公司坐落於生產效率和銷售增長的交匯點,提供強大解決方案,作爲便利零售和石油批發生態系統的支柱,以及其他專業零售和餐廳環境,如快餐餐廳(QSRs)、快餐餐廳等。通過在全球範圍內「連接便利」,我們賦予企業增加生產力,做出明智決策並更快地與客戶互動的能力。從大規模的ERP和物流運營到忠誠度計劃和網絡安全,我們正在爲行業供應鏈簡化未來做好準備。如今,我們通過品牌燃油獎勵計劃和GasBuddy等解決方案爲全球超過200,000個地點提供服務,這兩個知名品牌代表超過3000萬用戶。訪問PDI科技網站。
SOURCE Nuspire
資訊來源爲Nuspire
WANT YOUR COMPANY'S NEWS FEATURED ON PRNEWSWIRE.COM?
想要您公司的新聞在PRNEWSWIRE.COM上特色呈現嗎?
譯文內容由第三人軟體翻譯。