TeamT5 杜浦數位安全為專精亞太地區威脅情資的領導品牌。於此篇文章中,我們總結 2024 年亞太地區進階持續性威脅(APT)的威脅態勢,不僅提出年度觀察,更指出未來一年值得留意的資安威脅。本篇文章為節錄版,摘述關鍵數據與威脅情資分析。欲取得完整《2024年威脅態勢回顧: 網路攻擊的模糊地帶》報告,您可以直接填寫文章末尾表格,我們將透過電子郵件、寄送給您。欲探索更多亞太地區的威脅情資,立刻申請獲得國際顧問公司肯定的威脅情資平台 ThreatVision 試用機會。請在 ThreatVision 頁面 說明您希望申請試用。
Threat Statistics in 2024: Data & Observations
In 2024, until the end of November, TeamT5 actively tracked 30 new vulnerabilities being exploited in the wild, along with around 500 attack operations across 42 countries, which we attributed to 73 known adversaries and more than 200 malware / hacking tools being used.
We also identified 45 victims being compromised in 9 countries and tried to notify through our trustworthy partners. And helped 33 IR cases for our customers. You could imagine all the above data contributing to our intelligence reports. Generally speaking, most of them show a tendency of increasing.
TeamT5 is actively tracking vulnerability exploitation attacks in the wild. In 2024, 30 widespread attacks were tracked by TeamT5, around 400 victim hosts across 21 countries were identified to be compromised.
We would like to highlight that 5 of them are email system related and 14 are exploiting edge devices, indicating they are high priorities of threat actors to access targets. Our research also shows EtherBei (aka Flax Typhoon) to be the most active threat actors to adopt these exploits.
During the course of our research, we also discovered some threat actors built their botnet or so called Operation Relay Box network by implanting malware like GobRAT, NatWalk and GenSeven.
Lastly, there’s also a tendency that more management services of edge devices are being exploited, such as FortiManager, Versa Director or Palo Alto Firewall, e.t.c., meaning that threat actors might compromise multiple entities by intruding on one device. We believe this is a threat that management service providers or big enterprises should be aware of.
本篇文章為節錄版,摘述關鍵數據與威脅情資分析。欲取得完整《2024年威脅態勢回顧: 網路攻擊的模糊地帶》報告,您可以直接填寫文章末尾表格,我們將透過電子郵件、寄送給您。欲探索更多亞太地區的威脅情資,立刻申請獲得國際顧問公司肯定的威脅情資平台 ThreatVision 試用機會。請在 ThreatVision 頁面 說明您希望申請試用。
Related Post
威脅情資
2024.01.09
2023年威脅態勢回顧: 網路攻擊的新策略、新常態、新技術和新領域【英文威脅情資報告】
cyber threat intelligence