UPDATES
3
4
3
4
threat
UPDATES
3
MIDDLE EAST
Research from Positive Technologies has revealed that in
2024 cybercriminals have shifted focus from personal data to stealing company credentials and trade secrets . One in six listings ( 16 %) on the Dark Web featuring stolen government data involves organisations in the Middle East .
This insight comes from Positive Technologies ’ first study on data breaches in Russia , the Middle East and globally . Its experts reviewed over 1,000 Dark Web listings and 700 public incident reports from the first half of 2024 worldwide .
Anna Golushko , Senior Analyst at Positive Technologies , said : “ Credentials are frequently sold on Dark Web forums , a key revenue source for cybercriminals . In March , access to a prominent UAE bank ’ s website was listed for US $ 10,000 . The rise in these leaks is evident on the Dark Market- forums now offer access to dozens or hundreds of companies per post .”
4
NORTH KOREA
Microsoft has identified a North Korean threat actor exploiting a zero-day vulnerability in Chromium , now identified as CVE-2024-7971 , to gain remote code execution ( RCE ).
A statement from the company said : “ We assess with high confidence that the observed exploitation of CVE-2024-7971 can be attributed to a North Korean threat actor targeting the cryptocurrency sector for financial gain .
“ Our on-going analysis and observed infrastructure lead us to attribute this activity with medium confidence to Citrine Sleet . We note that while the FudModule rootkit deployed has also been attributed to Diamond Sleet , another North Korean threat actor , Microsoft previously identified shared infrastructure and tools between Diamond Sleet and Citrine Sleet , and our analysis indicates this might be shared use of the FudModule malware between these threat actors .”
3
4
WWW . INTELLIGENTCISO . COM 25