Welcome to the Summer 2024 edition of the Below the Surface Threat Report.
As the heat of summer continues, we continue to see increased attacks against VPN and firewall appliances and IoT devices. This season’s report delves deep into the ever-evolving landscape of cybersecurity threats, shedding light on critical issues affecting the IT supply chain and the broader security ecosystem.
Highlights from this edition:
- Threat Landscape: In recent months, there has been a surge in sophisticated attacks targeting VPN and firewall appliances from several major vendors. These attacks have leveraged critical severity-level vulnerabilities that cybercriminals exploit to gain access to an organization’s networks.
- Research and Vulnerabilities: This edition focuses on Google Pixel Updates, Windows Driver Vulnerabilities, and why the Norwegian National Cyber Security Centre (NCSC) recommends getting rid of your VPN.
- Resources: We have also rounded up the latest blog posts and webinar recordings – from the Windows Supply Chain Cheat Sheets to using Open-Source and Built-In Tools for Supply Chain Validation.
Our recent podcasts include guest speakers Dr. Ed Harris on the topic of Securing OT Environments and Adam Pennington discussing the various aspects of Mitre Att&ck, including tools, techniques, and supply chain aspects.
