Threat intelligence report, Qatar - August 2022
Notification of significant new trends or developments regarding the threat to the information systems of an organization. This notification may include analytical insights into intentions, technologies, or tactics of an adversary targeting information systems.
Reported cyber threats
Experts predict a surge of cyberattacks where hackers will be trying to steal personal data of people travelling to watch World Cup football matches.
Zeppelin ransomware
- Zeppelin Ransomware has been used against a wide range of businesses and critical infrastructure organizations to encrypt victims’ files for financial gain.
- It is recommended for all organizations to take respective measures to defend against Zeppelin ransomware attacks.
Palo Alto Networks firewall bug
- Research warning that a high-severity security vulnerability in Palo Alto Networks firewalls is being actively exploited in the wild.
- Palo Alto Networks has released a security update to address this vulnerability in PAN-OS firewall configurations.
LockBit ransomware
- LockBit ransomware will target multiple sectors and organizations globally by gaining access to the target network using the exploiting known security flaws.
- It is suggested to follow few practices which are available in the reference link to ensure the organization is resilient against ransomware or malicious attacks from the offset.
Critical RCE bug in Dray Tek routers
- A critical, pre-authenticated remote code execution (RCE) vulnerability has cropped up in the widely used line of Dray Tek vigor routers for smaller businesses.
- It is recommended to apply the firmware patches as soon as possible to secure against potential threats.
Recommendations
All the clients are advised to patch as soon as vulnerability is identified, be compliant to National Information Assurance (NIA), Qatar 2022 Cybersecurity Framework (QCSF) and other organizational standards as per Qatar law.
Download the report below to learn more.
