Threat Landscape Briefing – April 2024

In this month’s briefing we explore:

• NSA Shares Zero-Trust Guidance to Limit Adversaries' Lateral Movement (01:03)
  • The National Security Agency (NSA) has published updated guidance on Zero trust implementation and maturity.
  • See Info-Tech’s research on how to Build a Zero Trust Roadmap.
• A New Linux Attack on Docker (and Other Misconfigured Cloud Services) (03:27)
  • In early March 2024, Cado Security reported a new attack taking advantage of misconfigured Linux servers running unpatched versions of Docker, Apache Hadoop YARN, Redis, and Confluence.
  • Learn more about how to Ensure Cloud Security.
• TA4903 Tests New Tactics in Attacks Against US Businesses (05:43)
  • TA4903, a threat actor known for spoofing US government agencies and small-to-medium businesses, has incorporated new tactics.
  • See Info-Tech’s research on how to Integrate Threat Intelligence Into Your Security Operations.
• Hidden Threat: GTPDOOR Malware Targets Core Telecom Systems (07:48)
  • A sophisticated Linux backdoor, dubbed GTPDOOR, poses a significant risk to mobile carrier networks.
  • See how Info-Tech can help you Implement Risk-Based Vulnerability Management.
• Stop Hackers From Taking Over Your TeamCity: Critical Flaw Exploited (11:07)
  • Critical vulnerabilities in the popular CI/CD platform TeamCity are currently under active exploitation.
  • Learn more about the Best Vulnerability Management Tools.
• Phobos Ransomware: Old Dogs, Old Tricks (14:43)
  • US government agencies warned organizations on February 29, 2024, of ongoing Phobos ransomware attacks targeting government, education, emergency services, health care, and other critical infrastructure sectors.
  • See how Info-Tech can help you Build Ransomware Resilience.