Threat Landscape Briefing – March 2024

In this month’s briefing we explore:

  • Deepfake Technology Tricks Worker Into Paying Out $25 Million (01:04)
    • A finance worker at a multinational firm was tricked into paying $25 million to fraudsters who used deepfake technology to pose as the company’s Chief Financial Officer.
    • See Info-Tech’s research on how to Address Security and Privacy Risks for Generative AI.
  • Heads Up, Bootloaders: Critical Shim Flaw Opens Door to Remote Code Execution (RCE) (03:22)
    • A significant remote code execution vulnerability has been discovered in the shim bootloader, a ubiquitous first-stage loader for Unified Extensible Firmware Interface systems.
    • Learn more about the Best Vulnerability Management Tools 2024
  • CISA Warns of Active Exploits: Patch Fortinet Products Against Critical Vulnerabilities (06:43)
    • Two critical vulnerabilities have been identified in multiple Fortinet products. Successful exploitation could grant attackers full system control, leading to code execution, data theft, and operational disruption.
    • See Info-Tech’s research on how to Implement Risk-Based Vulnerability Management.
  • 2023: A Banner Year for Ransomware (10:28)
    • With record-breaking payments and a substantial increase in the scope and complexity of attacks, 2023 marked a major comeback for ransomware.
    • See how Info-Tech can help you Build Resilience Against Ransomware Attacks.
  • ResumeLooters Steal Personal Data of 2 Million Using Exploits Almost as Old as the Internet (13:19)
    • Hacking Gang “ResumeLooters” has stolen the personal data of over two million job seekers after exploiting 65 legitimate job listing sites.
    • Learn more about the Best Cyber Risk Rating Software.

Featured Speakers

Michel Hebert

Principal Research Director, Security & Privacy
Read Bio

Carlos Rivera

Principal Research Advisor, Security & Privacy
Read Bio

Ahmad Jowhar

Research Specialist, Security & Privacy
Read Bio

Jonathan Nelson

Principal Advisory Director
Read Bio

Visit our Exponential IT Research Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019