Regardless of the industry, the risks associated with data loss are significant. Financial services, healthcare, government, technology, and many other fields – all rely heavily on sensitive data. The Identity Theft Resource Center (ITRC) reports that the number of data compromises in the United States hit a record high of 1,802 in 2022. This emphasizes the alarming increase in data security incidents.

In today's digital age, cybersecurity has become a constant concern for organizations. A thorough understanding of the cyber threat landscape is needed to address these challenges and protect your company's systems and data, as only then can you implement effective protection measures.

Companies engage with a managed detection and response (MDR) provider to help ensure they detect cyber threats before they do any damage. The "response" part of the MDR moniker is key to that effort, making it vital to determine up front exactly what your chosen provider will do when it detects a threat in your environment.

Neobanks, which operate exclusively online without traditional physical branch networks, are facing an increasingly challenging landscape due to a significant rise in fraud cases. In recent years, financial institutions have reported a marked increase in fraudulent activities, with the average cost of fraud for institutions with assets over $5 billion rising by 65% from $2.3 million in 2022 to $3.8 million in 2023.

On April 12, 2024, Palo Alto Networks published a security advisory detailing an actively exploited maximum severity vulnerability (CVE-2024-3400, CVSS: 10.0) affecting the GlobalProtect feature of PAN-OS. This vulnerability affects PAN-OS 10.2, PAN-OS 11.0, and PAN-OS 11.1 firewalls when configurations for both GlobalProtect gateway and device telemetry are enabled. An unauthenticated remote threat actor can exploit this vulnerability to execute arbitrary code with root privileges on the firewall.

On April 12th, Palo Alto Networks released a CVE advisory for CVE-2024-3400, a critical vulnerability identified in the GlobalProtect Gateway feature of PAN-OS, the operating system for Palo Alto Networks firewalls. This command injection vulnerability allows unauthenticated attackers to execute arbitrary commands with root privileges on the affected devices.

The Network Time Protocol (NTP) was developed in the 1980s to address the growing need for time synchronization between an individual’s computer or device and others on the same network. The Windows NTP (Network Time Protocol) client is a component of the Windows operating system responsible for synchronizing the system’s clock with a time server on the internet or a local network.

On April 14, 2024, Palo Alto Networks (PAN) released hotfixes to address the maximum severity (CVSS: 10) vulnerability, CVE-2024-3400, affecting the GlobalProtect Feature of PAN-OS. An unauthenticated remote threat actor can exploit this vulnerability to execute arbitrary code with root privileges on the firewall. Volexity identified CVE-2024-3400 as a zero-day vulnerability and found that the threat actor UTA0218 was implanting a custom Python backdoor on firewall devices.