Published 2024-02-28 by TechNet Team
This month's briefing focuses on emerging AI-powered threats and continued supply chain risks.
Top Threats This Month
AI-Generated Phishing
Attackers are using AI tools to create more convincing phishing emails without the grammar and spelling errors that previously served as warning signs. AI is also being used to create deepfake voice messages.
Action: Focus training on verification procedures rather than just spotting errors. Verify unusual requests through known contact methods.
Supply Chain Attacks
Compromised software updates continue to be a major attack vector. Recent incidents have targeted popular open-source libraries and commercial software.
Action: Maintain an inventory of software and vendors. Monitor security advisories for critical applications.
Credential Stuffing Attacks
Billions of credentials from previous breaches are being used in automated attacks against business applications.
Action: Enforce unique passwords via password manager. Require MFA on all business applications.
Notable Vulnerabilities
- Microsoft Outlook: Critical RCE vulnerability (CVE-2024-21413). Patch immediately.
- ConnectWise ScreenConnect: Authentication bypass allowing ransomware deployment. Emergency patching required.
Recommended Actions
- Update verification procedures to account for AI-generated content
- Review and update software inventory
- Verify MFA is enabled on all critical applications
- Ensure emergency patching procedures are in place