Summary
This document is a Threat Landscape Update for February 2024, detailing significant cybersecurity incidents and trends. It outlines the ongoing mass exploitation incidents related to Ivanti ConnectSecure and vulnerabilities in ConnectWise ScreenConnect. The document describes the takedown of the Lockbit ransomware group by international law enforcement, highlighting the seizure of cryptocurrency wallets and servers, along with the arrest of associated hackers. It also discusses the critical vulnerabilities affecting Ivanti and Fortinet products, emphasizing the challenges organizations face in patching these vulnerabilities. Additionally, the report presents trends in ransomware activities, noting an increase in ransomware incidents and the emergence of new ransomware leak sites. The document includes statistical data on ransomware operations, with observations on the impact of law enforcement actions on ransomware groups and the overall threat landscape. The report aims to provide a comprehensive view of the current threats and vulnerabilities in the cybersecurity domain.
