AUS
NZ
UK
CA
USA
FRA
GER
ESP
ITA
NLD
PRT
SWE
GRC
IND
POL
BRA
ZAF
RUS
CHN
UAE
 |
COMMERCE, Mich., Feb. 6, 2025 /PRNewswire/ -- Nuspire, a leading managed security services provider (MSSP) and a PDI Technologies company, today released its Q4 and Full Year 2024 Cyber Threat Report, providing a comprehensive analysis of the evolving cyber threat landscape. The latest report reveals a significant increase in ransomware extortion publications, a shift in ransomware group dominance, and a continued rise in exploit attempts.
Clop Ransomware Surges as Top Threat Actor
According to the report, ransomware extortion publications rose by 46% compared to Q3, with Clop ransomware emerging as the most active group, surpassing RansomHub. Clop, known for its double-extortion tactics, leveraged multiple zero-day vulnerabilities throughout Q4, significantly impacting the Professional & Technical Services industry, which remained the most targeted sector.
"The sharp increase in ransomware extortions in Q4 2024, particularly from Clop, signals an alarming escalation in cybercriminal operations," said Justin Heard, Director of Security Operations at Nuspire. "Threat actors continue to evolve their tactics, making it critical for organizations to enhance their proactive threat detection capabilities and incident response strategies, and we will continue to watch this in 2025."
Key Findings from Nuspire's Q4 2024 Cyber Threat Report
Ransomware Trends
- 2,247 ransomware extortion publications were reported, a 46% increase from Q3 2024.
- Clop overtook RansomHub as the most active ransomware group, while Akira, Funksec, and Bashe entered the top five.
- Finance & Insurance emerged as the third-most targeted industry, rising from fifth place in Q3 2024.
Exploit Activity
- Exploit attempts increased by 72% compared to Q3 2024, with 29,180,763 exploit events detected.
- Hikvision camera vulnerabilities (CVE-2021-36260) and Bash vulnerabilities (CVE-2014-6271) saw significant increases in exploitation attempts (56% and 77%, respectively).
- Firewall and VPN technologies remain top targets, as cybercriminals seek to bypass perimeter defenses.
Dark Web Trends
- Dark web marketplace listings decreased by 32% from Q3 2024, with 1,316,660 raw log listings and 590,762 credit card listings available for sale.
- Lumma Stealer, a persistent malware-as-a-service (MaaS) infostealer, continued to thrive, harvesting sensitive data for resale on illicit marketplaces.
"Cybercriminals are refining their attack strategies, targeting critical infrastructure and high-value data sources," said Josh Smith, Principal Threat Intelligence Analyst at Nuspire. "Organizations must remain vigilant, employing a combination of AI-driven threat intelligence, robust patch management, and employee security training to mitigate these evolving risks."
Mitigation and Security Recommendations
To help businesses combat the latest cyber threats, Nuspire recommends:
- Enhancing endpoint detection and response (EDR) solutions to swiftly detect and contain ransomware attacks.
- Implementing dark web monitoring to identify compromised credentials and data before they are weaponized.
- Applying timely system patches to protect against newly discovered exploits, particularly in remote access technologies.
- Strengthening cybersecurity awareness training to reduce the risk of phishing-based ransomware infections.
Access the complete report online at Nuspire's Q4 and Full Year 2024 Cyber Threat Report.
About PDI Security and Network Solutions
With over 25 years of expertise, PDI Security and Network Solutions (formerly known as Nuspire) is redefining cybersecurity and network management through intelligent unification and unparalleled protection. The company delivers fully managed security and network services, including managed detection and response (MDR), endpoint detection and response (EDR), Firewall as a Service, 5G as a Service, and Wi-Fi as a Service. The technology-agnostic platform seamlessly integrates human expertise, advanced AI, and innovative technologies, providing holistic visibility across security and network infrastructure. Staffed by highly trained security experts, PDI 24/7 SOCs help organizations stay ahead of emerging threats while optimizing their technology investments. Learn more about PDI Security and Network Solutions.
For more information, contact: [email protected]
