Sectrio

Weekly threat monitor: December 20th, 2021

As the fatigue of the patching in vulnerability (Log4j) sets in during the holidays, the threat actors and other APT groups, unaware of the exploit, are now exploiting systems that remain unpatched. This new vulnerability brings in an additional set of attack surfaces with advanced links to abilities in compromising IoT and OT deployments.

This new vulnerability is reported to have been exploited more than 1M times since Apache released its statement. It also indicates that more vulnerabilities and gaps in security have been discovered, and the threat of another crippling cyberattack now stands imminent in the following weeks.

Geo-Political tensions across nations and continents are at an all-time high, bringing in more alerts than seen before in the critical infrastructure segments like Oil and Gas, manufacturing, smart cities with intelligent IoT deployments, and OT deployments in utilities.

We urge all organizations to patch as many known vulnerabilities and tighten any overlooked security gaps. Sectrio’s compliance kits section on the menu will help you execute just that. Stay vigilant and stay secure.

Weekly advisory

Segments under this list must be on high alert in the coming weeks:

  • Critical Infrastructure
  • Enterprise
  • Healthcare
  • Oil and gas
  • Manufacturing
  • Water and water treatment
  • Utility treatment facilities
  • Governments
  • Financial services
Scroll to Top