February 2020 Threat Roundup
NJCCIC Alert
Original Release Date: 2020-03-09
Every month, millions of packets of potentially malicious traffic target the Garden State Network (GSN). In February 2020, analysis of high and critical severity threats identified consistent attempts to exploit internet of things devices, such as Wi-Fi routers. Additionally, in early February, there were spikes in attempts to exploit various Apache servers, such as Apache Struts and Apache Tomcat. A recently-disclosed Apache Tomcat vulnerability could allow a threat actor read and write privileges on the affected server. Email-based threats varied more this month, with Emotet only dominating in the first half of the month before dropping off. The latter half of the month saw a variety of threats that ranged from tech support scams to fake Adobe Flash updates. The intentions of these threats could be to convince a user to reveal financial or sensitive information, gain access to the user’s device, or install malware.
The NJCCIC recommends employing a defense-in-depth cybersecurity strategy, applying the Principle of Least Privilege, and establishing a cybersecurity awareness program to educate end users on current and emerging cyber threats and tactics.
Featured Content
- Disaster Relief and Tragedy-Related Scams>
- Flaw in Cosmo DB Could Allow Access to Databases>
- Threat Actors Use Messaging Service as Phishing Lure>
- Back-to-School Cybersecurity>
- Patch Now: Active Exploitation of Microsoft Exchange ProxyShell Vulnerabilities >
- T-Mobile Breach>
- Test Your Cybersecurity Knowledge - Take Our Cyber Quiz Today>
The NJCCIC is a component organization within the New Jersey Office of Homeland Security and Preparedness. We are the State's one-stop-shop for cyber threat analysis, incident reporting, and information sharing and are committed to making New Jersey more resilient to cyber threats by spreading awareness and promoting the adoption of best practices.
View our Privacy Policy here.
View our Site Index here.