Blog

Unpacking the Q2 2024 Threat Report: Ransomware, Dark Web and Exploits

In our latest webinar, cybersecurity specialists Josh Smith and Justin Heard from PDI Security and Network Solutions shared detailed insights from the Q2 2024 Cyber Threat Report. This session explored key cybersecurity trends, notable threats, and effective mitigation strategies critical for organizations looking to stay ahead in today’s evolving threat landscape.

Ransomware: Trends and Defensive Measures

The webinar opened with an analysis of ransomware activity, revealing a decline in extortion-related incidents. More than 1,400 incidents were recorded in Q2—approximately 10% fewer than in Q1.

Josh explained, “These ransomware operations involve attackers extracting data and publishing extortion demands on their sites. Despite a decline, groups like LockBit, Play, and BlackBasta continue to be significant threats.”

LockBit remained highly active despite increased law enforcement pressure. According to Josh, the surge may reflect a final push to monetize existing access before being fully dismantled. Meanwhile, Play Ransomware continued leveraging double extortion tactics to increase its impact.

Justin highlighted the importance of endpoint detection and response (EDR) systems and maintaining consistent data backups to recover from attacks without paying a ransom. He also stressed ongoing employee cybersecurity awareness training to help prevent ransomware delivery via phishing emails.

The Dark Web: Activity and Countermeasures

PDI’s research found a 12% decrease in marketplace listings on the dark web during Q2. However, access credentials, shell access, and social security numbers saw a notable increase in demand and sale volume.

Lumma Stealer, once the leading infostealer, saw a decline in visibility while Rise Pro rose in prominence—primarily targeting Windows systems via phishing campaigns and pirated software. Justin reinforced the importance of multi-factor authentication (MFA) and continuous dark web monitoring to detect compromised credentials early.

Rising Exploits and How to Defend Against Them

Exploit activity increased by 21% in Q2, reaching nearly 15 million events. Josh noted that unpatched vulnerabilities remain a major risk—pointing specifically to the rise in exploit attempts targeting Hikvision Product SDK (CVE-2021-36260).

Josh also called out the importance of staying current with Microsoft Patch Tuesdays and emphasized that even older vulnerabilities—some dating back to 2017 and 2018—remain active targets.

Justin recommended strong patch management practices and frequent vulnerability scans to close security gaps quickly. He also advised using network segmentation to isolate IoT devices and limit the blast radius of potential breaches.

Final Takeaways and Resources

This session reinforced the importance of a layered cybersecurity approach—combining advanced technology, sound administrative controls, and continuous employee education to strengthen your defense posture.

For an in-depth look at these and other insights, download the complete Q2 2024 Cyber Threat Report. The full report offers actionable intelligence and data to help organizations defend against today’s evolving threats.

You can also watch the full webinar on demand: Watch the Q2 2024 Cyber Threat Report Webinar.

 

Have you registered for our next event?

View Upcoming Events
Contact Us