Contact us
Overview
Maestro Sonar Sonar Light Mini Cloud Watch
Store
Blog
Resource
Company
About History Patents

Oct 2024 — Cyber Attack Trends

Nov 18, 2024

이아셀

Contents Download

According to South Korea’s National Intelligence Service, there were approximately 1.62 million cyberattacks on public institutions in the country per day in 2023, with about 80% of them attributed to North Korea. As North Korean cyberattacks become more frequent, questions have arisen regarding whether these attacks are truly the work of North Korea.

The October issue of the Logpresso CTI report analyzes cases of cyberattacks attributed to North Korea and examines the email information of the actual hackers to investigate whether there is a direct connection between the cyber attackers and North Korea.

1. Are Cyber Attacks Originating from North Korea Actually the Work of Actually the Work of North Korea?

  • Do North Koreans also Use the Internet?
  • How to Gain Access to the Details on North Korean Threat Actors?
  • Analysis of North Korean System Information Exposed in August 2024
  • Conclusion


2. Attackers Target Weekends and Early Hours of the Morning

  • Logpresso’s SOAR
  • Data Leak Detection in Cloud Environments

Contents Download



Logpresso Cyber Threat Intelligence

Logpresso is a specialized company in security and IT operations(SecOps), established in 2013. We offer security operation solutions such as log management, SIEM(Security Information and Event Management), SOAR(Security Orchestration, Automation, and Response), and DFIR(Digital Forensic & Incident Response) based on our fundamental technology.

Logpresso CTI is a cyber threat intelligence service optimized to immediately utilize such security threat information in security information and event management (SIEM) / security orchestration, automation, and response (SOAR) platforms. Relying on various open-source intelligence (OSINT) data sources such as the dark web and deep web, Logpresso CTI provides intelligence feeds that can detect various cyber-attacks including advanced persistent threats (APT), phishing, and credential stuffing.

Unlike many CTI services that are only available on a limited basis through API, Logpresso CTI synchronizes all indicators of compromise (IoC) directly to SIEM/SOAR, enabling full, real-time investigation of all logs. Unlike existing security architectures that primarily rely on detection through security devices, our approach enables the detection of threats proactively before a direct attack occurs.

See Also

More

May 2024 — Cyber Attack Trends

“South Korean auto parts company was exposed to a ransomware attack and that important information was stolen”

2024-07-08