Report
Learning from Incident Response: January-March 2024
Get Your Complimentary Paper
All active fields required.
Key Points:
- Despite law enforcement action against individual groups, the number of ransomware engagements remained high
- Exploitation of vulnerabilities in internet-facing devices was the most frequently observed initial access vector
- Patching vulnerable systems in a timely manner is an essential defense, as older vulnerabilities can still pose a risk to organizations
The Secureworks® Incident Response (IR) team plays a critical role in supporting organizations impacted by a security incident. This report from the Secureworks Counter Threat Unit™ (CTU™) research team reviews key observations from IR engagements conducted in the first quarter of 2024.
Knowledge about threat actor behaviors can enable organizations to enhance best practices, make risk management decisions, and prioritize resource allocation.