WatchTower I ntelligence-Driven Threat Hunting

2023 was a tumultuous year in cyber crime. We saw globally impactful attacks, followed by law enforcement takedowns, and reincarnations of once-defeated threat actor groups. We saw clever new pivots in malware capabilities, threat actor TTPs, and massively widespread zero-day exploits; and through it all, WatchTower was there.
WatchTower, SentinelOne’s Threat Hunting and Intelligence arm, is composed of globally distributed security researchers and intelligence analysts working continually to understand the ever evolving cyber threat landscape. We take advantage of threats identified on our globally deployed endpoints, as well as open source / darkweb threat research, and we work closely with our Vigilance MDR and DFIR teams to understand threat actor modus operandi in detail. All of this allows us to both respond extremely rapidly to new threats and be predictive in our threat hunting. At the end of the day, our mission is to protect our clients with industry-leading threat hunting, threat intelligence, and risk identification and mitigation.

In this special year-end edition of the WatchTower Digest, we discuss the threats we observed and investigated in 2023, and look ahead to the 2024 threat landscape. Our findings are based on SentinelOne’s Singularity telemetry across tens of millions of endpoints, operating across a diverse number of industries and global geographies.
This edition of WatchTower includes:

• A comprehensive review of the top cyber attacks in 2023
• A look at the top threats across Windows, Mac, and Linux environments
• Original insights into major vulnerabilities, cyber crime toolkits, and human-operated ransomware groups
• Ransomware group disruptions and reincarnations in 2023
• An overview of the most prevalent commodity crime toolkits, shared loader and APT groups in 2023
• Coverage of the first double supply chain attack
• Coverage of a rise in state-sponsored attacks
• Coverage of a rise in multiple vulnerabilities abused in second half of 2023 for targeted attacks
• Predictions on the top cybersecurity threats of 2024

Views: 0