Fastly’s Network Effect Threat Report for Q2 2023 offers valuable insights based on data from Fastly’s Next-Gen WAF and the Network Learning Exchange (NLX) [1]. This report covers global traffic across various industries and highlights key findings regarding targeted attacks and prevalent techniques.
Description
The report utilizes data from Fastly’s Next-Gen WAF and NLX, which anonymously shares attack source IP addresses among Next-Gen WAF customer networks [1] [2]. It provides a comprehensive analysis of global traffic, focusing on multiple industries. The findings reveal that the High Tech industry faced the highest number of attacks, followed by Media & Entertainment and Commerce sectors [1]. Furthermore, the report examines various attack techniques, with Traversal being the most common [1], followed by SQL Injection and Cross Site Scripting [1]. It also highlights the discovery of vulnerabilities through out-of-band callbacks, specifically in Log4j JNDI lookups, OS Command Injection [1], and XSS attacks [1]. Additionally, the report explores traffic patterns related to Autonomous Systems (AS) [1], which are networks or groups of IP addresses under a single entity’s control [1].
Conclusion
This report sheds light on the prevalence of attacks targeting multiple customers and industries, with the High Tech industry being the most affected. By analyzing attack techniques and vulnerabilities, it provides valuable insights for organizations to enhance their security measures. The findings also emphasize the importance of monitoring traffic patterns related to Autonomous Systems. Overall, this report serves as a valuable resource for understanding current threats and implementing effective mitigations to safeguard against future attacks.
References
[1] https://thehackernews.com/2023/09/threat-report-high-tech-industry.html
[2] https://patabook.com/technology/2023/09/26/threat-report-the-high-tech-industry-targeted-the-most-with-46-of-nlx-tagged-attack-traffic/
