News & Press

Nuspire’s Q1 2024 Threat Report Exposes Dark Web and Ransomware Surge

Cybercriminal Marketplaces Thrive: A 58.16% Spike in Dark Web Listings 

COMMERCE, MI (April 30, 2024): Nuspire, a leading managed security services provider (MSSP), today unveiled its Q1 2024 Cyber Threat Report. This latest report provides an in-depth examination of the changing dynamics in cyber threats, highlighting rises in ransomware, dark web commerce and exploit activities, alongside measures to safeguard against these threats.  

The Q1 2024 report spotlights a 3.69% rise in ransomware activities from Q4 2023, punctuating the persistent threat ransomware groups pose. Additionally, dark web market activity saw a staggering 58.16% increase in listings, indicating significant growth in the trade of stolen data and illicit goods. 

Exploitation events also experienced a sharp uptick, with a 52.61% increase in total activity from Q4. The report specifically points to the exploitation of the Hikvision Product SDK WebLanguage Tag Command Injection vulnerability (CVE-2021-36260) as a leading concern. 

“Nuspire’s latest report underscores a critical evolution in the cyber threat landscape, marked by a notable increase in ransomware attacks and a surge in dark web marketplace activities. The obscurity and easy access of the dark web facilitate the exchange of exploit kits and confidential information, reducing the hurdles for would-be cybercriminals and complicating the task for cyber defense mechanisms,” said J.R. Cunningham, Chief Security Officer at Nuspire. “Considering the secretive environment of the dark web and the difficulties in overseeing its operations, it is crucial for companies to emphasize intelligence gathering, ongoing surveillance and staff training to adeptly navigate these advancing threats.” 

Additional findings from Nuspire’s newly-released cyber threat report: 

  • Despite the U.S. Department of Justice’s disruption of LockBit’s operations on Feb. 20, 2024, the group’s extortion publications experienced only a temporary decline before rapidly recovering, resulting in a 1.74% increase in LockBit’s publications by the end of Q1 2024 compared to Q4 2023. 
  • The manufacturing sector, crucial to supply chains and rich in intellectual property, faced a jump in ransomware attacks from LockBit and CL0P. The growth in attacks highlights the vulnerabilities this industry often faces resulting from complex IT/OT systems, underinvestment in cybersecurity and the sector’s historical prioritization of operational continuity over security measures.  
  • The report also revealed a more than twentyfold increase in exploit attempts against the Hikvision Product SDK WebLanguage Tag Command Injection vulnerability (CVE-2021-36260) compared to Q4’s data. This vulnerability allows for remote device hijacking without user interaction on Hikvision security cameras. 
  • Listings on dark web marketplaces featuring Lumma Stealer saw a significant increase, more than doubling from Q4 2023. Lumma Stealer emerged in 2023 and quickly became a leader in infostealing malware.  

Q1 2024 Nuspire Threat Report Infographic

“IDC’s research highlights the dark web as a burgeoning marketplace for cyber threats, which is particularly concerning as it operates beyond the reach of traditional security measures,” said Craig Robinson, Program Director of Security Services at IDC. “In response, organizations must extend their vigilance beyond their immediate IT environment to include intelligence gathering and monitoring these obscure online spaces. This proactive stance is part of a broader imperative to embrace emerging technologies, such as post-quantum cryptography and AI-driven security solutions, to build a resilient and forward-looking defense against an increasingly sophisticated and elusive threat landscape.” 

To access the Q1 2024 Cyber Threat Report and learn more about protecting your organization, visit Nuspire’s website 

Learn more about ways to protect against the dark web. 


About Nuspire  

Nuspire is a managed security services provider (MSSP) with 25 years of expertise, offering managed security services (MSS), managed detection and response (MDR), and managed endpoint detection and response (EDR) that supports best-in-breed EDR solutions. The company also offers cybersecurity consulting services (CSC) that include incident readiness and response, threat modeling, digital forensics, technology optimization, posture assessments and more. Nuspire’s self-service, technology-agnostic platform, myNuspire, allows greater visibility into a CISO’s entire security program. The platform alleviates the pain associated with tech sprawl, provides intelligence-driven recommendations, solves for alert fatigue and helps clients become more secure over time. With a deep bench of cybersecurity experts, award-winning threat intelligence and two 24×7 security operations centers (SOCs) Nuspire is equipped to detect, respond and remediate advanced cyber threats. Nuspire’s client base spans thousands of enterprises, from midsized to large enterprises across multiple industries and geographic footprints. For more information, visit and follow the company on LinkedIn @Nuspire