Attacks, Vulnerabilities and Actors 13 November to 19 November 2023

For a detailed threat digest, download the pdf file here

Summary

HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of nine attacks were executed, twelve vulnerabilities were uncovered, and four active adversaries were identified. These findings underscore the persistent danger of cyberattacks.

Furthermore, HiveForce Labs revealed that among the seven zero-day vulnerabilities, one exploit targeting Zimbra Collaboration email software has been utilized by four distinct groups in attacks. Additionally, one vulnerability was identified in VMware Cloud Director Appliance, and five zero-days were discovered in Microsoft’s November 2023 Patch Tuesday.

TA402 initiated sophisticated phishing campaigns, specifically targeting government entities in the Middle East. The NoEscape ransomware, suspected to be a rebrand of Avaddon, is strategically employed in multi-extortion attacks. These attacks are on the rise, posing a significant threat to users worldwide.

Subscribe to receive our weekly threat digests and newsletters directly in your inbox.