July 2, 2024

Summary of Vulnerabilities, Actors & Attacks: June 2024

Vulnerabilities ExploitedAdversaries in ActionAttacks ExecutedTargeted CountriesTargeted IndustriesMITRE ATT&CK TTPs
38112925631187

Summary

In June, the cybersecurity arena garnered significant attention following the identification of nine zero-day vulnerabilities. The Chief ‘Five Celebrity Vulnerabilities,’ which included critical flaws like Zerologon, UEFIcanhazbufferoverflow, Baron Samedit, Pwnkit, and Log4shell, all of which were leveraged to deploy ransomware and backdoors. Additionally, the Arm Zero-Day vulnerability CVE- 2024-4610, has been actively exploited in the wild. While the threat actors are actively exploiting a critical path-traversal vulnerability, CVE- 2024-28995, in SolarWinds Serv-U.

During this same timeframe, there was a marked increase in ransomware attacks, with variants such as TargetCompany, Knight, Fog, TellYouThePass, Black Basta, DragonForce, CatB Ransomware aggressively targeting victims. As ransomware tactics become increasingly sophisticated, it is imperative for organizations to bolster their defenses by implementing comprehensive backup and disaster recovery strategies. Furthermore, training employees to detect and prevent phishing attacks remains essential.

Concurrently, eleven threat actors were engaged in various campaigns. ExCobalt, a cyber espionage focused threat actor, has been targeting Russian organizations using an advanced Golang based backdoor called GoRed. Additionally, the espionage organization SneakyChef has launched an effort using cutting-edge Remote Access Trojans (RATs) SpiceRAT and SugarGh0st to target government entities. This malware campaign has been active since at least August 2023.

Download the pdf file to learn more.

Related Events

Dive into our library of resources for expert insights, guides, and in-depth analysis on maximizing Uni5 Xposure’s capabilities

Book a demo and find out more about how Hive Pro can double your operational efficiency

Book a Demo