December 5, 2023

Summary of Vulnerabilities, Actors & Attacks: November 2023

Vulnerabilities ExploitedAdversaries in ActionAttacks ExecutedTop Targeted
Countries
Top Targeted
Industries
MITRE
ATT&CK TTPs
222052United States
Israel
United Arab Emirates
Iraq
Canada
Government
Education
Technology
Financial
Telecom
204

Download the pdf file to learn more

Summary

In November, the discovery of eleven zero-day vulnerabilities drew significant attention from the cybersecurity community. One of these vulnerabilities was exploited by the Lace Tempest group, leading to a sense of urgency among security teams to patch their systems.

November saw a rise in ransomware attacks, with various strains such as LockBit ransomware, HelloKitty ransomware, TellYouThePass ransomware, Clop ransomware and NoEscape Ransomware actively targeting victims. As ransomware continues to evolve and grow in sophistication, organizations must take steps to protect themselves by implementing comprehensive backup and disaster recovery strategies and training employees on how to recognize and avoid phishing attacks.

Furthermore, nineteen adversaries were active and involved in various campaigns. SideCopy exploited a vulnerability (CVE-2023-38831) in WinRAR, targeting Indian government agencies.

Lastly, the CVE-2023-4966, a critical zero-day vulnerability was exploited since August potentially to allowing attackers to steal authentication sessions and hijack accounts.

Download the pdf file to learn more

 

Related Events

Dive into our library of resources for expert insights, guides, and in-depth analysis on maximizing Uni5 Xposure’s capabilities

Book a demo and find out more about how Hive Pro can double your operational efficiency

Book a Demo