July 5, 2023

Summary of Vulnerabilities & Threats: June 2023

Vulnerabilities ExploitedAdversaries in ActionAttacks ExecutedTop Targeted
Countries
Top Targeted
Industries
MITRE
ATT&CK TTPs
441131

United States
Mexico
Honduras
Paraguay

Nicaragua
Government
Financial
Technology
Healthcare
Cryptocurrency
176

Download the pdf file to learn more

Summary

In June, the discovery of seven zero-day vulnerabilities drew significant attention from the cybersecurity community. One of these vulnerabilities was exploited by the Clop Ransomware group, leading to a heightened sense of urgency among security teams to patch their systems.

During the month of June, there was a resurgence of ransomware attacks, with strains like Clop and
LockBit actively targeting victims. As ransomware continues to evolve and grow in sophistication,
organizations must take steps to protect themselves by implementing comprehensive backup and
disaster recovery strategies and training employees on how to recognize and avoid phishing attacks.

Attackers are leveraging a specific vulnerability (CVE-2023-27997) in FortiOS and FortiProxy SSL-VPN,
enabling remote attackers to execute arbitrary code. In addition to ransomware attacks, several malware families, including Horabot, WhisperGate, NODEBOT, AHKBOT, SunSeed, and Mirai Botnet were
observed widely targeting victims. These malware families are designed to steal sensitive data, disrupt
systems, and evade detection by security tools.

Lastly, the CVE-2023-3079 vulnerability is a high-severity zero-day vulnerability that was exploited in
attacks. It could allow attackers to execute arbitrary code, potentially leading to data theft, system
compromise, and other malicious activities.

Download the pdf file to learn more

 

Related Events

Dive into our library of resources for expert insights, guides, and in-depth analysis on maximizing Uni5 Xposure’s capabilities

Book a demo and find out more about how Hive Pro can double your operational efficiency

Book a Demo