October 18, 2022

Vulnerabilities & Threats that Matter 10-16 October 2022

Published VulnerabilitiesInteresting VulnerabilitiesActive Threat GroupsTargeted CountriesTargeted IndustriesATT&CK TTPs
639414601689

For a detailed threat digest, download the pdf file here

Summary

The second week of October 2022 witnessed the discovery of 639 vulnerabilities out of which 41 gained the attention of Threat Actors and security researchers worldwide. Among these 41, there was four zero-day. Hive Pro Threat Research Team has curated a list of 41 CVEs that require immediate action.

This week also witnessed a spike in cryptojacking campaigns, with intruders exploiting DLL Side-Loading flaws in Microsoft OneDrive.

Further, we also observed 4 Threat Actor groups being highly active in the last week. First was the POLONIUM, a Lebanon threat actor, popular for Information theft and espionage that leveraged cloud services to employ backdoors. The second was the Earth Aughisky, a Chinese threat actor, popular for Sabotage and Destruction that conducted a spear-phishing campaign. The third was the WIP19, a Chinese threat actor, popular for Espionage targeted telcos with malware. The fourth was the Budworm, a Chinese threat actor, popular for Information theft and espionage that exploited Log4j vulnerabilities. Common TTPs which could potentially be exploited by these threat actors or CVEs can be found in the detailed section.

Related Events

Dive into our library of resources for expert insights, guides, and in-depth analysis on maximizing Uni5 Xposure’s capabilities

Book a demo and find out more about how Hive Pro can double your operational efficiency

Book a Demo