September 5, 2022

Vulnerabilities & Threats that Matter 29 August – 04 September

Published VulnerabilitiesInteresting VulnerabilitiesActive Threat GroupsTargeted CountriesTargeted IndustriesATT&CK TTPs

For a detailed threat digest, download the pdf file here


The last week of August 2022 witnessed the discovery of 390 vulnerabilities out of which 13 gained the attention of Threat Actors and security researchers worldwide. Among these 13, there was one vulnerability that is awaiting reanalysis on the National Vulnerability Database (NVD). Hive Pro Threat Research Team has curated a list of 13 CVEs that require immediate action.

This week also witnessed highly targeted Moisha ransomware outbreaks employing double-extortion techniques. In addition, the RedAlert ransomware dubbed N13V targeted the Chile government’s Microsoft and VMware ESXi servers.

Further, we also observed 2 Threat Actor groups being highly active in the last week. First was MuddyWater, an Iranian threat actor group popular for Information theft and espionage, was observed exploiting two Log4j vulnerabilities in SysAid applications to target Israeli organizations. Second was APT 40, a Chinese threat actor group, popular for Information theft and espionage, was spotted deploying phishing campaigns with ScanBox malware against the Australian government. Common TTPs which could potentially be exploited by these threat actors or CVEs can be found in the detailed section.

Related Events

Dive into our library of resources for expert insights, guides, and in-depth analysis on maximizing Uni5 Xposure’s capabilities

Book a demo and find out more about how Hive Pro can double your operational efficiency

Book a Demo