Actors, Threats and Vulnerabilities 5 June to 11 June 2023

For a detailed threat digest, download the pdf file here

Summary

HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of seven attacks executed, taking advantage of five different vulnerabilities in various systems, and involving two different adversaries highlights the ever-present danger of cyber attacks.

Interestingly, all five vulnerabilities are part of the known exploited vulnerability catalog by CISA, out of which four are zero-day.

Moreover, HiveForce Labs also found that Asylum Ambuscade  threat group was exploiting a one-year-old Follina vulnerability (CVE-2022-30190).

Furthermore, a new malware software called MediaArena Browser Hijacker has been identified, which is being distributed through malvertising campaigns.

In addition to these threats, there is also a zero-day vulnerability (CVE-2023-34362) associated with Lace Tempest, TA505, and Clop ransomware that enables unauthorized access to the MOVEit Transfer database.All these attacks were observed to be on the rise, posing a significant threat to users all over the world.

For a detailed threat digest, download the pdf file here