March 13, 2023

Actors, Threats and Vulnerabilities 6 March to 12 March 2023

For a detailed threat digest, download the pdf file here

Summary

For a detailed threat digest, download the pdf file here

Last week, HiveForce Labs discovered three threat actors. One of them is a Russian group called TA499, which has a history of conducting different cyberattacks such as spear-phishing campaigns and ransomware attacks. The other two are Chinese groups named Sharp Panda and 8220 gang. For more information, please refer to the key takeaway section on Actors.

Last week, we discovered nine new active malware strains that pose a significant threat. Three of these malware strains were identified as stealers, which include RedLine, ImBetter, and SYS01. Additionally, two of the new malware strains were RATs, specifically HiatusRAT and AsyncRAT. Furthermore, we identified other malicious software, such as LokiBot, Formbook, BlackSnake ransomware, and ScrubCrypt clipper. For more information on these malware strains, please see the key takeaway section on Attacks.

Last week, we found a total of 20 vulnerabilities that organizations should prioritize. Specifically, Cisco IP Phone was found to have three vulnerabilities that have been addressed. In addition, Trusted Platform Module (TPM) 2.0 had two vulnerabilities addressed. Lastly, Fortinet had 15 flaws identified in multiple products, which could potentially lead to unauthorized access to sensitive information. For more information, please refer to the key takeaway section on vulnerabilities.

Related Events

Dive into our library of resources for expert insights, guides, and in-depth analysis on maximizing Uni5 Xposure’s capabilities

Book a demo and find out more about how Hive Pro can double your operational efficiency

Book a Demo