April 3, 2024

Summary of Vulnerabilities, Actors & Attacks: March 2024

Vulnerabilities ExploitedAdversaries in ActionAttacks ExecutedTargeted CountriesTargeted IndustriesMITRE ATT&CK TTPs

Download the pdf file to learn more


In March, the cybersecurity landscape witnessed a surge in attention due to the discovery of ten zero-day vulnerabilities. The GhostSec and Stormous ransomware factions have launched a sophisticated campaign, introducing the GhostLocker 2.0 ransomware and the STMX_GhostLocker ransomware-as-a-service (RaaS) initiative, posing a significant threat to businesses primarily in the Middle East.

During the same period, ransomware attacks experienced a noticeable uptick, with strains such as GhostLocker, Stormous, Jasmin, Agenda, and Evil Ant actively targeting victims. As ransomware continues to advance in sophistication, organizations are urged to fortify their defenses by implementing robust backup and disaster recovery strategies. Additionally, employee training to recognize and thwart phishing attacks is crucial.

In parallel, thirteen adversaries were active across diverse campaigns. Magnet Goblin, characterized by its financial incentives, strategically exploits zero-day vulnerabilities within publicly accessible services by employing sophisticated malware sourced from the Nerbian family. Their primary objectives included extracting user credentials and initiating subsequent malicious activities. As the cybersecurity landscape evolves, organizations must remain vigilant and proactively address emerging threats.

Download the pdf file to learn more

Recent Resources

Dive into our library of resources for expert insights, guides, and in-depth analysis on maximizing Uni5 Xposure’s capabilities

Book a demo and find out more about how Hive Pro can double your operational efficiency

Book a Demo