Summary of Vulnerabilities, Actors & Attacks: November 2023
Vulnerabilities Exploited | Adversaries in Action | Attacks Executed | Top Targeted Countries | Top Targeted Industries | MITRE ATT&CK TTPs |
22 | 20 | 52 | United States Israel United Arab Emirates Iraq Canada | Government Education Technology Financial Telecom | 204 |
Download the pdf file to learn more
Summary
In November, the discovery of eleven zero-day vulnerabilities drew significant attention from the cybersecurity community. One of these vulnerabilities was exploited by the Lace Tempest group, leading to a sense of urgency among security teams to patch their systems.
November saw a rise in ransomware attacks, with various strains such as LockBit ransomware, HelloKitty ransomware, TellYouThePass ransomware, Clop ransomware and NoEscape Ransomware actively targeting victims. As ransomware continues to evolve and grow in sophistication, organizations must take steps to protect themselves by implementing comprehensive backup and disaster recovery strategies and training employees on how to recognize and avoid phishing attacks.
Furthermore, nineteen adversaries were active and involved in various campaigns. SideCopy exploited a vulnerability (CVE-2023-38831) in WinRAR, targeting Indian government agencies.
Lastly, the CVE-2023-4966, a critical zero-day vulnerability was exploited since August potentially to allowing attackers to steal authentication sessions and hijack accounts.
Download the pdf file to learn more