April 4, 2023

Summary of Vulnerabilities & Threats: March 2023

Significant
Vulnerabilities
of the month
Active Threat Actors
of the month
Active Malware of the
Month
Top Targeted
Countries
Top Targeted
Industries
Potential MITRE
ATT&CK TTPs
652450France
Norway
Turkey
Cyprus
India
Government
Technology
Manufacturing
Telecommunications
Financial
248

 

For a detailed threat digest, download the pdf file here

Summary

In March, four zero-day vulnerabilities were addressed, while four others had no patch and were being exploited.

Throughout the month, multiple active strains of ransomware were observed, including IceFire, BianLian, Dark Power, BlackSnake, and Royal.

Unknown actors from Russia were focusing on exploiting an elevation of privilege vulnerability (CVE- 2023-23397) present in Microsoft Outlook.

Lazarus carried out the SmoothOperator campaign by exploiting a vulnerability (CVE-2023-29059) in 3CXDesktopApp, which allowed them to target organizations across the globe.

Several Remote Access Trojans, such as KeySteal, EggShell RAT, DazzleSpy, CloudMensis, Remcos RAT,
AsyncRAT, HiatusRAT, Snip3, and ParallaxRAT, were active during March.

Download the pdf file to learn more

Recent Resources

Dive into our library of resources for expert insights, guides, and in-depth analysis on maximizing Uni5 Xposure’s capabilities

Book a demo and find out more about how Hive Pro can double your operational efficiency

Book a Demo