Summary of Vulnerabilities & Threats: March 2023
Significant Vulnerabilities of the month | Active Threat Actors of the month | Active Malware of the Month | Top Targeted Countries | Top Targeted Industries | Potential MITRE ATT&CK TTPs |
65 | 24 | 50 | France Norway Turkey Cyprus India | Government Technology Manufacturing Telecommunications Financial | 248 |
For a detailed threat digest, download the pdf file here
Summary
In March, four zero-day vulnerabilities were addressed, while four others had no patch and were being exploited.
Throughout the month, multiple active strains of ransomware were observed, including IceFire, BianLian, Dark Power, BlackSnake, and Royal.
Unknown actors from Russia were focusing on exploiting an elevation of privilege vulnerability (CVE- 2023-23397) present in Microsoft Outlook.
Lazarus carried out the SmoothOperator campaign by exploiting a vulnerability (CVE-2023-29059) in 3CXDesktopApp, which allowed them to target organizations across the globe.
Several Remote Access Trojans, such as KeySteal, EggShell RAT, DazzleSpy, CloudMensis, Remcos RAT,
AsyncRAT, HiatusRAT, Snip3, and ParallaxRAT, were active during March.
Download the pdf file to learn more