October 18, 2022
Summary of Vulnerabilities & Threats: September 2022
Vulnerabilities of the month | Threat Actors of the month | Malware of the Month | Top Targeted Countries | Top Targeted Industries | Common MITRE ATT&CK TTPs |
64 | 10 | 7 | Saudi Arabia, USA, Turkey, Australia, UK | Government, Financial, Manufacturing, Education, Telecommunications | 160 |
For a detailed threat digest, download the pdf file here
Summary
In September, three vulnerabilities remained unpatched. Two of them were Microsoft’s ProxyNotShell (CVE 2022 41040, CVE 2022 41082) and the third one(CVE 2022 3180) affected the WordPress plugin.
After 10 months of being patched, Log4j (CVE 2021 44228) was still seen exploited by Monti Ransomware. Download the pdf file to learn more