August 16, 2022

Vulnerabilities & Threats that Matter 08 – 14th Aug

Published VulnerabilitiesInteresting VulnerabilitiesActive Threat GroupsTargeted CountriesTargeted IndustriesATT&CK TTPs

For a detailed threat digest, download the pdf file here


The second week of August 2022 witnessed the discovery of 563 vulnerabilities out of which 14 gained the attention of Threat Actors and security researchers worldwide. Among these 14, 2 zero-day, and 10 vulnerabilities are awaiting analysis on the National Vulnerability Database (NVD). Hive Pro Threat Research Team has curated a list of 14 CVEs that require immediate action.

This week also saw Cuba Ransomware exploiting CVE-2020-1472 and CVE-2021-1732 and another vulnerability CVE-2020-0796 was seen exploited by BlueSky Ransomware.

Further, we also observed 3 Threat Actor groups being highly active in the last week. UNC2447, an unknown threat actor group popular for financial crime and gain, Lapsus$, a Brazilian threat actor group popular for Data theft and Destruction, and Yanluowang ransomware gang, a Chinese threat actor group popular for financial crime and gain were observed stealing around 2.8 GB of data from Cisco. Common TTPs which could potentially be exploited by these threat actors or CVEs can be found in the detailed section.


Recent Resources

Dive into our library of resources for expert insights, guides, and in-depth analysis on maximizing Uni5 Xposure’s capabilities

Book a demo and find out more about how Hive Pro can double your operational efficiency

Book a Demo