Vulnerabilities & Threats that Matter 19 – 25 September
Published Vulnerabilities | Interesting Vulnerabilities | Active Threat Groups | Targeted Countries | Targeted Industries | ATT&CK TTPs |
583 | 6 | 1 | Worldwide | 10 | 54 |
For a detailed threat digest, download the pdf file here
Summary
The third week of September 2022 witnessed the discovery of 583 vulnerabilities out of which 6 gained the attention of Threat Actors and security researchers worldwide. Among these 6, there was 2 zero-day. Hive Pro Threat Research Team has curated a list of 6 CVEs that require immediate action.
This week also witnessed the exploitation of two-year-old remote code execution vulnerabilities in Oracle WebLogic Server to deploy Kinsingmalware.
Further, we also observed 1 Threat Actor groups being highly active in the last week. UNC4034 , a North Korean threat actor, popular for financial gain that used a fake job posting to lure victims into downloading a trojanizedversion of PuTTY . Common TTPs which could potentially be exploited by these threat actors or CVEs can be found in the detailed section.