Actors, Threats and Vulnerabilities 08 to 14 May 2023

For a detailed threat digest, download the pdf file here

Summary

HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, identified a total of nine attacks that were executed. Additionally, HiveForce Labs identified four different adversaries that were actively carrying out these attacks.

The AndoryuBot malware exploits a critical vulnerability in Ruckus (CVE-2023-25717) to infect Wi-Fi access points, enabling its use in DDoS attacks. This versatile malware supports 12 different DDoS attack modes.

The SideWinder APT group employs sophisticated techniques such as server-side polymorphism to carry out their operations. They have been known to exploit the CVE-2017-0199 vulnerability in order to deliver additional malicious payloads. Another notable malware, Snake, is a potent cyber-espionage tool attributed to the FSB and connected to the Turla hacker group.

Apart from these threats, the latest Microsoft Patch Tuesday release focuses on addressing two Zero-day vulnerabilities. All these attacks were observed to be on the rise, posing a significant threat.

For a detailed threat digest, download the pdf file here