Actors, Threats and Vulnerabilities 26 December 2022 – 02 January 2023

Threat Digests

Actors, Threats and Vulnerabilities 26 December 2022 – 02 January 2023

 

For a detailed threat digest, download the pdf file here

 

Summary

Hive Pro discovered two actors that have been active in the past week. The first, SideCopy, is a well-known Pakistani threat actor known for information theft and espionage. The second, BlueNoroff, is a well-known North Korean state-sponsored threat group that specializes in financial cyber operations. For further details, see the key takeaway section for Actors.

We also discovered four new malware strains that have been active over the past week. Several campaigns have been launched to distribute unknown infostealer malware. The latest version of GuLoader employs new anti-analysis measures as well as code injection redundancy. The undisclosed Conti ransomware source code has facilitated the emergence of new ransomware strains. ArkeiStealer is a malware family designed by threat actors for enumerating confidential information. For further details, see the key takeaway section for Attacks.

Last week, we discovered six vulnerabilities that organizations should prioritize. Five of these vulnerabilities were security flaws in the Linux kernel, and one was in a WordPress plugin. For further details, see the key takeaway section on vulnerabilities.

For a detailed threat digest, download the pdf file here