Actors, Threats and Vulnerabilities 6 February to 12 February 2023

For a detailed threat digest, download the pdf file here

Summary

For a detailed threat digest, download the pdf file here

Hive Pro identified three active actors over the past week. The first, OilRig, is a well-known threat actor known for its information theft and espionage activities. The second, Mustang Panda APT, is a Chinese-based cybercrime group that focuses on information theft and espionage. The third actor identified is NewsPenguin. For more information, refer to the “Actors” section for key takeaways.

Last week, seven new active malware strains were identified. Three of these were ransomware: ESXiArgs Ransomware, Cl0p ransomware, and Trigona ransomware. Additionally, two botnets were discovered: Medusa Botnet and Mirai Botnet. Another new malware found was PlugX Malware and one more was Batloader. For further details, please consult the “Attacks” section for important highlights.

Last week, we identified 23 vulnerabilities that organizations should be aware of. Three vulnerabilities were discovered in VMware ESXi and VMware vCenter Server, granting remote code execution capabilities and the potential for attackers to gain control of the impacted system. The OpenSSL Project has also released fixes for eight security flaws that pose a threat to users and could result in malicious attacks. For more information, please refer to the key takeaway section on vulnerabilities.