Actors, Threats and Vulnerabilities 6 March to 12 March 2023

Threat Digests

Actors, Threats and Vulnerabilities 6 March to 12 March 2023

For a detailed threat digest, download the pdf file here

Summary

For a detailed threat digest, download the pdf file here

Last week, HiveForce Labs discovered three threat actors. One of them is a Russian group called TA499, which has a history of conducting different cyberattacks such as spear-phishing campaigns and ransomware attacks. The other two are Chinese groups named Sharp Panda and 8220 gang. For more information, please refer to the key takeaway section on Actors.

Last week, we discovered nine new active malware strains that pose a significant threat. Three of these malware strains were identified as stealers, which include RedLine, ImBetter, and SYS01. Additionally, two of the new malware strains were RATs, specifically HiatusRAT and AsyncRAT. Furthermore, we identified other malicious software, such as LokiBot, Formbook, BlackSnake ransomware, and ScrubCrypt clipper. For more information on these malware strains, please see the key takeaway section on Attacks.

Last week, we found a total of 20 vulnerabilities that organizations should prioritize. Specifically, Cisco IP Phone was found to have three vulnerabilities that have been addressed. In addition, Trusted Platform Module (TPM) 2.0 had two vulnerabilities addressed. Lastly, Fortinet had 15 flaws identified in multiple products, which could potentially lead to unauthorized access to sensitive information. For more information, please refer to the key takeaway section on vulnerabilities.