Attacks, Vulnerabilities and Actors 16 October to 22 October 2023

For a detailed threat digest, download the pdf file here

Summary

HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, a total of twenty-three attacks were executed, ten vulnerabilities were discovered, and five active adversaries were identified, all of which underscore the ever-present danger of cyberattacks.

Furthermore, HiveForce Labs found that among the seven zero-day vulnerabilities, two were present in Cisco IOS XE Software. One of them was exploited by multiple state-sponsored adversaries. Another vulnerability was discovered in Citrix NetScaler ADC and NetScaler Gateway, and it has been actively exploited since August 2023 and two were utilized by the MATA Backdoor.

Meanwhile, OilRig orchestrated a sophisticated eight-month campaign aimed at the Middle East government. The North Korean threat actors Lazarus and its subgroup Andariel were actively exploiting the JetBrains TeamCity vulnerability, and the Kimsuky APT upgraded its arsenal. These attacks are on the rise, posing a significant threat to users worldwide.

Subscribe to receive our weekly threat digests and newsletters directly in your inbox.