Vulnerabilities & Threats that Matter 17-23 October 2022

For a detailed threat digest, download the pdf file here

Summary

The second week of October 2022 witnessed the discovery of 526 vulnerabilities out of which one gained the attention of security researchers worldwide. This vulnerability gained attention due to its similarity with Log4Shell and has been named Text4Shell. Hive Pro Threat Research Team advises organizations to patch this vulnerability as soon as possible.

Ursnif, an old banking malware was active again with its new variant LDR4.

Further, we also observed two Threat Actor groups being highly active in the last week. First was the APT41, a Chinese threat actor, popular for Information theft and espionage that leveraged a Spyder Loader malware to target organizations in Hong Kong. The second was the DEV-0960, popular for financial gain that conducted a campaign to deploy Prestige ransomware. Common TTPs which could potentially be exploited by these threat actors or CVEs can be found in the detailed section.