Vulnerabilities & Threats that Matter 22 – 28th Aug

For a detailed threat digest, download the pdf file here

Summary

The fourth week of August 2022 witnessed the discovery of 604 vulnerabilities out of which two gained the attention of Threat Actors and security researchers worldwide. Among these two,  there was one vulnerability that is awaiting analysis on the National Vulnerability Database (NVD). The Hive Pro Threat Research Team has curated a list of two CVEs that require immediate action.

This week also saw an upsurge in the use of the BianLian ransomware, which targeted the manufacturing, education, healthcare, and finance industries. In addition to this, there was a spike in the employment of the Grandoreiro banking trojan, which conducted phishing operations, and the DarkTortilla crypter, which distributes remote access trojans (RATs).

Further, we also observed 3 Threat Actor groups being highly active in the last week. First was CHARMING KITTEN, an Iranian threat actor group popular for Information theft and espionage, was observed employing a new data extraction tool HYPERSCAP. Second was Karakurt, an unknown threat actor group, popular for financial crime and witnessed increased attacks with an impact on the public health sectors. Third was Kimsuky, a North Korean threat actor group, popular for information theft and espionage and it was observed running phishing campaigns. Common TTPs which could potentially be exploited by these threat actors or CVEs can be found in the detailed section.