Vulnerabilities & Threats that Matter 29 August – 04 September

Threat Digests

Vulnerabilities & Threats that Matter 29 August – 04 September

Published VulnerabilitiesInteresting VulnerabilitiesActive Threat GroupsTargeted CountriesTargeted IndustriesATT&CK TTPs
390132411852

 

 

For a detailed threat digest, download the pdf file here

 

Summary

 

The last week of August 2022 witnessed the discovery of 390 vulnerabilities out of which 13 gained the attention of Threat Actors and security researchers worldwide. Among these 13, there was one vulnerability that is awaiting reanalysis on the National Vulnerability Database (NVD). Hive Pro Threat Research Team has curated a list of 13 CVEs that require immediate action.

This week also witnessed highly targeted Moisha ransomware outbreaks employing double-extortion techniques. In addition, the RedAlert ransomware dubbed N13V targeted the Chile government’s Microsoft and VMware ESXi servers.

Further, we also observed 2 Threat Actor groups being highly active in the last week. First was MuddyWater, an Iranian threat actor group popular for Information theft and espionage, was observed exploiting two Log4j vulnerabilities in SysAid applications to target Israeli organizations. Second was APT 40, a Chinese threat actor group, popular for Information theft and espionage, was spotted deploying phishing campaigns with ScanBox malware against the Australian government. Common TTPs which could potentially be exploited by these threat actors or CVEs can be found in the detailed section.

 

 

 

 

 

Sign up to receive our Weekly Threat Digest