Vulnerabilities & Threats that Matter 31 October- 06 November 2022

For a detailed threat digest, download the pdf file here

Summary

This week witnessed the discovery of 528 vulnerabilities out of which nine gained the attention of security researchers worldwide. Among these nine, three Zero-day and two vulnerabilities are awaiting re-analysis on the NVD. Hive Pro Threat Research Team advises organizations to patch this vulnerability as soon as possible.

This week also witnessed the attackers exploiting the Follina vulnerability (CVE-2022-30190) to compromise the Domain Controllers and a huge demand for BlueFox Stealer on the darknet from threat actors.

Further, we also observed 3 Threat Actor groups being highly active in the last week. First was the APT 10, a Chinese threat actor, popular for Information theft and espionage distributed LODEINFO malware. The second was the APT 36, a Pakistani threat actor group, popular for Information theft and espionage leveraged the LimePad backdoor against the Indian government. The third was the Back Basta Ransomware Group, a threat actor popular for the financial crime that exploited Microsoft flaws and used an EDR defense evasion tool created by FIN7. Common TTPs which could potentially be exploited by these threat actors or CVEs can be found in the detailed section.