Actors, Threats and Vulnerabilities 16 January 2023 – 22 January 2023

For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here Hive Pro identified three active actors during the past week. The first, Earth Bogle, is a notable threat actor known for information theft and espionage. The second, Kasablanka, is a Morocco-based cybercrime group that specializes in information theft and espionage. The third actor identified is APT15. For more information, refer to the "Actors" section for key takeaways. Last week, we identified seven new malware strains that were active. Five of these were Remote Access Trojans (RATs), namely NetSupport RAT, NjRAT, Warzone RAT, Loda RAT and Orcus RAT. We also discovered one Rhadamanthys Stealer being offered as "Malware-as-a-Service" (MaaS). Additionally, we identified two new malware: BOLDMOVE Malware and Turian Backdoor. For additional information, please refer to the "Attacks" section for key takeaways. Last week, we identified 12 vulnerabilities that organizations should be aware of. One of them is the vulnerability (CVE-2022-47966) in ManageEngine products which can allow for remote code execution and potential control of the compromised system. Another one is a Chrome vulnerability (CVE-2022-3656) which exposes the data of 2.8 billion users. For more information, please refer to the key takeaway section on vulnerabilities.