10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 563 14 3 69 08 71 For a detailed threat digest, download the pdf file here Summary The second week of August 2022 witnessed the discovery of 563 vulnerabilities out of which 14 gained the attention of Threat Actors and security researchers worldwide. Among these 14, 2 zero-day, and 10 vulnerabilities are awaiting analysis on the National Vulnerability Database (NVD). Hive Pro Threat Research Team has curated a list of 14 CVEs that require immediate action. This week also saw Cuba Ransomware exploiting CVE-2020-1472 and CVE-2021-1732 and another vulnerability CVE-2020-0796 was seen exploited by BlueSky Ransomware. Further, we also observed 3 Threat Actor groups being highly active in the last week. UNC2447, an unknown threat actor group popular for financial crime and gain, Lapsus$, a Brazilian threat actor group popular for Data theft and Destruction, and Yanluowang ransomware gang, a Chinese threat actor group popular for financial crime and gain were observed stealing around 2.8 GB of data from Cisco. Common TTPs which could potentially be exploited by these threat actors or CVEs can be found in the detailed section.
10 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C