Actors, Threats and Vulnerabilities 22 to 28 May 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of ten attacks executed, taking advantage of four different vulnerabilities in various systems, and involving three different adversaries highlights the ever-present danger of cyber attacks. Interestingly, out of these three vulnerabilities are part of the known exploited vulnerability catalog by CISA. Moreover, HiveForce Labs also found that GoldenJackal APT was exploiting a one-year-old Follina vulnerability (CVE-2022-30190). Furthermore, we identified a new powershell-based backdoor malware PowerExchange that is being distributed through phishing emails targeting Microsoft Exchange servers. Apart from these threats, there was also a new ransomware strain named MichaelKors, has been targeting Linux and Vmware ESXi systems using tactic of "hypervisor jackpotting". All these attacks were observed to be on the rise, posing a significant threat to users all over the world. For a detailed threat digest, download the pdf file here