Lucene search

K
hiveproHiveForce LabsHIVEPRO:C7B595FEDAF36C429CA05AF1C5C3D818
HistoryMay 30, 2023 - 7:42 a.m.

Actors, Threats and Vulnerabilities 22 to 28 May 2023

2023-05-3007:42:00
HiveForce Labs
www.hivepro.com
46
cybersecurity threats
exploited vulnerabilities
adversaries
powershell-based backdoor
phishing emails
ransomware strain
hypervisor jackpotting

EPSS

0.964

Percentile

99.6%

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of ten attacks executed, taking advantage of four different vulnerabilities in various systems, and involving three different adversaries highlights the ever-present danger of cyber attacks. Interestingly, out of these three vulnerabilities are part of the known exploited vulnerability catalog by CISA. Moreover, HiveForce Labs also found that GoldenJackal APT was exploiting a one-year-old Follina vulnerability (CVE-2022-30190). Furthermore, we identified a new powershell-based backdoor malware PowerExchange that is being distributed through phishing emails targeting Microsoft Exchange servers. Apart from these threats, there was also a new ransomware strain named MichaelKors, has been targeting Linux and Vmware ESXi systems using tactic of "hypervisor jackpotting". All these attacks were observed to be on the rise, posing a significant threat to users all over the world. For a detailed threat digest, download the pdf file here