Top Threats, APT Tactics, and State-Sponsored Exploits
This October 2022 Threat Intelligence Report provides a thorough overview of the growing cybersecurity landscape, highlighting the strategies and vulnerabilities exploited by advanced persistent threat (APT) actors and cybercriminals.
This TRT report investigates collaborative reports from the NSA, FBI, and CISA, revealing the most often exploited vulnerabilities used by Chinese state-sponsored hackers to target American and allied networks, such as Apache Log4j, Microsoft Exchange, and F5 Big-IP.
It also includes an FBI advisory on the Iranian cyber actor group “Emennet Pasargad” and their hack-and-leak operations, as well as a combined CISA/FBI/NSA report on the usage of Impacket scripts to compromise a Defense Industrial Base partner.
Fidelis Security tracked almost 6,000 unique CVEs in October 2022, with the top threats being authentication bypass flaw in Fortinet products, a variable interpolation vulnerability in Apache Commons Text, and remote code execution vulnerabilities in Microsoft Exchange and Zimbra Collaboration. To know more, download the Threat Intelligence Summary Report (October 2022).