When threats emerge, the Fidelis security Threat Research Team (TRT) is ready. Each month, the monthly Threat Intelligence Summary examines the latest threats and trends so you can stay resilient against cyber adversaries.
The December 2022 Threat Intelligence Summary examined a new vulnerability that targets endpoint security providers (rest assured, we’ve confirmed that Fidelis security platforms remain secure). We also discuss mitigations for the ongoing LastPass data breach, updated detections for popular penetration testing tools, and metrics and information on the most impactful vulnerabilities and malware strains in the wild today.
Read the December 2022 Threat Intelligence Summary
Top Emerging Vulnerabilities
The Fidelis security Threat Research Team (TRT)’s top-ten vulnerability list for December includes critical and high severity CVEs that, when exploited, lead to privilege escalation, distributed denial of service attacks (DDoS), arbitrary code execution, and more. Many of these vulnerabilities are still in the discovery stage, with global organizations evaluating the potential for exploitation. The top ten emerging vulnerabilities in the December 2022 TRT report represent credible threats to any organization using unpatched systems or software. Whether a vulnerability is newly discovered, has proofs of concept available, or is being actively exploited, regular patch management is imperative for securing your organization.
Malware Attacks by Industry
This month, we pivoted and focused our survey of malware attacks by industry. In the latest report, you’ll see an overview of the top 10 hardest-hit industry sectors during the month of December. We break down all observed malware samples and examine the most prevalent types of files attacked and the most observed malware types. Examining these trends more deeply, we delve into the most prevalent malware families observed both through our telemetry and also through open-source reporting.
About the Fidelis security Threat Research Team
The Threat Research team at Fidelis security researches and analyzes the latest threats and issues. The intelligence we gather from multiple open-source and proprietary sources about our cyber adversaries’ tactics, techniques, and procedures (TTPs) is fed directly into our platforms, products, and services to help our customers detect, neutralize, and eliminate threats before they can harm production systems.
Visit the Fidelis security Threat Research page to read the complete December 2022 Threat Intelligence Summary, along with information on critical threats and resources to help you better prepare for the next attack.
