When threats emerge, the Fidelis Cybersecurity Threat Research team (TRT) is ready. Each month, the Threat Intelligence Summary examines the latest threats and trends so you can stay resilient against cyber adversaries.
The January 2023 Threat Intelligence Summary details the end-of-life of widely used operating systems, exploitation of critical vulnerabilities that we flagged in the December report, new and continuing data breaches at financial and technology service companies, and more. We also updated the metrics and information on the most impactful vulnerabilities and malware strains in the wild today and included information on some of the top phishing sites observed over the month.
Top Emerging Vulnerabilities
The Fidelis Cybersecurity TRT’s top-ten vulnerability list for January includes critical and high severity CVEs that, when exploited, lead to privilege escalation, distributed denial of service attacks (DDoS), arbitrary code execution, and more. Some of these vulnerabilities are still in the discovery stage, while others persist from the previous month. Those that repeat from past reports show increased adversarial activity, despite industry warnings. These vulnerabilities all represent credible threats to any organization using unpatched systems or software. Whether a vulnerability is newly discovered, has proofs of concept available, or is being actively exploited, regular patch management is imperative for securing your organization.
Malware Attacks by Industry
This month, we continued our survey of malware attacks by industry. In the latest report, you’ll see an overview of the top 10 hardest-hit industry sectors during the month of January. We break down all observed malware samples and examine the most prevalent types of files attacked and the most observed malware types. Examining these trends more deeply, we delve into the most prevalent malware families observed both through our telemetry and through open-source reporting.
Top Phishing Domains
Phishing attacks represent a significant percentage of successful breach attempts. Phishing can be hard to detect after clicking the malicious link. Breach identification and containment caused by phishing took an average of 295 days, according to IBM’s 2022 Data Breach Report. While it’s impossible to block every potential phishing domain, our report this month contains the top five phishing sites observed in the wild right now. Awareness of these sites can help your security teams prevent intrusions and detect potential breaches faster.
About the Fidelis Cybersecurity Threat Research Team
The Threat Research team at Fidelis Cybersecurity researches and analyzes the latest threats and issues. The intelligence we gather from multiple open-source and proprietary sources about our cyber adversaries’ tactics, techniques, and procedures (TTPs) is fed directly into our platforms, products, and services to help our customers detect, neutralize, and eliminate threats before they can harm production systems.
Visit the Fidelis Cybersecurity Threat Research page to read the complete January 2023 Threat Intelligence Summary, along with information on critical threats and resources to help you better prepare for the next attack.