Nathan Sissom joined the Fidelis Cyber Threat Intelligence team after a background in government contracting. He holds a Bachelor’s Degree in Computer Science and a Master’s Degree in Cybersecurity... Read More
Cyber criminals continually update and evolve their attacks, trying to stay one step ahead of defenders. They invent new techniques, repurpose old tactics, and even come back after being eradicated, attacking familiar targets in new ways. The Fidelis Cybersecurity Threat Research Team (TRT) monthly Threat Intelligence Summary examines the latest threats and trends so you can stay resilient against cyber adversaries.
In our latest Threat Intelligence Summary, you’ll see why CISA now advocates resiliency over strategies that rely on preventative measures alone. We also examine the return of an old botnet, new supply chain attacks, and other newsworthy security topics and findings. And we present our latest metrics around emerging vulnerabilities, top exploitation attempts by industry, and most prevalent malware.
Continual vulnerability monitoring and system patching is imperative for building resiliency in your networks. The Fidelis Cybersecurity threat research team’s top-ten vulnerability list for November includes critical and high severity CVEs that, when exploited, lead to privilege escalation, distributed denial of service attacks (DDoS), arbitrary code execution, and more. Some of these vulnerabilities require very little technical skill to exploit, which puts dangerous capabilities into the hands of more would-be adversaries. Other vulnerabilities are repeat entries from last month, demonstrating how attackers continue using what works. Be sure to check your systems and make sure you’re not vulnerable to these attacks.
This month, we continue our survey of malware attacks by industry. In the latest report, you’ll see an examination of top trending malware families in the 10 hardest-hit industry sectors. We also discuss how previously “unknown” attacks lead to a better understanding of how adversarial tactics change, and provide insight into what we will see next.
The Threat Research team at Fidelis Cybersecurity researches and analyzes the latest threats and issues. The intelligence we gather from multiple open-source and proprietary sources about our cyber adversaries’ tactics, techniques, and procedures (TTPs) is fed directly into our platforms, products, and services to help our customers detect, neutralize, and eliminate threats before they can harm production systems.
Visit the Fidelis Cybersecurity Threat Research page to read the complete November 2022 Threat Intelligence Summary, along with information on critical threats and resources to help you better prepare for the next attack.