Attackers continue to exploit unpatched vulnerabilities and use Phishing and Social Engineering as their “go to” techniques for gaining initial access to systems. Once they gain a foothold, they dig deeper into networks, deploying additional tools, covering their tracks as they go. Even after achieving their initial objective, they maintain access for future exploitation. These Advanced Persistent Threat (APT) actors target financial assets, intellectual property, personally identifying information, and more. Anyone can be a target, making it critically important to stay abreast of current trends.

In this most recent Threat Intelligence Summary, you’ll learn how APT actors operate in the wild, and how they’re striking most often right now. You’ll also gain deeper insight into our ongoing malware-by-sector analysis. And you’ll get a glimpse into the difference Fidelis Cybersecurity makes for our customers by keeping them ahead of emerging threats.

Read the October 2022 Threat Intelligence Summary

Top Emerging Vulnerabilities

The Fidelis Cybersecurity threat research team’s top-ten list this month includes vulnerabilities that, when exploited, can provide attackers with the foothold they need to do lasting damage to your organization. You’ll see vulnerabilities across commonly used applications and platforms, including Microsoft Exchange Server, SQLite, Apache Commons and more. And you’ll find best practice advice for finding and fixing your vulnerable systems so you can reduce the risk of exploit for your organization.

See the full list >

Continued Analysis of Malware Attacks by Industry

Last month, we offered insights into which malware adversaries use against specific industries. In the latest report, we break down the trends and changes in two notable industries and discuss how threat actors move in various industrial sectors.

See the Full Analysis >

About the Fidelis Cybersecurity Threat Research Team

The Threat Research team at Fidelis Cybersecurity researches and analyzes the latest threats and issues. The intelligence we gather from multiple open-source and proprietary sources about our cyber adversaries’ tactics, techniques, and procedures (TTPs) is fed directly into our platforms, products, and services to help our customers detect, neutralize, and eliminate threats before they can harm production systems.

Visit the Fidelis Cybersecurity Threat Research page to read the complete October 2022 Threat Intelligence Summary, along with information on critical threats and resources to help you better prepare for the next attack.