Cybeta's Weekly Newsletter

Cybeta Weekly Attack Surface Attribution Intelligence Date June 16th, 2020

Week of June 16th, 2020

 

Our data science team discovered were five (5) distinct vulnerabilities being discussed across the dark web. We did not identify any of these vulnerabilities being used by threat actors in Mitre’s ATT&CK framework.

These vulnerabilities currently impacts over 100 active instances of deployed technology across the global internet.

To read more about this week’s edition intelligence report  just click the link.


 

Week of June 8th, 2020

Weekly_Newsletter_Blog_Image

For the week of June 8th, our team identified four critical vulnerabilities being discussed across the dark web. Of those, one (1) vulnerability can be tied to threat actors in Mitre’s ATT&CK framework. This one vulnerability can be tied to 36 different Advanced Persistent Threat groups based off of known group tactics, techniques, and procedures (TTPs)..

This vulnerability currently impacts 465,000 unique instances of deployed technology across the global internet. At the time of our research, the majority of affected vulnerable infrastructure are located in Japan.

To read more about this week’s edition of our newsletter just click the link.


 

Cybeta Weekly Attack Surface Attribution Intelligence Date

Week of May 25th, 2020

This week our team identified critical vulnerabilities being discussed across the dark web and identified 36 Advanced Persistent Threat groups, based off of known group TTPs, that are likely to use, have used these vulnerabilities in the past.

These vulnerabilities currently impact 386 distinct instances of deployed technology across the global internet. The majority of these identified vulnerable infrastructure are located in South Africa.

To read more about this week’s edition of our newsletter just click the link.


 

NSA Warning About Russia’s Military Hackers Attacking Exim Mail Transfer Agent Vulnerability

A report by the Cybeta Threat Research Team
exim-vulnerability-cybeta-intel

GRU hackers increased targeting operations against Exim Mail Transfer Agent (MTA) in Unix- based systems. Organizations should consider searching server and firewall logs for the relevant IOCs. In the U.S. alone, there are over 216,067 potential opportunities for GRU hackers to exploit this software vulnerability.

Follow this link to read more about this vulnerability and several recommendation on how to avoid the vulnerability.