background pattern
BEHIND THE HEADLINES – MAY 2023

We reveal ChatGPT's dark side and the latest attack news

Digital face

In this edition

case study thumbnail

Lead Article

Major European insurance company warns cyberattack coverage may be infeasible

Read more
case study thumbnail

Popular DevOps tool ‘Git’ patches critical zero-day flaws

Read more
case study thumbnail

ChatGPT's dark side: Cybercriminals create malware, target victims using revolutionary AI tool

Read more
case study thumbnail

Feature Article

Honeypots record millions of data breach attempts in a one-month period

Read more
THREAT ACTOR TRENDS

Ransomware insights

Ransomware attacks by threat group for January 2023:

  • 177 results were detected on the Cybersixgill Investigative Platform in January, in comparison with 216 results in December.

  • The Lockbit ransomware gang were
    responsible for 37% of ransomware attacks in January 2023.

  • Lockbit, one of the most notorious
    ransomware groups of 2022, first emerged in September 2019 as Ransomware-as-a-Service (RaaS) operation, with Russian linked origins. Lockbit is known for their double extortion tactics to compel ransomware victims to pay a ransom to regain access to their encrypted file.

pie chart

The top CVE’s this month based on Cybersixgill’s data

  1. 1.

    CVE-2022-23529

    This flaw has a DVE score of 9.9. This vulnerability can lead to Remote Code Execution (RCE) when a server verifies a maliciously crafted JSON web token (JWT) request from version 8.5.1 up to (excluded) 9.0.0.

    CVSS: 3.1

    DVE: 9.9

  2. 2.

    CVE-2022-47966

    Current DVE score of 9.9. This vulnerability allows an unauthenticated adversary to execute code on a system.

    CVSS: 3.1

    DVE: 9.9

  3. 3.

    CVE-2022-41082

    This vulnerability holds a current DVE score of 10. It refers to a vulnerability in Microsoft Exchange Server Remote Code Execution.

    CVSS: 3.1

    DVE: 10

THREAT ACTOR TRENDS

Malware insights

The most mentioned malware for January 2023:

  • In January, Emotet malware had the highest number of mentions on the underground (over 2,700) according to the Cybersixgill Investigative Portal.

  • Emotet is a malware that was first discovered in 2014 and has since evolved into one of the most sophisticated and dangerous threats to computer networks. It primarily spreads through spam emails containing malicious attachments or links that, when opened, infect the user’s device and network.

pie chart

Live from the newsroom

  1. How Telegram became the battlefront of the Russia-Ukraine cyberwar

    See Details

  2. Here's how healthcare companies are using artificial intelligence to enhance cybersecurity

    See Details

  3. Researchers expose proxies used by major Russian hacktivist group in Western attacks

    See Details