Welcome to the July 2023 Threat Highlight Report!

This month's report covers a range of cybersecurity news, including the exploitation of Ivanti EPMM, ransomware incidents, and notable highlights in brief.

July report covers

Exploitation of Ivanti EPMM resulting in the compromise of government departments in Norway
Ransomware incidents involving newcomers BigHead and the impersonation of Sophos
Driver loopholes
Exploitation of Citrix products
TeamsPhisher tool that is being ignored by Microsoft
Examination of the hacktivist landscape
Statistics relating to the most active threat groups throughout July

The report examines the hacktivist landscape and includes statistics relating to the most active threat groups throughout July.

Here’s a bit more detail:

1. Exploitation of Ivanti EPMM: This refers to a cyber attack that resulted in the compromise of government departments in Norway. The attack was carried out by a state-backed sophisticated threat actor.

2. Ransomware incidents: The report covers several ransomware incidents, including those involving newcomers BigHead and the impersonation of Sophos. The report also covers the use of malvertising and a 2-for-1 incident at cosmetics brand Estée Lauder.

3. Driver loopholes: The report discusses loopholes in drivers that can be exploited by attackers to gain access to systems.

4. Exploitation of Citrix products: The report highlights active exploitation of two new vulnerabilities in two different Citrix products, namely ShareFile and NetScaler (ADC).

5. TeamsPhisher tool: This is a phishing tool that is being ignored by Microsoft. The report discusses the potential risks associated with this tool.

6. Hacktivist landscape: The report examines the current state of hacktivism and discusses recent hacktivist activities.

7. Statistics on threat groups: The report includes statistics on the most active threat groups throughout July, including information on their tactics, techniques, and procedures.

Stay informed about the latest cybersecurity threats and trends by reading our report!

Get the report now!

Read our previous reports

March 2024

February 2024

January 2024

December 2023

November 2023

October 2023

September 2023

August 2023

July 2023

June 2023

May 2023

April 2023

March 2023

February 2023

January 2023

Be Ahead of the Game!

Stay informed about the latest cybersecurity threats and trends by subscribing to WithSecure's monthly threat highlights report!

Our comprehensive report provides an overview of last month's cybersecurity news, the changing threat landscape, and relevant advice.

Don't miss out on valuable insights - fill out the form to receive our report now!

First Name

Last Name

Business Email

Company *

Country *

About us

What's new

Latest updates

WithSecure uncovers Kapeka, a new malware with links to Russian nation-state threat group Sandworm

Understanding Continuous Threat Exposure Management

Understanding Cloud Security Posture Management

Understanding Your Attack Surface

Select your location and language

Europe

North America

Central and South America

Asia - Pacific

Global

Managed services

Co-Security services

Consulting

WithSecure™ Solutions

Outcome-based strategies

CISO Toolbox

Keep learning

WithSecure™ Security Outcomes

Watch & Read

Let us know

Featured article

Endpoint Protection Emotional Footprint

Become a partner

For current partners

Find a partner

Partner's corner

Importance of Data and Security Literacy for Salesforce Users

Disrupting the Kill Chain with WithSecure™ Cloud Protection for Salesforce

Self-help

Contact support

Important updates

WithSecure Support