8/9
  • Pages
  • Editions
01 Welcome to CRII
02 Intro: What is ransomware now?
03 The year ransomware declined (for some)
04 Trends: Attack Severity and Pay Ratio
05 Trends: 2023 Early Indicators
06 Trends: Targeted Industries
07 Industry Focus: Healthcare
08 Recent Vulnerabilities
09 Thanks for Reading

Recent Alerts

Corvus’s Threat Intel team is dedicated to closely monitoring the threat landscape for new vulnerabilities. We know how quickly a single unpatched system can result in a full-blown attack, so we react fast. By sending tailored alerts to our policyholders — 9 hours after discovery — we can provide a 15 day average head-start in the race to patch before widespread exploitation begins.

Given the thousands of known vulnerabilities that exist, knowing when and what to patch isn’t an easy job, which is why we only alert on 12% of the threats we research (and why more than 4 in 5 threats we alert end up being exploited in the wild). This means policyholders know when they hear from Corvus, it's time to act. Below, you’ll find a collection of alerts we’ve sent to policyholders over the last quarter.

Git Vulnerability

On January 17, 2023, security researchers in collaboration with GitLab announced the discovery of critical security flaws. Git is an open-source tool often used by software developers and engineers for version control as they collaborate on code changes.

Learn More

Control Web Panel Vulnerability

A critical security flaw has been discovered in CentOS Control Web Panel 7 (CWP), a common interface for web hosting. The security flaw (CVE-2022-44877) allows a remote, unauthenticated attacker to perform arbitrary code execution.

Learn More

Jira Vulnerability

The flaw, CVE-2023-22501, affects Jira Service Management Server and Data Center commonly used for collaboration and development. The vulnerability allows an attacker to impersonate another user and gain access to a Jira Service Management instance.

Learn More

Fortiweb Vulnerability

Fortinet released an advisory detailing a critical security flaw (CVE-2021-42756) in their web application firewall (WAF), FortiWeb products. The vulnerability allows for an unauthenticated attacker to execute arbitrary code or commands.

Learn More

ESXi Ransomware Campaign

On February 3rd, 2023, reports emerged showing an extensive ransomware campaign targeting publicly exposed VMware ESXi servers. Researchers believe that the threat actors responsible are exploiting a two-year-old vulnerability, CVE-2021-21974.

Learn More

Banking Wire Fraud Alert

The Corvus Team has observed threat actors taking steps to prepare for phishing campaigns exploiting recent U.S bank closures, which could lead to an increase in wire fraud.

Learn More

3CX Desktop App Security

A threat actor compromised the 3CX VoIP DesktopApp resulting in malicious code being installed in the legitimate software. The app is now being used in supply chain attacks. Cyber security firms have attributed the attacks to state-sponsored threat actors.

Learn More

Share with others!

Legal Disclaimer: This report is intended for general guidance and information purposes only. This report is under no circumstances intended to be used or considered as specific insurance or information security advice. Please consult your broker with respect to the information presented herein.

Continue ﹥