The June 2023 Fidelis Threat Intelligence Summary reviews key threats and telemetry observed by the Fidelis Threat Research Team, highlighting continued exposure and patching gaps around MOVEit Transfer vulnerabilities (including a critical SQL injection), plus internet-exposed U.S. federal agency systems violating CISA directives and hosting common data-theft vectors like MOVEit, GoAnywhere, and Serv-U. It also covers Akira ransomware targeting ESXi servers, Gamaredon’s use of PowerShell USB malware for backdoor deployment, APT15’s return with the Graphican backdoor, and a Microsoft Teams weakness that can enable malware delivery via external accounts. Fidelis tracked 6,000+ vulnerabilities, observed 1,238 exploitation attempts, blocked 70,000+ malware threats, analyzed 258,464 sandbox su

Join for free to read