The April 2023 Fidelis Threat Intelligence Summary reviews notable security events and metrics, highlighting the FBI-led takedown of the Genesis Market credential marketplace (“Operation Cookie Monster”), continued activity tied to Russian threat actors, LockBit targeting Apple macOS systems and high-profile victims, and a major supply-chain compromise of 3CX traced to malware-laced Trading Technologies X_Trader software. It also covers FIN7 exploitation of Veeam Backup & Replication (CVE-2023-27532) using the PowerTrash PowerShell loader, plus coordinated abuse of Twitter’s recommendation algorithm to “shadow ban” users. The report ranks key emerging CVEs including a Chrome V8 zero-day (CVE-2023-2033), Apple WebKit and macOS kernel flaws, Windows CLFS EoP (CVE-2023-28252), MSMQ RCE (CVE-2

Join for free to read