Threat Intelligence Bulletin – CISA Adds New Vulnerabilities to Catalog, Linux Symbiote Malware, and the Most Common Exploit Paths for Q1 2022

Chinese state-sponsored threat actors targeting VPN’s and network devices using several older, well-known flaws

• https://www.zdnet.com/article/nsa-fbi-warning-hackers-are-using-these-flaws-to-target-vpns-and-network-devices/

---

New phishing campaign spreading SVCReady malware using shellcode hidden in MS Office docs

• https://thehackernews.com/2022/06/researchers-warn-of-spam-campaign.html

---

New path traversal zero-day found in Microsoft Support Diagnostics Tool

• https://thehackernews.com/2022/06/researchers-warn-of-unpatched-dogwalk.html

---

CISA adds 36 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

• https://www.cisa.gov/uscert/ncas/current-activity/2022/06/08/cisa-adds-36-known-exploited-vulnerabilities-catalog
• https://www.cisa.gov/known-exploited-vulnerabilities-catalog

---

New Linux malware “Symbiote” very difficult to detect

• https://www.helpnetsecurity.com/2022/06/10/symbiote-linux-malware/
• https://www.darkreading.com/threat-intelligence/new-linux-malware-nearly-impossible-to-detect-

---

Mandiant details most common exploit paths for enterprises in Q1 2022, includes exposed repositories, leaked secrets, and vulnerable subdomains

• https://www.helpnetsecurity.com/2022/06/09/exploit-paths-enterprises/

---

Researchers design attack against Apple’s M1 processor, undermines key memory corruption protection feature

• https://www.darkreading.com/dr-tech/design-weakness-discovered-in-apple-m1-kernel-protections

---

Critical flaws in access control system LenelS2 HID Mercury from Carrier include remotely unlocking doors, subverting alarms, and command injection among others

• https://thehackernews.com/2022/06/researchers-disclose-critical-flaws-in.html