The March 2022 Fidelis Threat Intelligence Summary focuses on the cyber dimension of the Russo-Ukrainian conflict, highlighting destructive CaddyWiper activity, sustained DDoS pressure against Ukrainian government sites, and phishing campaigns by APT28 (Russia) and UNC1151 (Belarus), alongside the heightened risk of spillover and misattribution as hacktivist groups and Ukraine’s IT Army escalated offensive operations. It explains how CaddyWiper overwrites user files, enumerates mapped drives, and destroys the MBR, while avoiding domain controllers likely to preserve GPO-based deployment, and it describes detection opportunities based on the malware’s stack-string import resolution behavior. Telemetry reported 186K+ high-severity malware threats and 6K+ critical exploitation attempts, domin

Join for free to read