The March 2023 Fidelis Threat Research Team monthly report summarizes major security developments, including the White House’s new national cybersecurity strategy, CISA’s pre-ransomware notification initiative, the BlackLotus UEFI bootkit that can bypass Secure Boot on fully updated Windows systems, and the characterization of North Korea–linked APT43. It highlights emerging vulnerabilities led by Microsoft Outlook privilege escalation CVE-2023-23397 and Microsoft Word RCE CVE-2023-21716, plus other notable CVEs affecting Veeam, ICMP, FortiOS, Joomla, SmartScreen, and TPM. Telemetry shows over 76,000 high-severity malware threats and 1,170 critical vulnerability exploitation attempts, with 81,173 sandbox submissions and 5,894 flagged as malicious, and shifting industry targeting (transport

Join for free to read