#214 - Intel Chat: UTA0352/UTA0355, Commvault, Sonic wall & Bot Traffic

In this episode of The Cybersecurity Defenders Podcast, we discuss some intel being shared in the LimaCharlie community.

• Since March 2025, Volexity has tracked an escalation in sophisticated phishing campaigns executed by two suspected Russian threat actors, UTA0352 and UTA0355, targeting the Microsoft 365 accounts of individuals connected to Ukraine and human rights organizations.
• A recent security assessment by watchTowr uncovered a pre-authenticated Remote Code Execution (RCE) vulnerability in Commvault’s on-premise Backup and Recovery solution (Innovation Release 11.38.20).
• CISA has added two SonicWall vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, indicating an escalation in exploitation activity against the vendor’s SMA series of secure remote access appliances.
• Bot traffic has overtaken legitimate human use on the internet, with the latest data showing that automated traffic now accounts for 51% of all internet activity—of which 37% is classified as malicious.