HiveForce LabsHIVEPRO:2573EE15D4E9790FE6519A9716865D95Attacks, Vulnerabilities and Actors 2 October to 8 October 2023
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.935 High
EPSS
Percentile
98.8%
For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of seven executed attacks, zero instances of adversary activity, and eight zero-day vulnerabilities, highlighting the ever-present danger of cyberattacks. Furthermore, HiveForce Labs uncovered a Malware-as-a-Service named BunnyLoader, which is being sold on various forums. BunnyLoader is a malicious software loader written in C/C++ and is sold for $250. Meanwhile, A critical zero-day flaw, CVE-2023-22515, affecting Confluence Data Center and Server instances is being actively exploited. Also, the MOVEit Transfer product, exploited by Clop ransomware. These observed attacks have been on the rise, posing a significant threat worldwide. Simply Subscribe to receive our weekly threat digests and newsletters directly in your inbox.
Related
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.935 High
EPSS
Percentile
98.8%