Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
hiveproHiveForce LabsHIVEPRO:38EF970F045E91714F14D611878F310C
HistoryFeb 08, 2024 - 2:06 p.m.

Mispadu Leverages CVE-2023-36025 Vulnerability in Latest Attack

2024-02-0814:06:16
HiveForce Labs
www.hivepro.com
14
mispadu variant
mexican regions
cve-2023-36025
data theft
browser history
cryptocurrency wallets
amber threat level
hiveforce labs

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

79.6%

JSON

Summary: A new variant of the Mispadu infostealer, a malware known for targeting Spanish and Portuguese speakers, specifically targets Mexican regions and leverages the CVE-2023-36025 vulnerability to gain access. It extends its data theft reach beyond previous versions, capturing browser history, cookies, and even cryptocurrency wallets. Threat Level - Amber | Attack Report For a detailed threat advisory, download the pdf file here To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.

Related

cisa_kev 1
mscve 1
githubexploit 2
thn 10
attackerkb 1
hivepro 1
cvelist 1
prion 1
trendmicroblog 1
cve 1
talosblog 1
malwarebytes 1
krebs 2
mskb 15
nessus 11
qualysblog 1
kaspersky 2
openvas 6
avleonov 1
rapid7blog 2
cisa_kev
cisa_kev
Microsoft Windows SmartScreen Security Feature Bypass Vulnerability
2023-11-14 00:00:00
mscve
mscve
Windows SmartScreen Security Feature Bypass Vulnerability
2023-11-14 08:00:00
githubexploit
githubexploit
Exploit for Vulnerability in Microsoft
2023-11-17 15:46:44
Exploit for Vulnerability in Microsoft
2023-12-28 23:29:04
thn
thn
Hackers Weaponize Windows Flaw to Deploy Crypto-Siphoning Phemedrone Stealer
2024-01-16 07:13:00
New Mispadu Banking Trojan Exploiting Windows SmartScreen Flaw
2024-02-05 03:45:00
Mispadu Trojan Targets Europe, Thousands of Credentials Compromised
2024-04-03 09:32:00
attackerkb
attackerkb
CVE-2023-36025
2023-11-14 00:00:00
hivepro
hivepro
Attacks, Vulnerabilities and Actors 5 to 11 February 2024
2024-02-13 11:12:58
cvelist
cvelist
CVE-2023-36025 Windows SmartScreen Security Feature Bypass Vulnerability
2023-11-14 17:57:39
prion
prion
Security feature bypass
2023-11-14 18:15:00
trendmicroblog
trendmicroblog
CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign
2024-01-12 00:00:00
cve
cve
CVE-2023-36025
2023-11-14 18:15:31
talosblog
talosblog
Microsoft discloses only three critical vulnerabilities in Novemberโ€™s Patch Tuesday update, three other zero-days
2023-11-14 19:46:02
malwarebytes
malwarebytes
Update now! Microsoft patches 3 actively exploited zero-days
2023-11-15 22:04:31
krebs
krebs
Microsoft Patch Tuesday, November 2023 Edition
2023-11-14 23:00:59
Fat Patch Tuesday, February 2024 Edition
2024-02-13 22:28:48
mskb
mskb
November 14, 2023โ€”KB5032252 (Monthly Rollup)
2023-11-14 08:00:00
November 14, 2023โ€”KB5032248 (Security-only update)
2023-11-14 08:00:00
November 14, 2023โ€”KB5032254 (Monthly Rollup)
2023-11-14 08:00:00
nessus
nessus
KB5032248: Windows Server 2008 Security Update (November 2023)
2023-11-14 00:00:00
KB5032250: Windows Server 2008 R2 Security Update (November 2023)
2023-11-14 00:00:00
KB5032249: Windows Server 2012 R2 Security Update (November 2023)
2023-11-14 00:00:00
qualysblog
qualysblog
Microsoft and Adobe Patch Tuesday, November 2023 Security Update Review
2023-11-14 20:29:03
kaspersky
kaspersky
KLA61980 Multiple vulnerabilities in Microsoft Products (ESU)
2023-11-14 00:00:00
KLA61975 Multiple vulnerabilities in Microsoft Windows
2023-11-14 00:00:00
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB5032199)
2023-11-16 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5032197)
2023-11-16 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB5032189)
2023-11-16 00:00:00
avleonov
avleonov
November 2023 โ€“ January 2024: New Vulristics Features, 3 Months of Microsoft Patch Tuesdays and Linux Patch Wednesdays, Year 2023 in Review
2024-02-01 17:07:20
rapid7blog
rapid7blog
Patch Tuesday - November 2023
2023-11-14 21:27:09
Patch Tuesday - February 2024
2024-02-13 21:26:21

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

Low

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.007 Low

EPSS

Percentile

79.6%

JSON
Related for HIVEPRO:38EF970F045E91714F14D611878F310C
cisa_kev1mscve1githubexploit2thn10attackerkb1hivepro1cvelist1prion1trendmicroblog1cve1talosblog1malwarebytes1krebs2mskb15nessus11qualysblog1kaspersky2openvas6avleonov1rapid7blog2