Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
hiveproHiveForce LabsHIVEPRO:3BF6A08529D49CD21C6A2E8D2703896B
HistoryNov 15, 2023 - 9:15 a.m.

Attacks, Vulnerabilities and Actors 6 November to 12 November 2023

2023-11-1509:15:43
HiveForce Labs
www.hivepro.com
25
cybersecurity
threats
ransomware
exploited vulnerabilities
adversary activity
actor
sysaid
lace tempest
farnetwork

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.668 Medium

EPSS

Percentile

97.6%

JSON

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of twenty-five executed attacks, six instances of adversary activity, and four exploited vulnerabilities, highlighting the ever-present danger of cyberattacks Furthermore, HiveForce Labs uncovered an actor named Kinsing exploiting Looney Tunables flaws, Farnetwork threat group in their latest campaign, being the mastermind of Five Ransomware Strains. Meanwhile, a critical vulnerability (CVE-2023-47246) in SysAid servers is being exploited by the Lace Tempest in various attacks. These observed attacks have been on the rise, posing a significant threat worldwide. Subscribe to receive our weekly threat digests and newsletters directly in your inbox.

Related

prion 1
githubexploit 2
rapid7blog 2
cvelist 1
nuclei 1
nessus 1
hivepro 1
cnvd 1
cisa_kev 1
thn 1
malwarebytes 1
cve 1
attackerkb 1
prion
prion
Path traversal
2023-11-10 06:15:00
githubexploit
githubexploit
Exploit for Path Traversal in Sysaid Sysaid On-Premises
2023-11-17 07:03:06
Exploit for Path Traversal in Sysaid Sysaid On-Premises
2023-11-22 08:18:11
rapid7blog
rapid7blog
Peeking into the crystal ball: What 2023 cyber threats told us about 2024
2023-12-12 16:00:00
CVE-2023-47246: SysAid Zero-Day Vulnerability Exploited By Lace Tempest
2023-11-09 14:12:55
cvelist
cvelist
CVE-2023-47246
2023-11-10 00:00:00
nuclei
nuclei
SysAid Server - Remote Code Execution
2023-11-14 10:18:31
nessus
nessus
SysAid Server < 23.3.36 Path Traversal
2023-11-16 00:00:00
hivepro
hivepro
Lace Tempest Exploits Zero-Day in a Strategic Strike on SysAid
2023-11-14 08:22:40
cnvd
cnvd
File Upload Vulnerability Exists in SysAid On-Premise
2023-11-21 00:00:00
cisa_kev
cisa_kev
SysAid Server Path Traversal Vulnerability
2023-11-13 00:00:00
thn
thn
Zero-Day Alert: Lace Tempest Exploits SysAid IT Support Software Vulnerability
2023-11-09 16:54:00
malwarebytes
malwarebytes
Update now! SysAid vulnerability is actively being exploited by ransomware affiliate
2023-11-09 13:43:06
cve
cve
CVE-2023-47246
2023-11-10 06:15:30
attackerkb
attackerkb
CVE-2023-47246
2023-11-10 00:00:00

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.4 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.668 Medium

EPSS

Percentile

97.6%

JSON
Related for HIVEPRO:3BF6A08529D49CD21C6A2E8D2703896B
prion1githubexploit2rapid7blog2cvelist1nuclei1nessus1hivepro1cnvd1cisa_kev1thn1malwarebytes1cve1attackerkb1