Attacks, Vulnerabilities and Actors 10 to 16 June 2024

2024-06-2103:14:19

Zaira Pirzada

hivepro.com

attacks

vulnerabilities

actors

security threats

june 2024

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.1

Confidence

Low

EPSS

0.001

Percentile

21.3%

JSON

For a detailed threat digest, download the pdf file here

Summary

HiveForce Labs has recently made significant advancements in identifying cybersecurity threats. Over the past week alone, HiveForce Labs has detected five executed attacks, reported seven vulnerabilities, and identified one active adversary. These findings highlight the relentless and escalating danger of cyber intrusions.

Additionally, a new Windows malware 'WARMCOOKIE' disseminated in the "REF6127" email campaign targeting job seekers, functioning as a backdoor to explore networks, deploy additional payloads, and capture screenshots.

Furthermore, the Cardinal Threat Group, associated with Black Basta ransomware, is believed to have exploited Windows**CVE-2024-26169** as a zero-day, granting attackers the highest-level system access. These rising threats pose significant and immediate danger to users worldwide.

**Subscribe**to receive our weekly threat digests and newsletters directly in your inbox.