Attacks, Vulnerabilities and Actors 11 to 17 March 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, HiveForce Labs discovered eight executed attacks, uncovered ten vulnerabilities, and identified two active adversaries. These findings underscore the persistent and escalating danger posed by cyberattacks. Furthermore, HiveForce Labs' discovered threat actor dubbed Magnet Goblin, known for its financial incentives, strategically exploits zero-day vulnerabilities within publicly accessible services. It achieves this by employing sophisticated malware sourced from the Nerbian family, which includes NerbianRAT and MiniNerbian. Evasive Panda, a notorious threat actor group, has orchestrated an intricate cyberespionage campaign targeting Tibetan users since at least September 2023. This operation employs both watering hole and supply chain attacks to achieve its objectives. A sophisticated phishing campaign is targeting personnel in various sectors, with the intent of distributing VCURMS and STRRAT RATs. High-severity vulnerabilities have been discovered in Cisco, WordPress, and Fortinet. These attacks are on the rise, posing a significant and immediate threat to users worldwide. Subscribe to receive our weekly threat digests and newsletters directly in your inbox.