Attacks, Vulnerabilities and Actors 11 December to 17 December 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of eleven executed attacks, six instances of adversary activity, and five exploited...

Russian SVR Exploits Critical TeamCity Vulnerability Globally

Summary: A critical vulnerability CVE-2023-45247 in JetBrains TeamCity is actively exploited by Russias SVR cyber actors APT 29, allowing full server compromise. The targeted software widely used by developers poses a significant threat, enabling access to sensitive information and potential...

Russian Foreign Intelligence Service (SVR) Exploiting JetBrains TeamCity CVE Globally

SUMMARY The U.S. Federal Bureau of Investigation FBI, U.S. Cybersecurity & Infrastructure Security Agency CISA, U.S. National Security Agency NSA, Polish Military Counterintelligence Service SKW, CERT Polska CERT.PL, and the UK’s National Cyber Security Centre NCSC assess Russian Foreign...

Attacks, Vulnerabilities and Actors 31 July to 6 August 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of one executed attack, one instance of adversary activity, and thirteen vulnerabilities,...

New APT 29 Campaign Targets Organizations through Microsoft Teams

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary APT 29, a Russia-based threat actor, employs targeted social engineering via Microsoft Teams to steal credentials, leveraging compromised domains and convincing users to enter authentication codes,...

APT 29 Launches Malevolent Campaign Targeting Governments

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary APT 29 has launched a novel campaign targeting Western countries. This latest operation involves the use of a malevolent dropper called ROOTSAW. To receive real-time threat advisories, please follow...

FBI-DHS-CISA Joint Advisory on Russian Foreign Intelligence Service Cyber Operations

The Federal Bureau of Investigation FBI, Department of Homeland Security, and CISA have released a Joint Cybersecurity Advisory CSA addressing Russian Foreign Intelligence Service SVR cyber actors—also known as Advanced Persistent Threat 29 APT 29, the Dukes, CozyBear, and Yttrium—continued...

MITRE ATT&CK APT 29 evaluation proves Microsoft Threat Protection provides deeper end to end view of advanced threats

As attackers use more advanced techniques, it’s even more important that defenders have visibility not just into each of the domains in their environment, but also across them to piece together coordinated, targeted, and advanced attacks. This level of visibility will allow us to get ahead of...