Lucene search
K

52 matches found

Circl
Circl
added 2024/11/14 12:0 p.m.20 views

CVE-2024-5594

creationtimestamp| type| source ---|---|--- 2024-11-14 12:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-06 2025-01-06 13:54:33+00:00| seen| https://infosec.exchange/users/cve/statuses/113781746778966575 2025-01-06 14:15:27+00:00| seen|...

9.1CVSS8AI score0.00819EPSS
Exploits0References16
hivepro
hivepro
added 2024/02/29 3:25 p.m.20 views

BlackCat’s Resurgence Despite Law Enforcement Disruptions

Summary: Blackcat, a sophisticated Ransomware-as-a-Service operation, infiltrates networks using advanced social engineering and remote access tools, offering triple extortion tactics and cyber remediation advice for ransom payment, and resurged after a December 2023 disruption, causing widesprea...

7.4AI score
Exploits0
hivepro
hivepro
added 2024/02/28 7:3 a.m.16 views

Unmasking Doppelgänger: Russia’s Disinformation Campaign Revealed

Summary: Doppelgänger, a suspected Russia-aligned influence operation network targeting German audiences with propaganda and disinformation, potentially aiming to sway opinions ahead of elections. Doppelgänger employs coordinated social media activities and a dynamic infrastructure to maximize it...

7.1AI score
Exploits0
hivepro
hivepro
added 2024/01/08 9:7 a.m.51 views

Ivanti Addresses Critical Vulnerability in Endpoint Manager

Summary: Ivanti addressed a critical vulnerability CVE-2023-39336 in its Endpoint Management software, ensuring secure usage for its 40,000 worldwide customers. The flaw, resolved in version 2022 Service Update 5, posed a risk of pre-authenticated sql injection and possibly Remote Code Injection ...

5.8CVSS8.2AI score0.0997EPSS
Exploits0
hivepro
hivepro
added 2023/12/22 7:32 a.m.46 views

Google’s Battle Against Zero-Day Vulnerability Continues

Summary: Google has recently implemented a security enhancement to address a high-severity zero-day vulnerability, identified as CVE-2023-7024, that can lead to program crashes or enable arbitrary code execution. Threat Level - Red | Vulnerability Report For a detailed threat advisory, download t...

6.8CVSS7.6AI score0.07356EPSS
Exploits2
hivepro
hivepro
added 2023/11/20 6:3 a.m.25 views

GhostSec Pioneering the Hacktivist Front with GhostLocker

Summary: GhostSec, a hacktivist coalition stemming from the Anonymous group and part of The Five Families, has introduced GhostLocker, an advanced Ransomware-as-a-Service RaaS framework. Threat Level - RED | Attack Report For a detailed threat advisory, download the pdf file here To receive...

7.3AI score
Exploits0
hivepro
hivepro
added 2023/11/16 5:39 a.m.30 views

TA402’s Covert Operation Takes Aim at the Middle East

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary TA402 aka Extreme Jackal launched sophisticated phishing campaigns targeting government entities in the Middle East. The objective was to deploy a newly developed initial access downloader called IronWin...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/11/15 12:46 p.m.11 views

Hackers Employ Updated Ducktail to Target Indian Marketers

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The threat actors linked to the Ducktail stealer malware have been implicated in a new campaign that focused on marketing professionals in India. The primary goal of this campaign was to compromise and...

7.5AI score
Exploits0
hivepro
hivepro
added 2023/11/15 5:17 a.m.20 views

Multiple Critical Vulnerabilities in Juniper Exploited in the Wild

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Multiple vulnerabilities have been discovered in Juniper Networks Junos OS, with the potential for pre-auth Remote Code Execution when chained in Juniper devices. Juniper Networks has confirmed th...

8.3AI score
Exploits0
hivepro
hivepro
added 2023/11/06 5:42 a.m.92 views

Ransomware Threats Exploit CVE-2023-46604 in Apache ActiveMQ Servers

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Ransomware groups and SparkRAT exploiting a critical vulnerability CVE-2023-46604 in Apache ActiveMQ, despite a security update on October 27, 2023, affecting systems with outdated ActiveMQ...

7.5CVSS9.3AI score0.99654EPSS
Exploits31
hivepro
hivepro
added 2023/10/30 1:31 p.m.35 views

Lazarus Unleash SIGNBT Malware in Latest Campaign

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Lazarus Group has been identified as the mastermind behind a recent cyber campaign. They persistently targeted a software vendor, successfully compromising the vendors systems by exploiting software...

7.6AI score
Exploits0
hivepro
hivepro
added 2023/10/27 7:45 a.m.50 views

Winter Vivern Capitalizes on Zero-Day Flaw in Roundcube

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Winter Vivern cyberespionage group has been actively exploiting a zero-day vulnerability in the Roundcube webmail. The identified vulnerability, CVE-2023-5631, permits stored cross-site scripting...

4.9CVSS6.6AI score0.75873EPSS
Exploits2
hivepro
hivepro
added 2023/10/23 5:35 a.m.36 views

BlackCat Incorporates ‘Munchkin’ into Its Arsenal

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The BlackCat ransomware group has introduced a new tool called Munchkin in its operations. This tool employs virtual machines VMs to stealthily deploy encryptors on network devices. Munchkin allows the...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/10/14 12:53 p.m.15 views

ShellBot Malware Evades Detection Using Hexadecimal IP Addresses

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary ShellBot malware, targeting poorly managed Linux SSH servers, now employs hexadecimal IP addresses in its download URLs to evade detection. This change highlights the need for strong security measures an...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/10/14 8:1 a.m.39 views

China’s Cyber Espionage Targets Semiconductor Giants in East Asia

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary In recent cyber espionage activities, threat actors affiliated with the Peoples Republic of China PRC have targeted semiconductor companies operating in Mandarin/Chinese-speaking regions of East Asia...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/10/10 5:44 a.m.25 views

LostTrust Ransomware Unmasking the Gang Behind the Threat

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary LostTrust ransomware, emerged in September 2023, is a multi-extortion threat related to SFile and Mindware, employing techniques reminiscent of MetaEncryptor, encrypting files, and demanding ransoms. It...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/10/02 6:29 a.m.73 views

Google and Firefox fixes Zero-Day Flaw Exploited in the Wild

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A zero-day vulnerability, CVE-2023-5217, is actively exploited and has been patched in both Google Chrome and Firefox browsers. CVE-2023-5217 is a Heap buffer overflow vulnerability discovered in...

6.8CVSS9.3AI score0.49013EPSS
Exploits3
hivepro
hivepro
added 2023/09/28 6:42 a.m.29 views

TAG-74’s Multi-Year Campaign Targets South Korean Organizations

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary TAG-74 is a state-sponsored cyber-espionage group that has been attributed to Chinese military intelligence. This threat actor has been involved in a multi-year campaign primarily targeting organizations ...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/09/15 6:10 a.m.41 views

Apple Addresses Two Zero-Day Flaws Exploited by Attackers

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Apples two zero-day vulnerabilities CVE-2023-41064 and CVE-2023-41061 enable arbitrary code execution and system crashes. As these vulnerabilities are actively exploited, they pose severe risks,...

4.4CVSS7.8AI score0.15263EPSS
Exploits2
hivepro
hivepro
added 2023/09/13 5:50 a.m.15 views

Cybercriminals Target Graphic Designers with Cryptojacking Malware

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Cybercriminals are taking advantage of a legitimate Windows tool known as Advanced Installer to compromise the computers of graphic designers with cryptocurrency mining malware. These scripts are designe...

6.9AI score
Exploits0
Rows per page
Query Builder