Lucene search
K

14 matches found

hivepro
hivepro
added 2024/03/27 12:15 p.m.32 views

Evil Ant The Python-Powered Ransomware

Summary: Evil Ant Ransomware, a sophisticated Python-based malware compiled with PyInstaller, operates covertly by hiding its console window and executing tasks discreetly. It aims to gain access to critical system functions and encrypt secured files. Threat Level - Amber | Attack Report For a...

7.5AI score
Exploits0
hivepro
hivepro
added 2024/03/23 2:3 a.m.11 views

Unveiling AcidPour Evolution of Destructive Malware Targeting Ukraine

Summary: AcidPour, a variant of the destructive AcidRain wiper malware previously used during the Russia-Ukraine conflict, signals a heightened threat to Ukraines critical infrastructure. By targeting Linux UBI and DM logic, AcidPour poses a significant risk to large storage devices and RAID...

7.2AI score
Exploits0
hivepro
hivepro
added 2024/03/08 1:58 p.m.9 views

SapphireStealer’s Stealthy Invasion via Deceptive Legal Documents

Summary: An intricate campaign aimed at Russian individuals has emerged, showcasing the SapphireStealer malware, a publicly available information-stealing tool introduced in December 2022. The incorporation of social engineering techniques significantly enhances the efficacy of these campaigns,...

7.1AI score
Exploits0
hivepro
hivepro
added 2024/03/06 5:51 p.m.13 views

CHAVECLOAK Banking Trojan Sneaks into Brazil’s Financial Hub

Summary: The CHAVECLOAK banking trojan is purposefully crafted to target the banking credentials of individuals in Brazil, highlighting the ongoing focus of cyber criminals on the nations financial sector. Threat Level - Amber | Attack Report For a detailed threat advisory, download the pdf file...

7.1AI score
Exploits0
hivepro
hivepro
added 2024/02/28 7:3 a.m.15 views

Unmasking Doppelgänger: Russia’s Disinformation Campaign Revealed

Summary: Doppelgänger, a suspected Russia-aligned influence operation network targeting German audiences with propaganda and disinformation, potentially aiming to sway opinions ahead of elections. Doppelgänger employs coordinated social media activities and a dynamic infrastructure to maximize it...

7.1AI score
Exploits0
hivepro
hivepro
added 2024/02/26 1:2 p.m.15 views

Migo Targets Redis Servers for Cryptojacking Attacks

Summary: A new campaign has been uncovered that mines cryptocurrencies on Redis servers running Linux hosts by means of a malicious programme known as "Migo." Migo is distributed as a Golang ELF binary that can persist on Linux hosts and is obfuscated at compile time. The malware uses a variety o...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/02/14 12:28 p.m.20 views

The Zardoor Backdoor’s Silent Takeover of Saudi Charities

Summary: An espionage operation, designed to distribute a backdoor called Zardoor, was uncovered with evidence suggesting it dates back to March 2021. In May 2023, this meticulously orchestrated campaign specifically targeted non-profit organizations in Saudi Arabia. Threat Level - Amber | Attack...

7.1AI score
Exploits0
hivepro
hivepro
added 2024/02/08 2:24 p.m.18 views

Deceptive Crypto Sites A Breeding Ground for XPhase Clipper

Summary: A global malware campaign is actively targeting cryptocurrency enthusiasts, employing deceptive websites that masquerade as authentic cryptocurrency applications and ultimately leading to the execution of the XPhase Clipper payload. Threat Level - Amber | Attack Report For a detailed...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/01/25 1:36 p.m.8 views

Art of Impersonation Poses a Threat to Korean IT Powerhouses

Summary: Malicious entities have adeptly employed advanced strategies, masquerading as reputable Korean IT companies. The overarching objective is to establish persistence, achieved through the deployment of RATs such as AsyncRAT and VenomRAT. Threat Level - Amber | Attack Report For a detailed...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/12/07 12:45 p.m.81 views

Atlassian Addresses Critical RCE Flaws

Summary: Four critical vulnerabilities, namely CVE-2023-22522, CVE-2023-22523, CVE-2023-22524, and CVE-2022-1471, have been identified impacting the Confluence, Jira, and Bitbucket servers, along with a companion app for macOS. If successfully exploited, these vulnerabilities could lead to remote...

7.5CVSS8AI score0.99615EPSS
Exploits9
hivepro
hivepro
added 2023/11/23 4:57 a.m.14 views

Mustang Panda Targets Philippines Government Using Legitimate Software

Summary: Mustang Panda, a threat actor associated with China, has been implicated in a cyber attack targeting a government entity in the Philippines. The attackers employed a strategy of using legitimate software, such as Solid PDF Creator and SmadavProtect an antivirus solution based in Indonesi...

7.3AI score
Exploits0
hivepro
hivepro
added 2023/11/22 11:56 a.m.30 views

SideWinder’s Nim Backdoor Spells Trouble for South Asian Nations

Summary: SideWinder, also known as Razor Tiger, commenced its offensive operations in 2012 and has recently shifted its focus to targeting Bhutan. It employs deceptive content, ultimately executing the Nim Backdoor. The decoy content utilized in the sample is directly sourced from announcements...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/11/20 11:43 a.m.15 views

Gamaredon Deploys LitterDrifter USB Worm in Cyber Espionage Operations

Summary: Russian cyber espionage group Gamaredon aka Primitive Bear has been observed utilizing a USB-propagating worm known as LitterDrifter in attacks targeting Ukrainian entities. This group has recently adopted LitterDrifter, a worm written in VBS, designed to spread through removable USB...

7.2AI score
Exploits0
hivepro
hivepro
added 2022/01/12 10:29 a.m.43 views

Security Updates in Multiple Products of Adobe

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Multiple vulnerabilities have been discovered in Adobe Products: 16 critical vulnerabilities have been fixed in Adobe Acrobat and Reader which are listed below: Code execution: CVE-2021-44701, CVE-2021-44704, CVE-2021-44705...

9.3CVSS2.1AI score0.57304EPSS
Exploits0
Rows per page
Query Builder