Lucene search
K

13 matches found

The Hacker News
The Hacker News
added 2024/02/19 5:5 a.m.65 views

Russian-Linked Hackers Target 80+ Organizations via Roundcube Flaws

Threat actors operating with interests aligned to Belarus and Russia have been linked to a new cyber espionage campaign that likely exploited cross-site scripting XSS vulnerabilities in Roundcube webmail servers to target over 80 organizations. These entities are primarily located in Georgia,...

9.8CVSS6.8AI score0.12661EPSS
Exploits0
The Hacker News
The Hacker News
added 2024/02/13 4:51 a.m.44 views

Alert: CISA Warns of Active 'Roundcube' Email Attacks - Patch Now

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added a medium-severity security flaw impacting Roundcube email software to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The issue, tracked as CVE-2023-43770 CVSS score: 6.1,...

6.1CVSS6.4AI score0.58483EPSS
Exploits2
hivepro
hivepro
added 2023/10/31 5:56 a.m.41 views

Attacks, Vulnerabilities and Actors 23 October to 29 October 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of seven executed attacks, two instances of adversary activity, and three exploited...

4.9CVSS7.4AI score0.75873EPSS
Exploits2
hivepro
hivepro
added 2023/10/27 7:45 a.m.50 views

Winter Vivern Capitalizes on Zero-Day Flaw in Roundcube

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Winter Vivern cyberespionage group has been actively exploiting a zero-day vulnerability in the Roundcube webmail. The identified vulnerability, CVE-2023-5631, permits stored cross-site scripting...

4.9CVSS6.6AI score0.75873EPSS
Exploits2
The Hacker News
The Hacker News
added 2023/10/25 1:20 p.m.79 views

Nation State Hackers Exploiting Zero-Day in Roundcube Webmail Software

The threat actor known as Winter Vivern has been observed exploiting a zero-day flaw in Roundcube webmail software on October 11, 2023, to harvest email messages from victims' accounts. "Winter Vivern has stepped up its operations by using a zero-day vulnerability in Roundcube," ESET security...

6.1CVSS5.8AI score0.75873EPSS
Exploits3
HackRead
HackRead
added 2023/10/25 12:5 p.m.28 views

APT Winter Vivern Exploits New Roundcube 0-Day to Target European Entities

By Waqas ESET Research Uncovers New Targeted Campaign Impacting European Governments and Think Tanks. This is a post from HackRead.com Read the original post: APT Winter Vivern Exploits New Roundcube 0-Day to Target European Entities...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/08/11 2:23 p.m.33 views

Researchers Uncover Years-Long Cyber Espionage on Foreign Embassies in Belarus

A hitherto undocumented threat actor operating for nearly a decade and codenamed MoustachedBouncer has been attributed to cyber espionage attacks aimed at foreign embassies in Belarus. "Since 2020, MoustachedBouncer has most likely been able to perform adversary-in-the-middle AitM attacks at the...

7.3AI score
Exploits0
hivepro
hivepro
added 2023/04/05 10:9 a.m.31 views

Winter Vivern APT targets EU with Zimbra flaw

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Winter Vivern abuses CVE-2022-27926 to attack public Zimbra webmail portals of government entities. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn...

4.3CVSS6.4AI score0.17634EPSS
Exploits0
The Hacker News
The Hacker News
added 2023/03/31 2:7 p.m.4 views

Winter Vivern APT Targets European Government Entities with Zimbra Vulnerability

The advanced persistent threat APT actor known as Winter Vivern is now targeting officials in Europe and the U.S. as part of an ongoing cyber espionage campaign. "TA473 since at least February 2023 has continuously leveraged an unpatched Zimbra vulnerability in publicly facing webmail portals tha...

6.1CVSS6.2AI score0.17634EPSS
Exploits0
The Hacker News
The Hacker News
added 2023/03/31 2:7 p.m.48 views

Winter Vivern APT Targets European Government Entities with Zimbra Vulnerability

The advanced persistent threat APT actor known as Winter Vivern is now targeting officials in Europe and the U.S. as part of an ongoing cyber espionage campaign. "TA473 since at least February 2023 has continuously leveraged an unpatched Zimbra vulnerability in publicly facing webmail portals tha...

6.1CVSS7AI score0.17634EPSS
Exploits0
hivepro
hivepro
added 2023/03/22 8:32 a.m.13 views

Winter Vivern with Pro-Russian Objectives Targets Government

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The Winter Vivern Advanced Persistent Threat APT is a relatively underreported group that operates with pro-Russian objectives and targets government agencies. To receive real-time threat advisories, plea...

6.7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/17 7:6 a.m.3 views

Winter Vivern APT Group Targeting Indian, Lithuanian, Slovakian, and Vatican Officials

The advanced persistent threat known as Winter Vivern has been linked to campaigns targeting government officials in India, Lithuania, Slovakia, and the Vatican since 2021. The activity targeted Polish government agencies, the Ukraine Ministry of Foreign Affairs, the Italy Ministry of Foreign...

6.4AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/17 7:6 a.m.40 views

Winter Vivern APT Group Targeting Indian, Lithuanian, Slovakian, and Vatican Officials

The advanced persistent threat known as Winter Vivern has been linked to campaigns targeting government officials in India, Lithuania, Slovakia, and the Vatican since 2021. The activity targeted Polish government agencies, the Ukraine Ministry of Foreign Affairs, the Italy Ministry of Foreign...

Exploits0
Rows per page
Query Builder