Lucene search
K
HiveproMost viewed

1589 matches found

hivepro
hivepro
added 2022/10/20 11:46 a.m.25 views

The Spyder Loader malware targets organizations in Hong Kong

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Spyder Loader malware was first publicly documented in March 2021. The recent Spyder Loader malware campaign appears to have had the ultimate goal of information theft, and the threat actor behind th...

1.1AI score
Exploits0
hivepro
hivepro
added 2022/09/19 9:4 a.m.25 views

Multiple Iranian actors have launched attacks against the Albanian government

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Threat actors acting on behalf of the Iranian government launched a devastating attack that knocked the Albanian governments websites and public services down. Each stage of the attack was carried out by...

4.2AI score
Exploits0
hivepro
hivepro
added 2022/06/24 11:44 a.m.25 views

APT28 exploits Follina to deploy CredoMap

Threat Level Actor Report For a detailed advisory, download the pdf file here Summary Google Chrome addresses nine vulnerabilities in its latest stable channel update for Windows, Mac, and Linux...

1.7AI score
Exploits0
hivepro
hivepro
added 2022/05/18 5:32 a.m.25 views

OilRig is back with another Phishing Email attack, delivering the Saitama Backdoor

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here An Iranian cyber espionage gang known as OilRig has began delivering malicious email to a Jordanian government employee at the foreign ministry. The email includes a malicious Excel sheet that installs the Saitama backdoor...

0.9AI score
Exploits0
hivepro
hivepro
added 2022/03/17 4:27 a.m.25 views

Russia under Attack from New RURansom Wiper

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here A series of Wiper Malware attacks have been launched in the continuing cyber war between Russia and Ukraine. Researchers have discovered the RURansom wiper malware, which adds to the current collection of harmful malware. The...

1.6AI score
Exploits0
hivepro
hivepro
added 2022/01/26 12:58 p.m.25 views

PwnKit vulnerability affects major Linux distributors

...

4AI score
Exploits0
hivepro
hivepro
added 2021/09/09 10:18 a.m.25 views

AntiVirus Evasion Techniques

Introduction Antivirus software looks for, detects, and eliminates viruses as well as other harmful software such as worms, trojans, adware, and others. Such programs are intended to be used as a preventative measure in cyber security, preventing threats from entering your computer and causing...

0.1AI score
Exploits0
hivepro
hivepro
added 2021/06/24 11:26 a.m.25 views

VMware patches 2 Critical Vulnerabilities in Carbon Black App Control, VMWare Tools and VMWare Remote Console

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. VMware has patched an authentication bypass vulnerabilityCVE-2021-21998 in the carbon black app control management server. Apart from this vulnerability VMware also patched a privilege escalation vulnerabilityCVE-2021-21999...

7.5CVSS1.1AI score0.10619EPSS
Exploits0
hivepro
hivepro
added 2024/03/18 8:18 a.m.24 views

Cisco IOS XR Flaws Enable Privilege Elevation and DoS Attacks

Summary: Three high-severity vulnerabilities have been discovered in the Cisco IOS XR software, posing risks of denial-of-service DoS attacks and elevation of privilege. These vulnerabilities are tracked as CVE-2024-20320, CVE-2024-20318, and CVE-2024-20327. Threat Level - Amber | Vulnerability...

4.3CVSS7.2AI score0.00336EPSS
Exploits0
hivepro
hivepro
added 2024/02/26 12:57 p.m.24 views

Roundcube Webmail Faces Unrelenting Exploitation

Summary: The Roundcube email server vulnerability, identified as CVE-2023-43770 and previously mitigated in September 2023, is currently being actively exploited. This flaw enables attackers to gain access to restricted information, with potential repercussions including sensitive data theft, use...

5.8CVSS7.2AI score0.58483EPSS
Exploits2
hivepro
hivepro
added 2023/12/15 1:7 p.m.24 views

Russian SVR Exploits Critical TeamCity Vulnerability Globally

Summary: A critical vulnerability CVE-2023-45247 in JetBrains TeamCity is actively exploited by Russias SVR cyber actors APT 29, allowing full server compromise. The targeted software widely used by developers poses a significant threat, enabling access to sensitive information and potential...

3.2CVSS6.8AI score0.00214EPSS
Exploits0
hivepro
hivepro
added 2023/11/25 11:0 a.m.24 views

A Comprehensive CTEM Guide for CISOs

In this video, Anand Choudha, CEO at Hive Pro, and Jeelan Poola, CPO at Hive Pro, introduce the HivePro Uni5 Threat Exposure Management Platform. HivePro Uni...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/11/20 6:3 a.m.24 views

GhostSec Pioneering the Hacktivist Front with GhostLocker

Summary: GhostSec, a hacktivist coalition stemming from the Anonymous group and part of The Five Families, has introduced GhostLocker, an advanced Ransomware-as-a-Service RaaS framework. Threat Level - RED | Attack Report For a detailed threat advisory, download the pdf file here To receive...

7.3AI score
Exploits0
hivepro
hivepro
added 2023/11/10 4:58 a.m.24 views

Chinese APT Masquerading as Cloud Services in Cambodia

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Chinese APT targets Cambodian government via disguised cloud services, aiming to access sensitive data, aligning with Chinas regional interests. Actors adapt work hours, signaling Chinese origin, urging...

7.1AI score
Exploits0
hivepro
hivepro
added 2023/11/02 7:6 a.m.24 views

CISA Known Exploited Vulnerability Catalog October 2023

For a detailed CISAs KEV Catalog, download the pdf file here Summary The Known Exploited Vulnerability KEV catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. It is recommended that all organizations review and monitor the KEV catalog,...

7.5AI score
Exploits0
hivepro
hivepro
added 2023/11/01 7:51 a.m.24 views

Stop Putting Out Fires Its Time to Change Vulnerability Management For the Better

In this video, Anand Choudha, CEO at Hive Pro, and Jeelan Poola, CPO at Hive Pro, introduce the HivePro Uni5 Threat Exposure Management Platform. HivePro Uni...

7.3AI score
Exploits0
hivepro
hivepro
added 2023/10/27 6:31 a.m.24 views

YoroTrooper Covert Cyber Espionage Masters of Kazakhstan

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary YoroTrooper, a stealthy threat actor primarily focused on espionage, first emerged in June 2022. YoroTroopers targets appear to be concentrated within the Commonwealth of Independent States CIS nations,...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/10/10 5:44 a.m.24 views

LostTrust Ransomware Unmasking the Gang Behind the Threat

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary LostTrust ransomware, emerged in September 2023, is a multi-extortion threat related to SFile and Mindware, employing techniques reminiscent of MetaEncryptor, encrypting files, and demanding ransoms. It...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/10/09 11:41 a.m.24 views

QakBot Resurges Latest Strikes with Ransom Knight and Remcos RAT

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The QakBot malware has been associated with a persistent phishing campaign since the beginning of August 2023, leading to the deployment of both the Ransom Knight ransomware and the Remcos RAT. To receiv...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/10/02 8:11 a.m.24 views

BlackTech: China-Linked Cyber Actors Exploit Router Firmware

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary BlackTech, a Peoples Republic of China PRC-linked cyber actor group, poses a significant threat by modifying router firmware and targeting diverse sectors, highlighting the need for enhanced cybersecurity...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/09/28 5:29 a.m.24 views

Deadglyph Malware Emerges as a Game Changer for Stealth Falcon

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The cyber espionage group Stealth Falcon commenced covert operations and employed advanced backdoor malware called "Deadglyph" primarily to infiltrate Middle Eastern government entities. To receive...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/09/26 5:15 a.m.24 views

Hive Pro Partners with Tech Titan to Fortify Cybersecurity Landscape in Southeast Asia

HERNDON, VA., Sept. 26, 2023 - Hive Pro®, a pioneer vendor in Threat Exposure Management, is thrilled to announce a strategic partnership with Tech Titan Group, a leading IT Solutions Provider renowned for its innovation-driven approach and dedication to addressing evolving customer needs across...

6.7AI score
Exploits0
hivepro
hivepro
added 2023/07/18 8:3 a.m.24 views

LokiBot Data Exfiltrating Trojan Targets Windows Systems

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary LokiBot, an infamous data-exfiltrating Trojan, has maintained a prominent presence since 2015. This pernicious malware predominantly sets its sights on Windows systems, diligently striving to acquire...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/04/03 5:42 a.m.24 views

Hive Pro Unveils Enhanced Version of HivePro Uni5 Threat Exposure Management Platform v2.1.0

Featuring diversified deployment options, seamless tool integration, and a refined user interface. Milpitas, CA – 3rd April 2023 – Hive Pro, a prominent cybersecurity firm specializing in Threat Exposure Management, today introduced the version update v2.1.0 to its flagship HivePro Uni5 platform,...

6.6AI score
Exploits0
hivepro
hivepro
added 2023/03/17 11:21 a.m.24 views

BianLian ransomware ramps up data-leak extortion and improves operational security

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary BianLian ransomware group is ramping up data-leak extortion to extract payments, using similar tactics & a custom backdoor, and bringing 30 new C2 servers online monthly. To receive real-time threat...

2.3AI score
Exploits0
hivepro
hivepro
added 2023/03/16 12:46 p.m.24 views

APT 29 Launches Malevolent Campaign Targeting Governments

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary APT 29 has launched a novel campaign targeting Western countries. This latest operation involves the use of a malevolent dropper called ROOTSAW. To receive real-time threat advisories, please follow...

1.3AI score
Exploits0
hivepro
hivepro
added 2023/03/07 8:28 a.m.24 views

Hiatus Hacking Campaign Targets DrayTek Vigor Routers to Steal Data

Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary A malware campaign called "Hiatus" that targets business-grade routers, specifically DrayTek Vigor models 2960 and 3900 running an i386 architecture. The campaign...

3.7AI score
Exploits0
hivepro
hivepro
added 2022/12/12 6:21 a.m.24 views

Iran-based Agrius deploys Fantasy wiper to attack IT firms in Israel

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Iran-based Agrius group has targeted Israel and the United Arab Emirates since 2020. In the beginning, the group deployed a wiper called Apostle, disguised as ransomware, which was later modified into...

1.6AI score
Exploits0
hivepro
hivepro
added 2022/11/23 12:18 p.m.24 views

Aurora Botnet evolves into a Stealer

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Aurora was first discovered in Russian-speaking underground forums and was capable of stealing, downloading, and gaining remote access. A threat actor by the name of Cheshire is selling this...

4AI score
Exploits0
hivepro
hivepro
added 2022/09/22 8:24 a.m.24 views

Kinsing malware continues to exploit these two-year-old vulnerabilities

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Malicious actors are exploiting these two-year-old remote code execution vulnerabilities in Oracle WebLogic Server to deploy Kinsing malware...

5.9AI score
Exploits0
hivepro
hivepro
added 2022/09/21 12:21 p.m.24 views

UNC4034 slips in a backdoor with trojanized PuTTY

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary UNC4034, a North Korean threat actor, uses a fake job posting to trick victims into downloading a trojanized version of PuTTY. When the malicious PuTTY binary is executed on the host, a backdoor named...

2.4AI score
Exploits0
hivepro
hivepro
added 2022/07/29 7:27 a.m.24 views

Evilnum strikes commodities and cryptocurrency Forum

Threat Level Actor Report For a detailed advisory, download the pdf file here Summary In recent campaigns, the Evilnum actor group has targeted the Decentralized Finance DeFi sector using Evilnum Malware. The latest iteration of Evilnum backdoor employs a diverse set of ISO, Microsoft Word, and...

1.3AI score
Exploits0
hivepro
hivepro
added 2022/03/17 5:55 a.m.24 views

Attackers Escape Kubernetes Containers using “cr8escape” Vulnerability in CRI-O

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. A flaw in CRI-O, an open-source Linux implementation of Kubernetes Container Runtime Interface CRI, was discovered that may allow an attacker to gain remote control of servers and potentially poison the container with attack...

2.9AI score0.18561EPSS
Exploits0
hivepro
hivepro
added 2021/10/07 11:43 a.m.24 views

Iranian APT is targeting Middle Eastern Aerospace and Telecommunications companies

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. ShellClient is a powerful new Remote Access Trojan RAT that was used in highly targeted attacks on a select few Aerospace and Telecommunications firms, primarily in the Middle East, with other victims in the United States,...

0.5AI score
Exploits0
hivepro
hivepro
added 2024/05/17 6:17 a.m.23 views

LunarWeb and LunarMail: The Secret Weapons of the Turla APT

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/23 1:7 p.m.23 views

Earth Hundun’s Deuterbear Sets Sights on High-Value Sectors

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/03/04 3:41 p.m.23 views

New Linux Variant of Bifrost RAT Utilizes Deceptive Domain for Evasion

Summary: A new Linux variant of the Bifrost RAT evades detection using a deceptive VMware domain, aiming to compromise systems. This persistent threat spreads through malicious emails and sites, harvesting sensitive data and now includes an ARM version, emphasizing the need for vigilant...

7.1AI score
Exploits0
hivepro
hivepro
added 2024/01/22 6:37 a.m.23 views

Androxgh0st Malware Uses Stealthy Tactics in Pilfering Credentials

Summary: The Androxgh0st malware is building a botnet, specifically aimed at illicitly obtaining cloud credentials from popular applications such as Amazon Web Services AWS, Microsoft Office 365, SendGrid, and Twilio. This stolen data is then utilized to disseminate additional harmful payloads...

7.1AI score
Exploits0
hivepro
hivepro
added 2023/11/25 11:8 a.m.23 views

Seeing the Full Threat Exposure Picture With Uni5 Xposure

In this video, Anand Choudha, CEO at Hive Pro, and Jeelan Poola, CPO at Hive Pro, introduce the HivePro Uni5 Threat Exposure Management Platform. HivePro Uni...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/11/14 8:11 a.m.23 views

Malicious CPU-Z App Distributed Through Ads on Fake Windows News Site

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A threat actor has been using Google Ads as a platform to distribute a tampered version of the CPU-Z tool. CPU-Z is a widely-used utility that provides information about various hardware components in a...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/11/10 8:34 a.m.23 views

Farnetwork the Mastermind of Five Ransomware Strains

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Farnetwork, a highly skilled threat actor fluent in Russian, has played a key role in five distinct ransomware-as-a-service RaaS programs, assuming diverse roles such as orchestrator and contributor to...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/11/08 7:59 a.m.23 views

Iran-Backed Agrius APT’s Attacks on Israeli Institutions

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary In a series of harmful cyberattacks that occurred from January 2023 to October 2023, the Iranian-backed Advanced Persistent Threat APT group known as Agrius targeted Israels education and technology...

7.1AI score
Exploits0
hivepro
hivepro
added 2023/09/20 9:26 a.m.23 views

Redfly Targets Critical Infrastructure in Asia with ShadowPad Trojan

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Redfly, an espionage group, targeted Asian critical infrastructure, compromising a national grid for six months using ShadowPad. This underscores a rising trend in such attacks, raising global concerns...

7AI score
Exploits0
hivepro
hivepro
added 2023/09/11 7:32 a.m.23 views

Nation-State Actors Infiltrate U.S. by Exploiting Zoho and Fortinet Flaws

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Multiple nation-state entities infiltrated a prominent U.S. aeronautics organization by capitalizing on vulnerabilities within Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus,...

7AI score
Exploits0
hivepro
hivepro
added 2023/06/12 8:8 a.m.23 views

Fortifying Financial Services Cybersecurity with Hive Pro

In this video, Anand Choudha, CEO at Hive Pro, and Jeelan Poola, CPO at Hive Pro, introduce the HivePro Uni5 Threat Exposure Management Platform. HivePro Uni...

7AI score
Exploits0
hivepro
hivepro
added 2023/05/10 5:59 a.m.23 views

A New Akira Ransomware Targets Multiple Industries and Demands Millions in Extortion

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Akira ransomware is a new threat targeting corporate networks and has already attacked several companies in various industries, stealing their data and demanding ransom from $200,000 to millions of...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/04/27 6:21 a.m.23 views

Malevolent EvilExtractor Stealer Attacks Strike Europe and US

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary EvilExtractor is a new type of malware that extracts sensitive data from Windows systems. Its a data theft tool gaining notoriety due to increased attacks in Europe and the US. To receive real-time threa...

6.6AI score
Exploits0
hivepro
hivepro
added 2023/04/25 7:25 a.m.23 views

A New CrossLock Ransomware Threat with Cross-Platform Capabilities and Double Extortion Techniques

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary CrossLock ransomware, implemented in Go programming language, uses double extortion technique to encrypt and exfiltrate data, posing a significant threat to businesses and organizations. To receive...

6.7AI score
Exploits0
hivepro
hivepro
added 2023/04/14 10:51 a.m.23 views

Trigona Ransomware Targets Improperly Managed MS-SQL Servers

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Trigona ransomware is installed on vulnerable MS-SQL servers that are not properly managed, allowing attackers to execute malicious commands and encrypt files without distinguishing file extensions. To...

7.1AI score
Exploits0
hivepro
hivepro
added 2023/04/13 8:19 a.m.23 views

Nation-State Actors MERCURY and Partner DEV-1084 Carry Out Destructive Attack

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary MERCURY, a nation-state actor linked to the Iranian government, worked with another actor, DEV-1084, to carry out a destructive attack. To receive real-time threat advisories, please follow HiveForce Lab...

6.7AI score
Exploits0
Total number of security vulnerabilities1589