Lucene search
K
HiveproMost viewed

1589 matches found

hivepro
hivepro
added 2023/02/03 7:58 a.m.23 views

Headcrab malware is targeting Redis servers worldwide to mine Monero

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary HeadCrab is a new and severe malware that is infiltrating and residing on servers worldwide. It is a custom-made Redis-based malware that is undetectable by traditional anti-virus solutions and has...

3.1AI score
Exploits0
hivepro
hivepro
added 2023/01/23 4:1 a.m.23 views

A new EmojiDeploy attack has been found in an Azure service

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The EmojiDeploy attack chain allows a threat actor to run arbitrary code, steal or delete sensitive data, and compromise a targeted application on Azure by exploiting a remote code execution vulnerabilit...

2.4AI score
Exploits0
hivepro
hivepro
added 2022/03/15 8:14 a.m.23 views

Destructive data wipers and worms targeting Ukrainian organizations

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Cybersecurity & Infrastructure Security Agency CISA and the Federal Bureau of Investigation FBI have jointly released an advisory and warned of an ongoing cyber attack using destructive malware targeting organizations in Ukrai...

Exploits0
hivepro
hivepro
added 2022/02/15 7:35 a.m.23 views

Threat Campaign by Molerats uses NimbleMamba Malware to target Middle East

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here An APT group Molerats associated with Gaza has launched a new threat campaign using a malware NimbleMamba aimed at Middle Eastern governments, foreign policy think tanks, and even a state-owned airline. The current attack was...

1AI score
Exploits0
hivepro
hivepro
added 2024/05/03 4:41 a.m.22 views

Goldoon Botnet Exploits Longstanding D-Link Vulnerability

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/03/21 5:54 a.m.22 views

Earth Krahang APT Campaign Targeting Global Governments

Summary: Earth Krahang, an APT campaign since 2022, targets global government entities, employing spear phishing and server exploitation tactics. Operating independently but with potential links to Chinese threat actors, it utilizes malware like Cobalt Strike and XDealer for espionage, urging...

7.4AI score
Exploits0
hivepro
hivepro
added 2024/03/01 6:9 a.m.22 views

SPIKEDWINE Ploy to Infiltrate EU Diplomatic Circles

Summary: The SPIKEDWINE threat actor has been identified orchestrating a sophisticated cyber operation targeting European Union diplomats with a deceptive wine-tasting event. Its primary goal is to disrupt geopolitical relations between India and Europe through the deployment of a modular backdoo...

7.2AI score
Exploits0
hivepro
hivepro
added 2024/01/05 5:34 a.m.22 views

Malware Leveraging Google OAuth for Persistent Account Access

Summary: Information-stealing malware is actively exploiting an undisclosed Google OAuth endpoint called MultiLogin. This technique was initially disclosed by a threat actor named PRISMA on their Telegram channel and has subsequently been integrated into various malware-as-a-service MaaS stealer...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/11/06 7:11 a.m.22 views

MuddyWater Returns with a New Spear-Phishing Campaign

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary MuddyWater, the Iranian nation-state actor, has been identified in a new spearphishing campaign targeting two Israeli entities and deploying a legitimate remote administration tool known as N-able Advanc...

7.3AI score
Exploits0
hivepro
hivepro
added 2023/11/01 7:13 a.m.22 views

Celebrity Vulnerability Report | Navigating Challenges with HivePro Uni5

In this video, Anand Choudha, CEO at Hive Pro, and Jeelan Poola, CPO at Hive Pro, introduce the HivePro Uni5 Threat Exposure Management Platform. HivePro Uni...

7.3AI score
Exploits0
hivepro
hivepro
added 2023/10/09 7:24 a.m.22 views

Cracking ShellTorch Vulnerabilities Exposing TorchServe to RCE

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A trio of security vulnerabilities, dubbed ShellTorch, in the open-source machine-learning model TorchServe, a tool for serving and scaling PyTorch models, could be chained to achieve remote code...

7.7AI score
Exploits0
hivepro
hivepro
added 2023/10/05 7:39 a.m.22 views

EvilProxy Phishing Attack Targets Indeed Job Platform

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new phishing campaign has emerged, specifically targeting high-profile US executives. This campaign takes advantage of open redirects from the jobs platform Indeed and employs EvilProxy to pilfer sessi...

7.1AI score
Exploits0
hivepro
hivepro
added 2023/09/26 6:23 a.m.22 views

Attacks, Vulnerabilities and Actors 18 September to 24 September 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of eight executed attacks, five instance of adversary activity, and eleven vulnerabilities...

7.1AI score
Exploits0
hivepro
hivepro
added 2023/09/18 5:35 a.m.22 views

Storm-0324 Exploits Microsoft Teams Chats Deploying JSSLoader

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Storm-0324 is a financially motivated threat actor with a history of operations dating back to 2016. This actor has a specialization in facilitating ransomware deployments and providing access to...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/07/24 1:36 p.m.22 views

Storm-0558 Chinese Threat Actor Targets Email Accounts

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Storm-0558, a China-based threat actor with espionage objectives, has been targeting email data from approximately 25 organizations using tactics like credential harvesting, OAuth token, and phishing...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/07/20 3:22 p.m.22 views

Hive Pro’s Take on Gartner’s Top Cybersecurity Trends 2023

In this video, Anand Choudha, CEO at Hive Pro, and Jeelan Poola, CPO at Hive Pro, introduce the HivePro Uni5 Threat Exposure Management Platform. HivePro Uni...

7AI score
Exploits0
hivepro
hivepro
added 2023/05/17 6:50 a.m.22 views

Water Orthrus Targets Chinese Users with CopperStealth and CopperPhish

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Water Orthrus has recently launched two new campaigns, CopperStealth and CopperPhish, where CopperStealth employs rootkit techniques, while CopperPhish globally distributes a phishing kit through PPI...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/04/26 5:1 a.m.22 views

Critical PaperCut Security Vulnerabilities Actively Exploited in the Wild

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Attackers are leveraging severe vulnerabilities in PaperCut MF/NG software to install Atera remote management software, posing a significant risk due to proof-of-concept exploits being available...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/04/19 11:34 a.m.22 views

Hive Pro: Threat Exposure Management – Solution Overview

In this video, Anand Choudha, CEO at Hive Pro, and Jeelan Poola, CPO at Hive Pro, introduce the HivePro Uni5 Threat Exposure Management Platform. HivePro Uni...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/04/18 8:57 a.m.22 views

Kadavro Vector Ransomware spread as a fake Tor browser installer

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Kadavro Vector is a NoCry ransomware variant that encrypts files and demands Monero XMR cryptocurrency for decryption. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/04/12 7:37 a.m.22 views

Desert Falcon Strikes with an Upgraded Arsenal

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Desert Falcons, a cyber-espionage group, has been seen deploying upgraded variants of its malware toolset in strikes against Palestine and Middle Eastern entities. To receive real-time threat advisories,...

6.7AI score
Exploits0
hivepro
hivepro
added 2023/03/29 8:44 a.m.22 views

Chinese Cyber Espionage Targets Middle Eastern Telecoms

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Chinese cyber espionage actors, Gallium and APT41, linked to Operation Soft Cell campaign, are targeting Middle Eastern telecommunications sector. To receive real-time threat advisories, please follow...

6.7AI score
Exploits0
hivepro
hivepro
added 2023/03/22 6:43 a.m.22 views

Gozi Malware Spreads through Fake Italian Revenue Agency Email Campaign

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A fake Italian Revenue Agency email campaign tricks victims into downloading a malicious attachment that installs Gozi, a binary that bypasses Italys geofencing and creates a loader process on the victim...

6.7AI score
Exploits0
hivepro
hivepro
added 2023/02/28 10:15 a.m.22 views

AgentTesla Trojan Returns with Phishing Campaigns Using GuLoader to Steal Secrets

Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary The AgentTesla Trojan continues to pose a threat as attackers use GuLoader to deliver it in new phishing campaigns targeting various industries and countries...

2.2AI score
Exploits0
hivepro
hivepro
added 2023/02/03 1:50 p.m.22 views

Cyberattack on Medical and Energy Sector by Lazarus Group

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A cyber-attack conducted by North Korean state-sponsored Lazarus Group targeted public and private sector research organizations, the medical research and energy sector as well as their supply chain for...

1.3AI score
Exploits0
hivepro
hivepro
added 2023/01/26 3:3 a.m.22 views

Brazil’s manufacturing industry under attack by Vice Society ransomware group

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Vice Society ransomware group is a cyber threat group that made headlines in late 2022 and early 2023 for a series of attacks against various targets, including the rapid transit system in San...

0.1AI score
Exploits0
hivepro
hivepro
added 2023/01/26 2:57 a.m.22 views

VMware addresses Security Flaws in vRealize Log Insight

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary VMware has patched four security flaws in vRealize Log Insight aka Aria Operations for Logs that could potentially expose users to remote code execution attacks and allow an unauthenticated attack...

3.1AI score
Exploits0
hivepro
hivepro
added 2023/01/18 12:18 p.m.22 views

NetSupport RAT employs phishing campaigns that incorporate Pokemon lures

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary NetSupport Manager is a remote control tool that can be used by ordinary or corporate users to remotely control systems, but it is being abused by threat actors as it allows external control over specifi...

3.7AI score
Exploits0
hivepro
hivepro
added 2022/01/20 11:3 a.m.22 views

Cisco patched multiple critical vulnerabilities in StarOS Software

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Cisco patched two critical vulnerabilities in Redundancy Configuration Manager for StarOS software. Exploitation of one of the vulnerabilities is not required to exploit the other vulnerability. An attacker could exploit th...

0.8AI score0.11636EPSS
Exploits0
hivepro
hivepro
added 2024/05/23 11:18 a.m.21 views

Breaking Down Andariel APT’s Strike on South Korean Entities

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/05/03 4:37 a.m.21 views

Over 2 Million Malicious Repositories Planted on Docker Hub

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/01 5:55 a.m.21 views

‘Operation FlightNight’ Targeting India with Deceptive Air Force Invitations

Summary: In a campaign dubbed Operation FlightNight, unidentified threat actors have focused on Indian government agencies and energy companies, aiming to deploy a modified variant of an open-source information stealer malware known as HackBrowserData. The threat actors have been observed...

6.9AI score
Exploits0
hivepro
hivepro
added 2024/02/23 6:41 a.m.21 views

Earth Preta’s DOPLUGS Leaves its Mark in Asia

Summary: The Chinese threat actor, Earth Preta, strategically targeted numerous Asian countries by employing a customized version of the PlugX backdoor known as DOPLUGS. This sophisticated threat was allegedly revealed during the SMUGX campaign in July 2023. Threat Level - Red | Attack Report For...

7.2AI score
Exploits0
hivepro
hivepro
added 2024/01/08 6:50 a.m.21 views

Decoding UAC-0050’s Cyber Espionage Playbook

Summary: UAC-0050, a threat actor focused on Ukraine, is using new tactics to spread the Remcos RAT. In their latest move, UAC-0050 shows advanced adaptability by cleverly avoiding detection through a hidden data transfer method and outsmarting EDR systems. Threat Level - Amber | Attack Report Fo...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/12/21 5:44 a.m.21 views

PikaBot Malware Unleashes Threat via Malvertising

Summary: PikaBot, a recently identified malware family, has become a prominent threat in malvertising campaigns, particularly through search engine ads. Associated with the TA577 threat actor and linked to ransomware distribution, PikaBot employs advanced tactics, such as decoy websites and...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/12/18 10:44 a.m.21 views

NKAbuse: A New Multiplatform Threat Exploiting the Blockchain Protocol

Summary: A novel malware called NKAbuse stands out as a new, Go-based, multi-platform threat. What makes this malware distinctive is its pioneering use of the peer-to-peer network connectivity protocol NKN New Kind of Network technology for data exchange. This utilization of NKN technology makes...

7.1AI score
Exploits0
hivepro
hivepro
added 2023/11/10 6:59 a.m.21 views

CVSS 4.0 Decoded: Understanding & Implementing Changes

What is CVSS? The Common Vulnerability Scoring System CVSS is a vendor-agnostic, industry-open standard owned and maintained by The Forum of Incident Response and Security Teams FIRST. CVSS “provides a way to capture the principal characteristics of a vulnerability and produce a numerical score...

7.3AI score
Exploits0
hivepro
hivepro
added 2023/11/08 12:58 p.m.21 views

BlueNoroff Unleashes New macOS Malware ObjCShellz

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new macOS malware variant linked to the financially motivated BlueNoroff APT group, named "ObjCShellz,“ featuring remote shell capabilities and suspicious domain communication. The malware, written in...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/11/01 10:35 a.m.21 views

From Bullets to Bytes The Hamas-Israel Conflict Goes Digital

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary In the midst of the ongoing Israeli-Hamas conflict, a group of pro-Hamas hacktivists has emerged, utilizing a sophisticated Linux-based wiper malware known as BiBi-Linux Wiper. In the broader context of...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/09/05 8:4 a.m.21 views

Summary of Vulnerabilities, Actors & Attacks: August 2023

...

7AI score
Exploits0
hivepro
hivepro
added 2023/08/24 1:18 p.m.21 views

New Wave of Akira Ransomware Expands Arsenal with Cisco VPN Flaws

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Akira ransomware group targets Cisco VPN to breach corporate networks and leverages tools like RustDesk for stealthy access. Avasts decryptor is ineffective against the groups updated ransomware...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/08/08 12:19 p.m.21 views

Hive Pro Achieves ISO/IEC 27001: 2022 Certification

Hive Pro has achieved ISO 27001: 2022 Certification, Demonstrating A Continuous Commitment to Excellence in Information Security August 8th, 2023 - HERNDON, VA: Hive Pro, a pioneer in the Threat Exposure Management market, is thrilled to announce that they have successfully attained ISO 27001:202...

6.5AI score
Exploits0
hivepro
hivepro
added 2023/08/08 7:30 a.m.21 views

Attacks, Vulnerabilities and Actors 31 July to 6 August 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of one executed attack, one instance of adversary activity, and thirteen vulnerabilities,...

7AI score
Exploits0
hivepro
hivepro
added 2023/08/07 4:29 a.m.21 views

New Rilide Stealer Version Evades Chrome Manifest V3 Protections

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new version of the Rilide Stealer malware, evading Chromes security measures to target Chromium-based browsers in campaigns that exploit user trust through fake plugins and games, posing a significant...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/07/07 1:13 p.m.21 views

Surge in 8Base Ransomware Group Activity

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary 8Base Ransomware group define themselves as “honest and simple pentesters”, have spiked their activities recently and was observed to be within the top 2 performing ransom groups. To receive real-time...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/06/26 8:22 a.m.21 views

RedEyes Exploiting Ably Platform Using FadeStealer and Wiretapping Capabilities

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary RedEyes, a state-sponsored APT group, is targeting individuals through spear phishing emails and employing an Infostealer with wiretapping capabilities, utilizing the Ably platform for command and contro...

7AI score
Exploits0
hivepro
hivepro
added 2023/06/23 7:19 a.m.21 views

Flea APT Targets Foreign Ministries with New Backdoor.Graphican

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Flea APT15 targeted foreign ministries with their new backdoor, Backdoor.Graphican, leveraging Microsoft Graph API and OneDrive for C&C communication. To receive real-time threat advisories, please follo...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/04/18 10:20 a.m.21 views

New Zaraza Bot Malware Steals Login Credentials from 38 Web Browsers via Telegram

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new credential-stealing malware named Zaraza bot uses Telegram as its command and control, targeting 38 web browsers and exfiltrating sensitive data for potential identity theft and financial fraud. To...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/04/10 6:11 a.m.21 views

Multiple Command Injection Vulnerabilities Found in Cisco EPNM, ISE, and Prime Infrastructure

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary An attacker with authenticated, local access can exploit these vulnerabilities to escape the restricted shell and gain root privileges on the operating system. To receive real-time threat...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/03/21 10:49 a.m.21 views

New HinataBot Go-Based Botnet with DDoS Capabilities and Mirai Connection

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary HinataBot is a newly discovered Go-based botnet that spreads through old vulnerabilities and weak credentials. It carries out DDoS flooding attacks and has a connection with the Mirai malware family. To...

6.8AI score
Exploits0
Total number of security vulnerabilities1589