Lucene search
K
HiveproMost viewed

1589 matches found

hivepro
hivepro
added 2022/08/02 10:7 a.m.19 views

Vulnerabilities & Threats that Matter 25 – 31st July

Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 462 7 4 52 22 64 For a detailed threat digest, download the pdf file here Summary The Last week of July 2022 witnessed the discovery of 462 vulnerabilities out of which 7...

1.3AI score
Exploits0
hivepro
hivepro
added 2022/08/01 2:49 a.m.19 views

KNOTWEED exploits zero-days to target US and Europe

Threat Level Actor Report For a detailed advisory, download the pdf file here Summary KNOTWEED, an Austria-based private-sector offensive actor PSOA, are exploiting 0-day vulnerabilities of Windows and Adobe to perform targeted attacks against European and Central American customers by using thei...

3.7AI score
Exploits0
hivepro
hivepro
added 2022/06/09 4:10 a.m.19 views

Network Providers and Devices targeted by Chinese state-sponsored actors

Threat Level Attack Report For a detailed advisory, download the pdf file here Summary The National Security Agency NSA, the Cybersecurity and Infrastructure Security Agency CISA, and the Federal Bureau of Investigation FBI have released a joint advisory to make organizations in the...

3.8AI score
Exploits0
hivepro
hivepro
added 2022/06/03 6:31 a.m.19 views

How to Evolve Your Vulnerability Management to Threat Exposure Management

...

1.5AI score
Exploits0
hivepro
hivepro
added 2022/05/26 1:22 a.m.19 views

Weekly Threat Digest: 16-22 May 2022

Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 466 6 2 26 10 27 For a detailed threat digest, download the pdf file here Summary The third week of May 2022 witnessed the discovery of 466 vulnerabilities out of which 6...

0.5AI score
Exploits0
hivepro
hivepro
added 2022/05/24 2:41 a.m.19 views

New Ransomware Group Axxes is on the rise

Threat Level Actor Report For a detailed advisory, download the pdf file here Summary Axxes ransomware is a relatively new ransomware group that appears to be a rebranded version of Midas ransomware. The H Dubai is the latest victim of the threat group, which has previously targeted the United...

2.6AI score
Exploits0
hivepro
hivepro
added 2026/05/29 10:20 a.m.18 views

Kubernetes Security Scanning: A DevSecOps Guide

A clean container image is not proof of a secure Kubernetes workload. New CVEs, unsafe configurations, and excessive permissions can turn an approved deployment into an active exposure. Contact Hive Pro to review your Kubernetes container security priorities. Kubernetes security scanning is the...

5.8AI score
Exploits0
hivepro
hivepro
added 2024/06/24 3:34 p.m.18 views

Attacks, Vulnerabilities and Actors 17 to 23 June 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of ten attacks were executed, nine vulnerabilities were uncovered, and three active adversaries were...

8.6CVSS7.4AI score0.99614EPSS
Exploits8
hivepro
hivepro
added 2024/05/27 5:34 p.m.18 views

Google Fends Off Fourth Zero-Day in May

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/05/07 6:42 a.m.18 views

CISA Known Exploited Vulnerability Catalog April 2024

Summary The Known Exploited Vulnerability KEV catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. It is recommended that all organizations review and monitor the KEV catalog, prioritize remediation of listed vulnerabilities, and reduce...

7.5AI score
Exploits0
hivepro
hivepro
added 2024/04/10 1:36 p.m.18 views

Latrodectus The Silent Assassin Sneaking Past Defenses

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/10 1:31 p.m.18 views

Notepad++ Plugin Compromised to Inject Malicious Code

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/01 12:59 p.m.18 views

Hive Pro Announces Launch of Alliance Partner Program in North America for MSPs and VARs

Herndon, VA – 01 April 2024 – Hive Pro, a pioneer vendor in Threat Exposure Management, announced the formal launch of its North America Alliance Partner Program for Managed Service Providers MSP and Value-Added Resellers VARs. This initiative aims to empower Managed Service Providers MSPs and...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/03/22 9:36 a.m.18 views

Unveiling BunnyLoader 3.0 Enhanced Malware Capabilities

Summary: BunnyLoader 3.0, which has been active since September 2023, is a malicious malware variant known for its enhanced data theft and advanced keylogging capabilities. This modular malware provides attackers with flexibility and presents challenges in terms of detection. Despite its global...

7.2AI score
Exploits0
hivepro
hivepro
added 2024/02/08 2:24 p.m.18 views

Deceptive Crypto Sites A Breeding Ground for XPhase Clipper

Summary: A global malware campaign is actively targeting cryptocurrency enthusiasts, employing deceptive websites that masquerade as authentic cryptocurrency applications and ultimately leading to the execution of the XPhase Clipper payload. Threat Level - Amber | Attack Report For a detailed...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/01/04 12:53 p.m.18 views

Unveiling Novel Malware Waves by APT28

Summary: A recent phishing campaign attributed to the Russia-linked APT28 group has been identified targeting Ukrainian government entities and Polish organizations with email messages urging recipients to click on a link to view a document. The goal is to deploy previously undocumented malware,...

7AI score
Exploits0
hivepro
hivepro
added 2023/12/29 11:7 a.m.18 views

Terrapin Attack Downgrading the Fortresses of SSH

Summary: The Terrapin attack, a cryptographic exploit targeting the widely adopted SSH protocol, poses a threat to the security of over 15 million servers dispersed across the Internet. This vulnerability enables attackers to compromise the security of established connections by truncating the...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/12/05 6:32 a.m.18 views

Attacks, Vulnerabilities and Actors 27 November to 3 December 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of eight attacks were executed, six vulnerabilities were uncovered, and two active adversaries were...

7.4AI score
Exploits0
hivepro
hivepro
added 2023/11/28 1:29 p.m.18 views

Hive Pro and ICS Arabia announce strategic partnership to enhance the reach of Threat Exposure Management to Smart Cities and Digital Infrastructure

HERNDON, VA., Nov. 28, 2023 - Hive Pro®, a pioneer vendor in Threat Exposure Management, announced a strategic partnership with ICS Arabia, a front-runner in the development of Smart Cities and Digital Infrastructure in the Kingdom of Saudi Arabia and the Middle East. This partnership heralds a...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/10/16 12:38 p.m.18 views

SeroXen RAT Leverages NuGet Packages

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Several malicious packages have been detected in NuGet, a widely used package manager for the .NET Framework. These packages utilized typosquatting methods to masquerade as legitimate ones and were...

7AI score
Exploits0
hivepro
hivepro
added 2023/09/22 7:40 a.m.18 views

Snatch Ransomware: Evolving Threat and Defense Strategies

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Snatch ransomware is a ransomware-as-a-service RaaS variant that was first discovered in 2018. It is known for its ability to reboot devices into Safe Mode, where many security protections are disabled,...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/09/05 11:4 a.m.18 views

Attacks, Vulnerabilities and Actors 28 August to 3 September 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of six attacks executed, one vulnerability, and two different adversaries highlights...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/08/25 1:49 p.m.18 views

Spacecolon Toolset Fuels Surge in Scarab Ransomware Attacks

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary CosmicBeetle, an active cyber threat group, has been utilizing a malicious toolset called Spacecolon in an ongoing campaign. This toolset is used to distribute variants of the Scarab ransomware by...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/08/22 5:56 a.m.18 views

Attacks, Vulnerabilities and Actors 14 August to 20 August 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of eight executed attacks, one instance of adversary activity, and four zero-day...

7AI score
Exploits0
hivepro
hivepro
added 2023/07/27 5:28 a.m.18 views

Ivanti Addressed A Critical Zero-Day Flaw in EPMM Software

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The vulnerability in Ivanti Endpoint Manager Mobile allows unauthorized remote access to personal information and enables limited server changes, posing significant security risks to affected...

6.6AI score
Exploits0
hivepro
hivepro
added 2023/07/11 7:54 a.m.18 views

Unveiling New Big Head Ransomware Variants and Their Stealthy Tactics

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The emergence of Big Head ransomware and its variants suggests a shared source, distributed through deceptive Windows update and Word installer disguises. The threat actor engages via email and Telegram,...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/06/30 6:15 a.m.18 views

PindOS malware deploying Bumblebee and IcedID

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary PindOS, new JavaScript dropper has been spotted in the wild. It is specifically engineered to deliver next-stage payloads and is currently deploying infamous malwares like deploying Bumblebee and IcedID...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/06/12 6:46 a.m.18 views

Asylum Ambuscade Unmasking the Hybrid Threat Group in Cybersecurity

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Asylum Ambuscade: A cybercrime group active since 2020, targeting banks, cryptocurrency traders, and governments in North America, Europe, Asia, Africa, and South America. Their tactics include spear...

6.6AI score
Exploits0
hivepro
hivepro
added 2023/05/29 6:51 a.m.18 views

PowerExchange Backdoor and Web Shells Breach at UAE Government Agency

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A high-severity attack targeted a UAE government agency, utilizing a custom PowerShell backdoor named PowerExchange and web shells on Microsoft Exchange servers. To receive real-time threat advisories,...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/05/11 10:37 a.m.18 views

DarkWatchMan RAT Targets Russians

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary DarkWatchMan is a Remote Access Trojan RAT distributed via a phishing website imitating a renowned Russian website. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn...

7AI score
Exploits0
hivepro
hivepro
added 2023/05/05 9:47 a.m.18 views

Earth Longzhi Unleashes New ‘Stack Rumbling’ Tactic

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary APT41s Earth Longzhi launches a new campaign targeting organizations in Asia Pacific using "stack rumbling" to disable security products and install Behinder web shell. To receive real-time threat...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/05/05 9:2 a.m.18 views

The Emergence of 1877 Team and Rising Hacktivist Threat

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The 1877 Team is a hacktivist collective founded by a small group of Iraqi Kurds in July 2021. The 1877 Team has claimed responsibility for a range of cyber attacks on national governments, universities,...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/04/19 11:26 a.m.18 views

ArtemisPro – Datasheet

In this video, Anand Choudha, CEO at Hive Pro, and Jeelan Poola, CPO at Hive Pro, introduce the HivePro Uni5 Threat Exposure Management Platform. HivePro Uni...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/04/06 10:11 a.m.19 views

A New Rorschach Ransomware Threat Employing Hybrid-Cryptography

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Rorschach is a new and highly effective ransomware that uses a hybrid-cryptography scheme and fast thread scheduling via I/O completion ports. To receive real-time threat advisories, please follow...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/03/16 10:5 a.m.18 views

Malware Impersonating Websites Spread via Google Ads

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Multiple Malware were found on newly registered websites impersonating various applications, likely originating from malicious Google Search Ads. To receive real-time threat advisories, please...

3.8AI score
Exploits0
hivepro
hivepro
added 2023/02/09 7:3 a.m.18 views

Linux Variant of Cl0p Ransomware Discovered with Flawed Encryption Algorithm

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new variant of the Cl0p ransomware for Linux has been discovered. The executable file in ELF format has a flawed encryption algorithm, which allows for the decryption of the locked files without...

3AI score
Exploits0
hivepro
hivepro
added 2023/01/09 10:24 a.m.18 views

Information Stealer LummaC2 Targets Browsers and Crypto Wallets

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary LummaC2 Stealer is an information stealer that targets Chromium and Mozilla-based browsers. It is designed to steal sensitive information from a victims machine, including crypto wallets, extensions, and...

3.5AI score
Exploits0
hivepro
hivepro
added 2022/12/28 7:44 a.m.18 views

Actors, Threats and Vulnerabilities 19 – 25 December 2022

...

3.9AI score
Exploits0
hivepro
hivepro
added 2022/11/25 12:32 p.m.18 views

Black Basta Ransomware Invades US Firms with Qakbot Malware

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary In this latest spear-phishing campaign, the Black Basta ransomware gang employed QakBot malware, aka QBot or Pinkslipbot, to acquire an initial point of entry and migrate laterally through an organizatio...

3AI score
Exploits0
hivepro
hivepro
added 2022/11/11 2:9 p.m.18 views

Earth Longzhi: New subgroup of APT41

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Earth Longzhi is running a spearphishing campaign to infect organizations with a payload such as Cobalt Strike loader, Symatic loader, CroxLoader, BigpipeLoader, OutLoader, and other custom hacking tools...

0.6AI score
Exploits0
hivepro
hivepro
added 2022/11/02 7:10 a.m.18 views

Privilege Escalation in VMware spring-security

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A vulnerability in VMwares Spring Security affects the mapping of permitted scope in spring-security-oauth2-client, allowing privilege escalation...

3.1AI score
Exploits0
hivepro
hivepro
added 2022/09/08 11:6 a.m.18 views

Hive Pro bolsters its leadership team, charting a course for global growth.

...

1.8AI score
Exploits0
hivepro
hivepro
added 2022/08/26 12:57 p.m.18 views

Healthcare industry tore down by Karakurt ransomware group

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The Karakurt ransomware group is a recent addition to the list of cybercriminal gangs, with reports of its first appearance in late 2021. Since June 2022, the recent attacks have had an impact on the US...

2.1AI score
Exploits0
hivepro
hivepro
added 2022/07/26 5:2 a.m.18 views

Vulnerabilities & Threats that Matter 18 – 24th July

Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 497 11 2 Worldwide 6 33 For a detailed threat digest, download the pdf file here Summary The third week of July 2022 witnessed the discovery of 497 vulnerabilities out of...

1.2AI score
Exploits0
hivepro
hivepro
added 2022/07/21 1:38 p.m.18 views

CloudMensis Spyware Actively Targets Apple macOS Users

...

3.1AI score
Exploits0
hivepro
hivepro
added 2022/06/14 1:48 p.m.18 views

Drupal addresses a Guzzle third-party vulnerability

Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary The Drupal core project addresses security flaws in a third-party Guzzle library to handle HTTP requests and responses to external services. These may not directly affect Drupal core; however, it can hav...

7.7AI score
Exploits0
hivepro
hivepro
added 2022/04/21 12:35 p.m.18 views

Lazarus is back, targeting organizations with cryptocurrency thefts via TraderTraitor malware

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here The Federal Bureau of Investigation FBI, the Cybersecurity and Infrastructure Security Agency CISA, and the U.S. Treasury Department Treasury have issued a joint Cybersecurity AdvisoryCSA to make organizations in the blockchai...

1AI score
Exploits0
hivepro
hivepro
added 2022/04/13 1:14 a.m.18 views

Attacks on European Union and Ukrainian government entities carried out by the Armageddon group

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here The Computer Emergency Response Team of Ukraine CERT-UA has issued an alert warning of an ongoing spear-phishing attempt aimed at delivering an email with a malware attachment to Ukrainian government institutions and European...

0.4AI score
Exploits0
hivepro
hivepro
added 2022/03/28 6:0 a.m.18 views

Hive Pro Named ‘Startup of the Year – Security Software’ in the Globee Awards 18th Annual Cyber Security Global Excellence Awards®

Milpitas, California, March 28 - Hive Pro announced today that The Globee® Awards, organizers of world’s premier business awards programs and business ranking lists, has named Hive Pro a winner in the 18th Annual 2022 Cyber Security Global Excellence Awards®. These prestigious global awards...

0.6AI score
Exploits0
hivepro
hivepro
added 2022/01/17 3:52 p.m.18 views

WordPress plugins affected by critical vulnerability impacting 84,000 websites

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. WordPress powers over 43.0% of all the websites on the Internet. A Cross-Site Request Forgery vulnerability CVE-2022-0215 was discovered in three plugins of WordPress. This flaw made it possible for an attacker to update...

6.8CVSS0.8AI score0.0082EPSS
Exploits2
Total number of security vulnerabilities1589