1589 matches found
Vulnerabilities & Threats that Matter 25 – 31st July
Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 462 7 4 52 22 64 For a detailed threat digest, download the pdf file here Summary The Last week of July 2022 witnessed the discovery of 462 vulnerabilities out of which 7...
KNOTWEED exploits zero-days to target US and Europe
Threat Level Actor Report For a detailed advisory, download the pdf file here Summary KNOTWEED, an Austria-based private-sector offensive actor PSOA, are exploiting 0-day vulnerabilities of Windows and Adobe to perform targeted attacks against European and Central American customers by using thei...
Network Providers and Devices targeted by Chinese state-sponsored actors
Threat Level Attack Report For a detailed advisory, download the pdf file here Summary The National Security Agency NSA, the Cybersecurity and Infrastructure Security Agency CISA, and the Federal Bureau of Investigation FBI have released a joint advisory to make organizations in the...
How to Evolve Your Vulnerability Management to Threat Exposure Management
...
Weekly Threat Digest: 16-22 May 2022
Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 466 6 2 26 10 27 For a detailed threat digest, download the pdf file here Summary The third week of May 2022 witnessed the discovery of 466 vulnerabilities out of which 6...
New Ransomware Group Axxes is on the rise
Threat Level Actor Report For a detailed advisory, download the pdf file here Summary Axxes ransomware is a relatively new ransomware group that appears to be a rebranded version of Midas ransomware. The H Dubai is the latest victim of the threat group, which has previously targeted the United...
Kubernetes Security Scanning: A DevSecOps Guide
A clean container image is not proof of a secure Kubernetes workload. New CVEs, unsafe configurations, and excessive permissions can turn an approved deployment into an active exposure. Contact Hive Pro to review your Kubernetes container security priorities. Kubernetes security scanning is the...
Attacks, Vulnerabilities and Actors 17 to 23 June 2024
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of ten attacks were executed, nine vulnerabilities were uncovered, and three active adversaries were...
Google Fends Off Fourth Zero-Day in May
...
CISA Known Exploited Vulnerability Catalog April 2024
Summary The Known Exploited Vulnerability KEV catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. It is recommended that all organizations review and monitor the KEV catalog, prioritize remediation of listed vulnerabilities, and reduce...
Latrodectus The Silent Assassin Sneaking Past Defenses
...
Notepad++ Plugin Compromised to Inject Malicious Code
...
Hive Pro Announces Launch of Alliance Partner Program in North America for MSPs and VARs
Herndon, VA – 01 April 2024 – Hive Pro, a pioneer vendor in Threat Exposure Management, announced the formal launch of its North America Alliance Partner Program for Managed Service Providers MSP and Value-Added Resellers VARs. This initiative aims to empower Managed Service Providers MSPs and...
Unveiling BunnyLoader 3.0 Enhanced Malware Capabilities
Summary: BunnyLoader 3.0, which has been active since September 2023, is a malicious malware variant known for its enhanced data theft and advanced keylogging capabilities. This modular malware provides attackers with flexibility and presents challenges in terms of detection. Despite its global...
Deceptive Crypto Sites A Breeding Ground for XPhase Clipper
Summary: A global malware campaign is actively targeting cryptocurrency enthusiasts, employing deceptive websites that masquerade as authentic cryptocurrency applications and ultimately leading to the execution of the XPhase Clipper payload. Threat Level - Amber | Attack Report For a detailed...
Unveiling Novel Malware Waves by APT28
Summary: A recent phishing campaign attributed to the Russia-linked APT28 group has been identified targeting Ukrainian government entities and Polish organizations with email messages urging recipients to click on a link to view a document. The goal is to deploy previously undocumented malware,...
Terrapin Attack Downgrading the Fortresses of SSH
Summary: The Terrapin attack, a cryptographic exploit targeting the widely adopted SSH protocol, poses a threat to the security of over 15 million servers dispersed across the Internet. This vulnerability enables attackers to compromise the security of established connections by truncating the...
Attacks, Vulnerabilities and Actors 27 November to 3 December 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of eight attacks were executed, six vulnerabilities were uncovered, and two active adversaries were...
Hive Pro and ICS Arabia announce strategic partnership to enhance the reach of Threat Exposure Management to Smart Cities and Digital Infrastructure
HERNDON, VA., Nov. 28, 2023 - Hive Pro®, a pioneer vendor in Threat Exposure Management, announced a strategic partnership with ICS Arabia, a front-runner in the development of Smart Cities and Digital Infrastructure in the Kingdom of Saudi Arabia and the Middle East. This partnership heralds a...
SeroXen RAT Leverages NuGet Packages
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Several malicious packages have been detected in NuGet, a widely used package manager for the .NET Framework. These packages utilized typosquatting methods to masquerade as legitimate ones and were...
Snatch Ransomware: Evolving Threat and Defense Strategies
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Snatch ransomware is a ransomware-as-a-service RaaS variant that was first discovered in 2018. It is known for its ability to reboot devices into Safe Mode, where many security protections are disabled,...
Attacks, Vulnerabilities and Actors 28 August to 3 September 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of six attacks executed, one vulnerability, and two different adversaries highlights...
Spacecolon Toolset Fuels Surge in Scarab Ransomware Attacks
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary CosmicBeetle, an active cyber threat group, has been utilizing a malicious toolset called Spacecolon in an ongoing campaign. This toolset is used to distribute variants of the Scarab ransomware by...
Attacks, Vulnerabilities and Actors 14 August to 20 August 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of eight executed attacks, one instance of adversary activity, and four zero-day...
Ivanti Addressed A Critical Zero-Day Flaw in EPMM Software
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The vulnerability in Ivanti Endpoint Manager Mobile allows unauthorized remote access to personal information and enables limited server changes, posing significant security risks to affected...
Unveiling New Big Head Ransomware Variants and Their Stealthy Tactics
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The emergence of Big Head ransomware and its variants suggests a shared source, distributed through deceptive Windows update and Word installer disguises. The threat actor engages via email and Telegram,...
PindOS malware deploying Bumblebee and IcedID
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary PindOS, new JavaScript dropper has been spotted in the wild. It is specifically engineered to deliver next-stage payloads and is currently deploying infamous malwares like deploying Bumblebee and IcedID...
Asylum Ambuscade Unmasking the Hybrid Threat Group in Cybersecurity
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Asylum Ambuscade: A cybercrime group active since 2020, targeting banks, cryptocurrency traders, and governments in North America, Europe, Asia, Africa, and South America. Their tactics include spear...
PowerExchange Backdoor and Web Shells Breach at UAE Government Agency
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A high-severity attack targeted a UAE government agency, utilizing a custom PowerShell backdoor named PowerExchange and web shells on Microsoft Exchange servers. To receive real-time threat advisories,...
DarkWatchMan RAT Targets Russians
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary DarkWatchMan is a Remote Access Trojan RAT distributed via a phishing website imitating a renowned Russian website. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn...
Earth Longzhi Unleashes New ‘Stack Rumbling’ Tactic
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary APT41s Earth Longzhi launches a new campaign targeting organizations in Asia Pacific using "stack rumbling" to disable security products and install Behinder web shell. To receive real-time threat...
The Emergence of 1877 Team and Rising Hacktivist Threat
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The 1877 Team is a hacktivist collective founded by a small group of Iraqi Kurds in July 2021. The 1877 Team has claimed responsibility for a range of cyber attacks on national governments, universities,...
ArtemisPro – Datasheet
In this video, Anand Choudha, CEO at Hive Pro, and Jeelan Poola, CPO at Hive Pro, introduce the HivePro Uni5 Threat Exposure Management Platform. HivePro Uni...
A New Rorschach Ransomware Threat Employing Hybrid-Cryptography
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Rorschach is a new and highly effective ransomware that uses a hybrid-cryptography scheme and fast thread scheduling via I/O completion ports. To receive real-time threat advisories, please follow...
Malware Impersonating Websites Spread via Google Ads
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Multiple Malware were found on newly registered websites impersonating various applications, likely originating from malicious Google Search Ads. To receive real-time threat advisories, please...
Linux Variant of Cl0p Ransomware Discovered with Flawed Encryption Algorithm
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new variant of the Cl0p ransomware for Linux has been discovered. The executable file in ELF format has a flawed encryption algorithm, which allows for the decryption of the locked files without...
Information Stealer LummaC2 Targets Browsers and Crypto Wallets
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary LummaC2 Stealer is an information stealer that targets Chromium and Mozilla-based browsers. It is designed to steal sensitive information from a victims machine, including crypto wallets, extensions, and...
Actors, Threats and Vulnerabilities 19 – 25 December 2022
...
Black Basta Ransomware Invades US Firms with Qakbot Malware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary In this latest spear-phishing campaign, the Black Basta ransomware gang employed QakBot malware, aka QBot or Pinkslipbot, to acquire an initial point of entry and migrate laterally through an organizatio...
Earth Longzhi: New subgroup of APT41
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Earth Longzhi is running a spearphishing campaign to infect organizations with a payload such as Cobalt Strike loader, Symatic loader, CroxLoader, BigpipeLoader, OutLoader, and other custom hacking tools...
Privilege Escalation in VMware spring-security
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A vulnerability in VMwares Spring Security affects the mapping of permitted scope in spring-security-oauth2-client, allowing privilege escalation...
Hive Pro bolsters its leadership team, charting a course for global growth.
...
Healthcare industry tore down by Karakurt ransomware group
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The Karakurt ransomware group is a recent addition to the list of cybercriminal gangs, with reports of its first appearance in late 2021. Since June 2022, the recent attacks have had an impact on the US...
Vulnerabilities & Threats that Matter 18 – 24th July
Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 497 11 2 Worldwide 6 33 For a detailed threat digest, download the pdf file here Summary The third week of July 2022 witnessed the discovery of 497 vulnerabilities out of...
CloudMensis Spyware Actively Targets Apple macOS Users
...
Drupal addresses a Guzzle third-party vulnerability
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary The Drupal core project addresses security flaws in a third-party Guzzle library to handle HTTP requests and responses to external services. These may not directly affect Drupal core; however, it can hav...
Lazarus is back, targeting organizations with cryptocurrency thefts via TraderTraitor malware
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here The Federal Bureau of Investigation FBI, the Cybersecurity and Infrastructure Security Agency CISA, and the U.S. Treasury Department Treasury have issued a joint Cybersecurity AdvisoryCSA to make organizations in the blockchai...
Attacks on European Union and Ukrainian government entities carried out by the Armageddon group
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here The Computer Emergency Response Team of Ukraine CERT-UA has issued an alert warning of an ongoing spear-phishing attempt aimed at delivering an email with a malware attachment to Ukrainian government institutions and European...
Hive Pro Named ‘Startup of the Year – Security Software’ in the Globee Awards 18th Annual Cyber Security Global Excellence Awards®
Milpitas, California, March 28 - Hive Pro announced today that The Globee® Awards, organizers of world’s premier business awards programs and business ranking lists, has named Hive Pro a winner in the 18th Annual 2022 Cyber Security Global Excellence Awards®. These prestigious global awards...
WordPress plugins affected by critical vulnerability impacting 84,000 websites
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. WordPress powers over 43.0% of all the websites on the Internet. A Cross-Site Request Forgery vulnerability CVE-2022-0215 was discovered in three plugins of WordPress. This flaw made it possible for an attacker to update...