Lucene search
K
HiveproMost viewed

1589 matches found

hivepro
hivepro
added 2022/03/28 6:0 a.m.18 views

Hive Pro Named ‘Startup of the Year – Security Software’ in the Globee Awards 18th Annual Cyber Security Global Excellence Awards®

Milpitas, California, March 28 - Hive Pro announced today that The Globee® Awards, organizers of world’s premier business awards programs and business ranking lists, has named Hive Pro a winner in the 18th Annual 2022 Cyber Security Global Excellence Awards®. These prestigious global awards...

0.6AI score
Exploits0
hivepro
hivepro
added 2022/01/17 3:52 p.m.18 views

WordPress plugins affected by critical vulnerability impacting 84,000 websites

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. WordPress powers over 43.0% of all the websites on the Internet. A Cross-Site Request Forgery vulnerability CVE-2022-0215 was discovered in three plugins of WordPress. This flaw made it possible for an attacker to update...

6.8CVSS0.8AI score0.0082EPSS
Exploits2
hivepro
hivepro
added 2024/05/10 3:24 p.m.17 views

The RokRAT Epidemic in South Korea

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/26 12:18 p.m.17 views

ArcaneDoor a Novel Espionage Campaign Exploits Cisco Zero-Days

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/26 11:58 a.m.17 views

APT28 Exploits Windows Print Spooler Flaw with GooseEgg

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/19 2:19 p.m.17 views

OpenMetadata Flaws Exploited for Cryptojacking on Kubernetes

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/18 5:39 a.m.17 views

LockBit 3.0 Builder Unleashed Custom Ransomware on the Rise

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/18 5:33 a.m.17 views

Vulnerability in PuTTY Client Allows Recovery of Private Key

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/12 12:32 p.m.17 views

LazyStealer the Unconventional Approach to Cyber Espionage

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/12 12:27 p.m.17 views

Critical RCE Flaw Found in Fortinet FortiClientLinux

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/02 8:8 a.m.17 views

XZ Utils Backdoored, A Supply Chain Nightmare

Summary: Multiple Linux distributions face a potential supply chain threat due to the introduction of malicious code into a widely-used library. A backdoor was discovered within the XZ Utils library, inserted roughly a month ago. This compromise allows attackers to manipulate and intercept data...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/03/14 6:32 p.m.17 views

TimbreStealer Focuses On Mexico With Social Engineering

Summary: Since at least November 2023, there has been a persistent phishing spam campaign targeting potential victims in Mexico. The campaign entices users to download TimbreStealer, a new information stealer that has been disguised. This campaign use financial-themed phishing emails to lure...

6.8AI score
Exploits0
hivepro
hivepro
added 2024/03/07 4:34 p.m.17 views

WogRAT Backdoor Poses Risk to Windows and Linux Users

Summary: WogRAT, a backdoor malware targeting both Windows and Linux, spreads through aNotepad, an online notepad service. It disguises itself as system tools to trick users into downloading it, mainly targeting users in Asia. Users are cautioned to download software from official sources and...

7.1AI score
Exploits0
hivepro
hivepro
added 2024/02/29 3:25 p.m.17 views

BlackCat’s Resurgence Despite Law Enforcement Disruptions

Summary: Blackcat, a sophisticated Ransomware-as-a-Service operation, infiltrates networks using advanced social engineering and remote access tools, offering triple extortion tactics and cyber remediation advice for ransom payment, and resurged after a December 2023 disruption, causing widesprea...

7.4AI score
Exploits0
hivepro
hivepro
added 2024/02/01 6:30 a.m.17 views

CherryTree Impostor Dubbed CherryLoader Makes Its Move

Summary: CherryLoader, a new Go-based downloader, has surfaced in cyber attacks, masquerading as the legitimate CherryTree note-taking app. This sophisticated threat infiltrates compromised hosts, delivering malicious payloads such as privilege escalation tools for exploitation and persistent...

7.5AI score
Exploits0
hivepro
hivepro
added 2023/12/21 12:26 p.m.17 views

Novel Go-Based Malware Unleashes Coordinated Strikes on macOS and Windows

Summary: A recently identified threat known as JaskaGO has surfaced as a new cross-platform information stealer malware. This malware is designed to target and compromise systems running both Windows and Apple macOS operating systems. Threat Level - Red | Attack Report For a detailed threat...

6.5AI score
Exploits0
hivepro
hivepro
added 2023/12/19 5:17 a.m.17 views

Gaza Cybergang’s Pierogi++ Upgrade Takes Center Stage

Summary: The Gaza Cybergang, a sophisticated threat actor, has recently intensified its attacks by deploying an advanced version of the Pierogi backdoor malware. This group focuses its cyber operations primarily on Palestinian entities and Israel, with a historical record of targeting entities...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/12/13 1:15 p.m.17 views

Adversaries Leverage Social Media to Disseminate New Python-Based Stealer

Summary: A recently identified malicious campaign involves the use of WinRAR archive files with minimal detection to execute a multi-stage attack. The payload, known as Editbot, is a newly discovered Python-based stealer. Editbot is specifically designed to extract process information and data...

7AI score
Exploits0
hivepro
hivepro
added 2023/11/28 7:21 a.m.17 views

North Korean APT’s Covert Supply-Chain Ambush

Summary: There has been a significant increase in software supply chain attacks orchestrated by North Korean hackers. Notably, the MagicLine4NX and 3CX compromises gained attention, with the Lazarus hacking group employing a sophisticated approach. They leverage a zero-day vulnerability in the...

7.4AI score
Exploits0
hivepro
hivepro
added 2023/11/08 7:27 a.m.17 views

Jupyter Infostealer Returns with New Addition to Its Arsenal

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Jupyter Infostealer is a malware variant initially discovered in late 2020. Since then, it has undergone continued evolution, altering its delivery methods and techniques to avoid detection and establish...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/10/24 2:19 p.m.17 views

Quasar RAT Utilizes DLL Side-Loading to Evade Detection

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Quasar RAT is an open-source remote access trojan that has been used by cybercriminals and threat actors for various malicious purposes. The use of DLL side-loading is a sophisticated technique that allo...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/10/11 12:37 p.m.17 views

Unveiling Lu0Bot Malware A Node.js-Based Threat

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Lu0Bot Malware, a Node.js-based threat, surfaced in February 2021 as a secondary payload in GCleaner attacks. This malware acts as a bot, responding to C2 server commands and transmitting encrypted syste...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/10/09 9:28 a.m.17 views

Unveiling Operation Jacana: Targeting the Guyana Government with DinodasRAT

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A cyber espionage campaign named Operation Jacana was identified in February 2023, targeting a government entity in Guyana. This campaign began with a spear-phishing attack and resulted in the deployment...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/10/03 9:33 a.m.17 views

Summary of Vulnerabilities, Actors & Attacks: September 2023

...

7AI score
Exploits0
hivepro
hivepro
added 2023/09/27 6:6 a.m.17 views

New Variant of RedLine Stealer Uses Batch Script to Evade Detection

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new variant of RedLine Stealer that is being distributed as a batch script file. This new variant of RedLine Stealer is more sophisticated than previous versions and uses a number of techniques to evad...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/09/11 6:8 a.m.17 views

Critical Remote Code Execution Vulnerabilities Discovered in ASUS Routers

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Three critical-severity remote code execution vulnerabilities have been identified in ASUS routers. These vulnerabilities have the potential to allow threat actors to take control of these devices...

8.2AI score
Exploits0
hivepro
hivepro
added 2023/09/08 2:6 p.m.17 views

PCI DSS Compliance with Hive Pro Threat Exposure Management

In this video, Anand Choudha, CEO at Hive Pro, and Jeelan Poola, CPO at Hive Pro, introduce the HivePro Uni5 Threat Exposure Management Platform. HivePro Uni...

7AI score
Exploits0
hivepro
hivepro
added 2023/09/07 3:39 a.m.17 views

New Variant of Chaes Malware ‘Chae$ 4’ Targeting Financial and Logistics Sectors

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new Chaes malware variant, "Chae$ 4," targeting logistics, finance, and prominent platforms has emerged with enhanced capabilities, including Python-based architecture and an expanded range of targeted...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/09/06 8:6 a.m.17 views

MinIO Vulnerabilities Exposed as Hackers Breach Through Storage

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary In a recent malware campaign, threat actors utilized a new IDAT Loader to distribute a range of malicious software, including InfoStealers and RATs, employing evasion methods. This loader is...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/08/11 5:3 a.m.17 views

Knocking the Surface of Rhysida Ransomware

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Rhysida ransomware campaign is rapidly gaining notoriety, driven by a series of successful infiltrations into healthcare institutions. This surge in attacks requires government entities and the targe...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/07/26 12:23 p.m.17 views

Realst Infostealer Hides Behind Phony Blockchain Games

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Multiple counterfeit blockchain games are being exploited to infiltrate both Windows and macOS systems with a sophisticated infostealer developed in Rust, known as realst. This malicious software...

6.6AI score
Exploits0
hivepro
hivepro
added 2023/07/19 6:47 a.m.17 views

Hackers Target WooCommerce Payments Plugin to Hijack Websites

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Cybercriminals are orchestrating a widespread campaign to exploit a pivotal WooCommerce Payments plugin, thereby acquiring the privileges of various users, including those with administrator statu...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/07/10 6:9 a.m.17 views

Charming Kitten’s Latest Malware Arsenal and Targeting Strategies

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Charming Kitten, an adaptable threat actor, has shifted to new malware tactics and targets by employing LNK infection chains and utilizing cloud hosting providers. This evolution in their approach poses ...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/07/06 8:5 a.m.17 views

European Ministries Fall Victim to Chinese Hacker’s SmugX Campaign

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A Chinese nation-state group has been persistently conducting a campaign targeting Foreign Affairs ministries and embassies in Europe. They employ HTML smuggling techniques to distribute a new variant of...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/06/16 7:10 a.m.17 views

Unveiling Cadet Blizzard APT’s Wiper Attacks Targeting Ukraine

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Cadet Blizzard, a Russian GRU-sponsored threat group, conducted major cyber operations using WhisperGate, a customized wiper malware, to demonstrate their destructive capabilities through targeted attack...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/05/24 10:21 a.m.17 views

WINTAPIX Kernel Driver Targeting Middle Eastern Nations

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The WINTAPIX driver, protected by VMProtect, targets Saudi Arabia and other Gulf countries, possibly linked to Iranian threat actors exploiting Exchange servers for malware deployment. To receive real-ti...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/05/12 12:21 p.m.17 views

New Variant of BPFDoor Linux Malware Features Enhanced Encryption and Stealthy Communication

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new variant of the Linux malware BPFDoor has been discovered, featuring more robust encryption and reverse shell communication. It uses the BPF to bypass firewall restrictions, allowing threat actors t...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/05/02 10:1 a.m.17 views

Actors, Threats and Vulnerabilities 24 to 30 April 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, they identified a total of eight attacks that were executed. These attacks were taking advantage of three different...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/04/17 6:19 a.m.17 views

Fortinet Addresses Security Flaws Across Multiple Products

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Fortinet releases security updates for multiple products, including a significant FortiPresence vulnerability patch. To receive real-time threat advisories, please follow HiveForce Labs on LinkedI...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/03/23 7:51 a.m.17 views

Mispadu Targets Latin America with MalSpamming

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Mispadu has been linked to various spam campaigns, and it is capable of stealing both monetary and credential information while acting as a backdoor through keystroke and screenshot capture. To receive...

6.5AI score
Exploits0
hivepro
hivepro
added 2023/03/21 6:58 a.m.17 views

Actors, Threats and Vulnerabilities 13 March to 19 March 2023

For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here Over the past week, Hive Pro detected the presence of five active threat actors. The first of these is Dark Pink APT, a notorious group with a history of engaging in informati...

6.6AI score
Exploits0
hivepro
hivepro
added 2023/03/06 11:37 a.m.17 views

Actors, Threats and Vulnerabilities 27 February to 5 March 2023

For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here HiveForce Labs discovered six actors that have been active in the past week. TA866, APT-C-61, and DEV-0569 are cybercrime groups that focus on Financial gain. The other three...

2.3AI score
Exploits0
hivepro
hivepro
added 2023/02/27 9:26 a.m.17 views

Apple Discovers Three New Vulnerabilities in macOS Ventura 13.2

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Apple has updated its macOS Ventura 13.2 advisories to include three new vulnerabilities. One of them is a race condition affecting the crash reporter component, which can allow an attacker to rea...

2.8AI score
Exploits0
hivepro
hivepro
added 2023/02/24 10:3 a.m.17 views

Exploiting ChatGPT’s Popularity for Malware Distribution

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The attack on ChatGPT involved the exploitation of its widespread usage to distribute malware and carry out various cyber-attacks, including phishing and typosquatting...

3AI score
Exploits0
hivepro
hivepro
added 2023/02/22 7:20 a.m.17 views

Mylobot: A Sophisticated Botnet Malware Targeting Computers Worldwide

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Mylobot is a Windows-targeting malware and was first discovered in 2017. It has not received much attention since then, but it is noteworthy for its ability to transform the infected system into a proxy...

2.4AI score
Exploits0
hivepro
hivepro
added 2023/02/14 1:28 p.m.17 views

Revealing the Tonto Team’s Latest Hacks and Menaces

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The Tonto Team, a Chinese hacking group, has been linked to attacks on various Asian and Eastern European organizations. In June 2022, an advanced persistent threat APT attempted to hack a cybersecurity...

2.7AI score
Exploits0
hivepro
hivepro
added 2023/02/02 5:49 a.m.17 views

Uncovering the Threat of BlueBravo with GraphicalNeutrino and BEATDROP

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary GraphicalNeutrino and BEATDROP are malicious software used by the Russian-linked threat group BlueBravo in targeted cyber attacks, using legitimate Western services for command-and-control communications...

2.5AI score
Exploits0
hivepro
hivepro
added 2023/01/23 3:53 a.m.17 views

Control Web Panel OS Command Injection Exploitation Increases After POC Release

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary On January 3, 2023, a security researcher published a proof-of-concept exploit for a vulnerability in Control Web Panel CWP that allows unauthenticated remote code execution. By January 6, the...

4.9AI score
Exploits0
hivepro
hivepro
added 2023/01/13 6:3 a.m.17 views

NeedleDropper malware leverages a memory corruption flaw in Microsoft to disseminate

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new dropper strain dubbed NeedleDropper is used to distribute multiple malware families. The dropper attempts to obfuscate by dumping numerous useless, invalid files and storing critical data within...

0.8AI score
Exploits0
hivepro
hivepro
added 2022/12/30 1:33 p.m.17 views

Trading platforms are in jeopardy due to ArkeiStealer

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Threat actors are currently disseminating ArkeiStealer via Windows Installer binaries disguised as trading applications. The trading application has been backdoored with the SmokeLoader downloader, which...

4.1AI score
Exploits0
Total number of security vulnerabilities1589