Lucene search
K
HiveproMost viewed

1589 matches found

hivepro
hivepro
added 2022/06/17 5:21 a.m.17 views

Attackers can bypass authentication in Cisco SMA & ESA

Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary An attacker can login into a web management interface of an affected system to perform bypass authentication remotely...

5.1AI score
Exploits0
hivepro
hivepro
added 2022/04/12 9:45 a.m.17 views

APT 10, a state-sponsored Chinese threat group, conducting a global cyber espionage operation

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here A Chinese state-sponsored advanced persistent threat APT 10 group has been attacking government, legal, religious entities and non-governmental organizations NGOs around the world in what appears to be an espionage campaign th...

1.9AI score
Exploits0
hivepro
hivepro
added 2022/01/28 7:20 a.m.17 views

Apple releases macOS Monterey 12.2 to fix multiple vulnerabilities

...

1.9AI score
Exploits0
hivepro
hivepro
added 2024/05/28 8:36 a.m.16 views

Attacks, Vulnerabilities and Actors 20 to 26 May 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of twelve attacks were executed, four vulnerabilities were uncovered, and three active adversaries...

7.4AI score
Exploits0
hivepro
hivepro
added 2024/05/23 2:0 p.m.16 views

D3Fack Loader: New Malware Exploits Google Ads and EV Certificates

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/05/22 4:29 a.m.16 views

Grandoreiro Trojan: An Evolving Threat to Global Banking

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/05/07 6:42 a.m.16 views

CISA Known Exploited Vulnerability Catalog April 2024

Summary The Known Exploited Vulnerability KEV catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. It is recommended that all organizations review and monitor the KEV catalog, prioritize remediation of listed vulnerabilities, and reduce...

7.5AI score
Exploits0
hivepro
hivepro
added 2024/05/01 5:17 p.m.16 views

The Enigmatic ‘Muddling Meerkat’ Poses a Nation-State DNS Puzzle

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/29 11:11 a.m.16 views

KageNoHitobito and DoNex Ransomware Plaguing Global Entities

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/12 12:32 p.m.16 views

LazyStealer the Unconventional Approach to Cyber Espionage

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/03/14 6:22 p.m.16 views

Malware Concealed Within PDFs for Data Theft

Summary: In a recently observed campaign an infostealer masquerading as the Adobe Reader installer was being distributed. The file is being distributed by the threat actor in PDF format, luring people to download and execute it, collecting sensitive information. Threat Level - Amber | Attack Repo...

7.2AI score
Exploits0
hivepro
hivepro
added 2024/02/29 1:7 p.m.16 views

Uni5 Xposure: The Top 5 Benefits of Integrating With Patch Management Tools

What Does Uni5 Xposure Do? Uni5 Xposure is a comprehensive security solution tailored to conquer the challenges of risk-based vulnerability management and its evolved form, threat exposure management. Through its robust suite of features, Uni5 Xposure offers a dynamic approach to security...

7.5AI score
Exploits0
hivepro
hivepro
added 2024/02/28 1:33 a.m.16 views

LockBit’s Resurgence After Operation Cronos

Summary: LockBit ransomware, previously known as "ABCD," remains a significant threat despite the recent takedown of its operations by global law enforcement. It reemerged within 4 days and its Affiliates were found exploiting vulnerabilities in ScreenConnect to install LockBit ransomware and...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/02/23 6:37 a.m.16 views

VietCredCare Operates As Stealer-as-a-Service, Targeting Meta Sessions

Summary: Since August 2022, a previously unidentified information stealer known as VietCredCare has emerged. This stealer is notable for its capability to automatically sort through credentials specifically for the service it targets. The primary objective of threat actors employing VietCredCare ...

6.9AI score
Exploits0
hivepro
hivepro
added 2024/02/21 2:13 p.m.16 views

North-Korean Cyber-Espionage Operations Grapples Defense Sector

Summary: There is an ongoing cyber-espionage campaign purportedly led by the North Korean threat actors, specifically targeting the global defense industry. The primary objective of these attacks is to acquire data pertaining to advanced military technology, with the intention of assisting North...

7.1AI score
Exploits0
hivepro
hivepro
added 2024/01/30 1:36 p.m.16 views

FAUST: A Phobos Ransomware Variant Launches Fileless Attack

Summary: FAUST ransomware, a variant of the Phobos family, exhibiting intricate deployment stages, from decoding Base64 data to injecting shellcode. Notably, it employs a fileless attack through an Office document with a VBA script, emphasizing the need for user caution with document files from...

7.2AI score
Exploits0
hivepro
hivepro
added 2024/01/09 2:13 p.m.16 views

CISA Known Exploited Vulnerability Catalog December 2023

For a detailed CISAs KEV Catalog, download the pdf file here Summary The Known Exploited Vulnerability KEV catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. It is recommended that all organizations review and monitor the KEV catalog,...

7.5AI score
Exploits0
hivepro
hivepro
added 2023/12/29 3:52 a.m.16 views

UAC-0099 Utilizes WinRAR Exploit to Deploy LONEPAGE Malware

Summary: UAC-0099, a threat actor, has been involved in persistent attacks targeting Ukraine. These attacks leverage a critical vulnerability in WinRAR to deploy a malware strain known as LONEPAGE. Notably, the threat actor focuses on Ukrainian employees working for organizations outside of...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/12/22 5:38 a.m.16 views

Mallox Ransomware A Resurgent Threat Exploiting MS-SQL Flaws

Summary: Mallox is a resilient Ransomware-as-a-Service RaaS threat, utilizing tactics like exploiting MS-SQL vulnerabilities and employing brute force attacks. Operating with a prolonged presence, Malloxs recent variant, "Mallox.Resurrection," exhibits consistent functionalities, emphasizing the...

7.4AI score
Exploits0
hivepro
hivepro
added 2023/10/25 1:25 p.m.16 views

Hackers Infiltrate Russian Government and Industrial Entities

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Numerous governmental and pivotal industrial entities in Russia fell victim to a sophisticated Go-based custom backdoor. This malicious software was specifically crafted for data theft, suggesting its...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/10/20 1:24 p.m.16 views

Prolonged Pursuit of OilRig APT Targeting Middle East Government

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Iran-affiliated threat actor known as OilRig orchestrated a sophisticated eight-month campaign directed at the Middle East government, during which the attackers managed to steal sensitive files and...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/09/21 10:39 a.m.16 views

Earth Lusca’s Sneaky Moves Unleashes New Linux Backdoor

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Earth Lusca, a highly sophisticated Chinese threat actor, is believed to have resumed its operations in the first half of 2023. This cyber espionage group utilizes the SprySOCKS backdoor, primarily...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/09/14 12:58 p.m.16 views

3AM Ransomware: LockBit’s Failed Standoff Revealed

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new ransomware variant, self-dubbed 3AM has arisen as a result of a rogue attack conducted by a ransomware affiliate. Initially, this affiliate attempted to install the LockBit ransomware on a targets...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/09/07 3:31 a.m.16 views

FreeWorld Ransomware Targets MSSQL Servers Facing Siege

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Adversaries are capitalizing on inadequately protected Microsoft SQL MS SQL servers in an operation known as DBJAMMER, deploying both Cobalt Strike and a ransomware strain named FreeWorld, which appears ...

7.3AI score
Exploits0
hivepro
hivepro
added 2023/09/01 11:44 a.m.16 views

CISA Known Exploited Vulnerability Catalog August 2023

For a detailed CISAs KEV Catalog, download the pdf file here Summary The Known Exploited Vulnerability KEV catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. To be included in the catalog, a vulnerability must meet three criteria: hav...

7AI score
Exploits0
hivepro
hivepro
added 2023/08/25 2:15 p.m.16 views

Lazarus Group Uses ManageEngine Exploit to Unlock Path for QuiteRAT

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Lazarus Group, a threat actor associated with North Korea, has been detected utilizing a recently patched critical security vulnerability in Zoho ManageEngine ServiceDesk Plus. This vulnerability was...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/08/14 4:24 a.m.16 views

DroxiDat Targets Southern African Power Utility

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary In a targeted operation, an unidentified actor strategically deployed the advanced DroxiDat proxy-capable backdoor alongside Cobalt Strike beacons. The operation was aimed at a critical power utility...

7AI score
Exploits0
hivepro
hivepro
added 2023/08/10 12:40 p.m.16 views

Reptile Rootkit Targets Linux Systems in South Korea

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Reptile, an open-source Linux rootkit, goes beyond concealment, offering attackers a reverse shell and utilizing Port Knocking for control; observed in attacks including Chinese groups exploiting...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/08/01 4:50 a.m.16 views

Attacks, Vulnerabilities and Actors 24 July to 30 July 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, We identified a total of six executed attacks, one adversary activities, and five zero-day vulnerabilities including...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/07/20 8:40 a.m.16 views

Citrix Netscaler ADC and Gateway Vulnerabilities Exploited in the Wild

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Citrix has released a zero-day critical patch for a remote code execution vulnerability in Netscaler ADC and Netscaler Gateway that has been exploited, along with two other vulnerabilities. Urgent...

8AI score
Exploits0
hivepro
hivepro
added 2023/07/19 9:7 a.m.16 views

Hive Pro Announces Relocation and Expansion of Headquarters to Support Growing Cybersecurity Demand

New Headquarters to Catalyze Innovation and Strengthen Commitment to Customer Success July 19, 2023 - HERNDON, VA: Hive Pro, a pioneer in the Threat Exposure Management market is thrilled to announce its upcoming corporate relocation to a new state-of-the-art headquarters in Herndon, Virginia. Th...

6.7AI score
Exploits0
hivepro
hivepro
added 2023/06/22 7:29 a.m.16 views

Condi Malware Strikes TP-Link Routers for DDoS Rampage

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Condi, a recently discovered malware, utilizes a security vulnerability within TP-Link Archer Wi-Fi routers to ensnare these devices into a botnet specifically designed for launching distributed...

7AI score
Exploits0
hivepro
hivepro
added 2023/06/16 12:54 p.m.16 views

ChamelGang Strikes Again With ChamelDoH Malware XDNS-over-HTTPS

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The Chinese threat group ChamelGang has developed the Linux malware ChamelDoH, which uses DNS-over-HTTPS for encrypted communication with attackers. To receive real-time threat advisories, please follow...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/06/13 9:3 a.m.16 views

Fortinet Releases Patch for Pre-announced Critical Vulnerability

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Fortinet has addressed a critical vulnerability in FortiOS and FortiProxy SSL-VPN, resolving a heap-based buffer overflow pre-authentication flaw. This update is crucial because the vulnerability...

8.1AI score
Exploits0
hivepro
hivepro
added 2023/06/12 7:9 a.m.16 views

Stealth Soldier Strikes North Africa with Espionage Attacks

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Stealth Soldier is a backdoor malware that conducts surveillance and espionage attacks. It targeted North Africa by mimicking Libyan websites to distribute malware. To receive real-time threat advisories...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/05/10 12:3 p.m.16 views

New AndoryuBot Malware Exploits Ruckus Wireless Flaw for DDoS Attacks

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary AndoryuBot targets critical Ruckus Wireless Admin panel vulnerability to infect Wi-Fi access points for use in DDoS attacks, malware supports 12 DDoS attack modes and is marketed through YouTube videos. ...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/05/10 6:7 a.m.16 views

Kimsuky APT Group Employs ReconShark

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Kimsuky, a North Korean APT group, is using a new malware tool called ReconShark to conduct global cyberattacks. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/05/09 7:32 a.m.16 views

Actors, Threats and Vulnerabilities 01 to 07 May 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of eight attacks executed, taking advantage of different vulnerabilities in various...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/05/09 6:5 a.m.16 views

Dragon Breath APT Evolves with Double DLL Sideloading

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Dragon Breath APT targets the gambling industry using the double-clean-app technique & DLL sideloading. Chinese-speaking Windows users are being targeted. To receive real-time threat advisories, please...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/05/04 7:50 a.m.16 views

CISA Known Exploited Vulnerability Catalog April 2023

For a detailed CISAs KEV Catalog, download the pdf file here Summary The Known Exploited Vulnerability KEV catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. To be included in the catalog, a vulnerability must meet three criteria: hav...

7AI score
Exploits0
hivepro
hivepro
added 2023/04/28 7:4 a.m.16 views

North Korean-Backed Group’s Sparks X_Trader Supply Chain Attack

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The XTrader software supply chain attack affected at least a number of critical infrastructure entities in the United States and Europe. To receive real-time threat advisories, please follow HiveForce La...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/04/19 12:4 p.m.16 views

New Wave of QBot Attacks Detected via Malicious PDF Attachments

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new wave of QBot banking Trojan attacks was identified in April 2023, utilizing malicious PDF attachments in emails written in various languages. To receive real-time threat advisories, please follow...

6.7AI score
Exploits0
hivepro
hivepro
added 2023/04/03 6:42 a.m.16 views

CISA Known Exploited Vulnerability Catalog March 2023

For a detailed CISAs KEV Catalog, download the pdf file here Summary For a detailed CISAs KEV Catalog, download the pdf file here The Known Exploited Vulnerability KEV catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. To be included ...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/03/14 11:12 a.m.16 views

BlackLotus UEFI Bootkit Exploits Windows 11 vulnerability

Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary BlackLotus is a UEFI bootkit that can exploit a vulnerability in Windows 11 systems and is advertised and sold on underground forums for $5,000...

1.4AI score
Exploits0
hivepro
hivepro
added 2023/03/10 12:29 p.m.16 views

8220 Gang leverages ScrubCrypt in Cryptojacking Attacks

Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary The 8220 Gang leverages ScrubCrypt for crypto-jacking, which is available on HackForums for $40 per month or up to $200 for a lifetime...

1.4AI score
Exploits0
hivepro
hivepro
added 2023/03/06 9:23 a.m.16 views

Unveiling the Malicious Tactics of LokiBot Malware

Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary LokiBot is a constantly evolving information-stealing malware that creates a backdoor on infected machines to collect sensitive data, and it uses ISO files and API...

2AI score
Exploits0
hivepro
hivepro
added 2023/03/01 6:7 a.m.16 views

Malicious DPRK Actors Target the Healthcare Industry in the US & South Korea

Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary State-sponsored malicious actors from the Democratic Peoples Republic of Korea DPRK have carried out a ransomware attack against the healthcare systems of South Korea...

3.2AI score
Exploits0
hivepro
hivepro
added 2023/02/21 10:28 a.m.16 views

A New Info-Stealing Malware Named “Stealc” Targeting Cryptocurrency Wallets

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new information-stealing malware called Stealc was discovered in January 2023. This malware is designed to steal sensitive information from various sources including web browsers, desktop cryptocurrenc...

2.3AI score
Exploits0
hivepro
hivepro
added 2023/02/20 5:45 a.m.16 views

ProxyShellMiner Exploits Windows Exchange Server Vulnerabilities for Cryptocurrency Mining

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary ProxyShellMiner exploits Windows Exchange servers vulnerabilities, which are used to gain unauthorized access and compromise an organization, leading to the installation of cryptocurrency miners...

2.8AI score
Exploits0
hivepro
hivepro
added 2023/02/17 9:51 a.m.16 views

New Ransomware Campaign “TZW” Linked to GlobeImposter Targets South Korean Organizations

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new ransomware campaign called TZW is affecting organizations in South Korea. The campaign is linked to the known malware family GlobeImposter, suggesting that the actors behind GlobeImposter are...

1.8AI score
Exploits0
Total number of security vulnerabilities1589