Lucene search
K
HiveproMost viewed

1589 matches found

hivepro
hivepro
added 2024/04/05 12:47 p.m.14 views

CISA Known Exploited Vulnerability Catalog March 2024

Summary The Known Exploited Vulnerability KEV catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. It is recommended that all organizations review and monitor the KEV catalog, prioritize remediation of listed vulnerabilities, and reduce...

7.5AI score
Exploits0
hivepro
hivepro
added 2024/04/04 5:43 p.m.14 views

CISA Known Exploited Vulnerability Catalog March 2024

For a detailed CISAs KEV Catalog, download the pdf file here Summary The Known Exploited Vulnerability KEV catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. It is recommended that all organizations review and monitor the KEV catalog,...

7.5AI score
Exploits0
hivepro
hivepro
added 2024/03/29 8:25 a.m.14 views

Agenda Ransomware Targets VMWare vCenter & ESXi Servers Globally

Summary: Agenda ransomware, also known as Qilin, active since 2022, targets global victims across industries. Their latest tactic leverages a custom script to infect VMWare environments, potentially crippling virtual machines and causing data loss. Organizations should be aware of this threat and...

7.1AI score
Exploits0
hivepro
hivepro
added 2024/02/28 6:59 a.m.14 views

Abyss Locker’s Substantial Threat Explored

Summary: Abyss Locker ransomware surfaced in July 2023, deriving from the HelloKitty ransomware source code, indicating a lineage predating its official release. Similar to other ransomware variants, Abyss Locker infiltrates corporate networks, exfiltrates data for extortion, and encrypts devices...

7.1AI score
Exploits0
hivepro
hivepro
added 2024/02/26 1:2 p.m.14 views

Migo Targets Redis Servers for Cryptojacking Attacks

Summary: A new campaign has been uncovered that mines cryptocurrencies on Redis servers running Linux hosts by means of a malicious programme known as "Migo." Migo is distributed as a Golang ELF binary that can persist on Linux hosts and is obfuscated at compile time. The malware uses a variety o...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/02/15 1:21 p.m.14 views

Rhysida Ransomware’s Decryptor is Now in Action

Summary: The Rhysida ransomware-as-a-service RaaS group poses a significant global threat, targeting diverse sectors. Recently, an implementation vulnerability in the source code of the Rhysida ransomware has been discovered. By exploiting this vulnerability to reconstruct encryption keys, it...

7.2AI score
Exploits0
hivepro
hivepro
added 2024/02/09 10:48 a.m.14 views

Volt Typhoon: A Cyber Threat to U.S. Critical Infrastructure

Summary: State-sponsored cyber actors from the People’s Republic of China, known as Volt Typhoon, are actively targeting critical infrastructure in the United States, employing sophisticated tactics like pre-compromise reconnaissance and living off-the-land techniques. Threat Level - Red | Attack...

7.2AI score
Exploits0
hivepro
hivepro
added 2024/01/22 9:38 a.m.14 views

COLDRIVER Expands Beyond Phishing, Incorporating Custom SPICA Backdoor

Summary: The threat actor associated with Russia, known as COLDRIVER or Star Blizard, has expanded its tactics from mere credential harvesting. The group has initiated campaigns where PDFs are employed as lure documents to distribute malware. Notably, COLDRIVER has introduced its first custom...

7.2AI score
Exploits0
hivepro
hivepro
added 2024/01/05 8:19 a.m.14 views

Surging JavaScript Threats Steal Your Secrets

Summary: The threat actors utilize malicious JavaScript samples, taking advantage of popular survey sites, low-quality hosting, and web chat APIs to steal sensitive information. They create chatbots registered under notable figures, like an Australian footballer, in specific campaigns...

7.3AI score
Exploits0
hivepro
hivepro
added 2023/12/28 2:17 p.m.14 views

Operation RusticWeb: Coordinated Strikes on Indian Government

Summary: Since October 2023, an orchestrated phishing campaign named Operation RusticWeb has been systematically targeting the Indian government and defense sector, deploying Rust-based malware for sophisticated intelligence gathering. Threat Level - Amber | Attack Report For a detailed threat...

7.3AI score
Exploits0
hivepro
hivepro
added 2023/12/18 6:18 a.m.14 views

Unveiling GambleForce: A SQL Injection Gang

Summary: A recently identified threat actor, GambleForce, has been linked to a series of SQL injection attacks targeting companies primarily in the Asia-Pacific region. GambleForce employs a combination of basic yet highly effective techniques, including SQL injections and exploiting...

8.3AI score
Exploits0
hivepro
hivepro
added 2023/11/27 4:30 a.m.14 views

Dissemination of the Konni Campaign Through Malicious Documents

Summary: The Konni campaign has resurfaced in a new phishing attack employing a Russian-language Microsoft Word document to distribute malware. The malicious software aims to harvest sensitive information from compromised Windows hosts. Threat Level - Red | Attack Report For a detailed threat...

6.7AI score
Exploits0
hivepro
hivepro
added 2023/11/23 6:35 a.m.14 views

The Lethal Advancement of DarkGate Malware-as-a-Service

Summary: DarkGate, a formidable Remote Access Trojan RAT, functions as a Malware-as-a-Service MaaS and is masterminded by the elusive RastaFarEye within the underground cybercrime landscape. The latest iteration, DarkGate 5.0.19, advances upon its predecessors with sophisticated evasion technique...

7.4AI score
Exploits0
hivepro
hivepro
added 2023/11/23 4:57 a.m.14 views

Mustang Panda Targets Philippines Government Using Legitimate Software

Summary: Mustang Panda, a threat actor associated with China, has been implicated in a cyber attack targeting a government entity in the Philippines. The attackers employed a strategy of using legitimate software, such as Solid PDF Creator and SmadavProtect an antivirus solution based in Indonesi...

7.3AI score
Exploits0
hivepro
hivepro
added 2023/11/03 5:12 a.m.14 views

Summary of Vulnerabilities, Actors & Attacks: October 2023

...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/10/14 1:4 p.m.14 views

Revealing DarkGate’s Incursion Across Continents

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A potential threat actor has been using compromised Skype and Microsoft Teams accounts to distribute DarkGate, a problematic loader campaign primarily targeting the Americas region. To receive real-time...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/10/13 5:9 p.m.14 views

Hive Pro Unveils Revolutionary Platform Uni5 Xposure, Elevating the Potential of Threat Exposure Management

HERNDON, VA., Oct. 10, 2023 - Hive Pro®, a pioneer vendor in Threat Exposure Management today announced the highly-anticipated release of their new platform Uni5 Xposure, which debuts live at the GITEX GLOBAL trade show in Dubai, UAE and at Triangle InfoSec Conference in North Carolina, USA. Uni5...

6.3AI score
Exploits0
hivepro
hivepro
added 2023/09/08 1:37 p.m.14 views

Chinese ‘Smishing Triad’ Group Targeting US Citizens

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Smishing Triad is a Chinese-speaking cyber-criminal group that has been conducting a large-scale smishing campaign targeting US citizens and other countries. Smishing is a form of phishing that uses text...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/09/07 2:8 p.m.14 views

Hive Pro Recognized in 2023 Gartner® Hype Cycle™ for Security Operations & Market Guide™ for Vulnerability Assessment

HERNDON, Va., Sept. 7, 2023 - Hive Pro®, a pioneer vendor of Threat Exposure Management is now featured in two prominent Gartner publications that spotlight industry leaders and innovators: The Market Guide™ for Vulnerability Assessment 2023 and The Hype Cycle for Security Operations 2023. As cyb...

7AI score
Exploits0
hivepro
hivepro
added 2023/08/07 8:5 a.m.14 views

2022 Most Consistently Exploited Vulnerabilities

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary This advisory presents comprehensive information regarding the CVEs consistently and frequently targeted by malicious cyber adversaries throughout the year 2022 across multiple vendors, encompassi...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/05/25 9:13 a.m.14 views

A Zero-Day Vulnerability Found in Barracuda Email Security Gateway

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Zero-day Vulnerability Exploited in Barracuda Email Security Gateway Appliances, Promptly Patched, and a Subset of Customers Notified; Other Barracuda Products are Unaffected. To receive real-time...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/05/23 6:56 a.m.14 views

Actors, Threats and Vulnerabilities 15 to 21 May 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made significant discoveries in the field of cybersecurity threats. In the past week, they uncovered a total of eight attacks that were executed, taking advantage of five different vulnerabilities across...

7AI score
Exploits0
hivepro
hivepro
added 2023/05/11 1:23 p.m.14 views

New DownEx Malware Campaign Targets Foreign Government Institutions in Central Asia

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The DownEx malware was discovered in a cyberattack on government institutions in Kazakhstan and Afghanistan in 2022, likely with state sponsorship. The attackers used spear-phishing emails to infiltrate...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/05/11 12:48 p.m.14 views

Uncovering the Latest Tactics of the SideWinder APT

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary SideWinder APT group uses advanced tactics like spear-phishing, DLL side-loading & more. A new server-side polymorphism technique, highlighting the need for multi-layered security measures. To receive...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/05/02 7:9 a.m.14 views

New Version of ViperSoftX Malware Targets Password Managers and Cryptocurrency Wallets

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary ViperSoftX is an information-stealing malware primarily targeting cryptocurrencies, using sophisticated encryption techniques and monthly changes in command-and-control servers to evade detection. To...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/04/14 11:43 a.m.14 views

Malware Attack Targets Windows Users with Spoofed Energoatom Document

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The malware comes in the form of a spoofed document from Energoatom and is believed to be part of a larger campaign against Ukraines energy sector, which has been under constant cyberattacks since the...

6.7AI score
Exploits0
hivepro
hivepro
added 2023/04/05 6:34 a.m.14 views

A Modular AlienFox Toolkit Used in Cloud-Based Email and Web Hosting Service Attacks

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary AlienFox is a toolkit used by attackers to target email and web hosting services, particularly cloud-based and software-as-a-service SaaS email hosting services. To receive real-time threat advisories,...

6.7AI score
Exploits0
hivepro
hivepro
added 2023/03/23 7:33 a.m.14 views

ShellBot Malware Targets Mismanaged Linux Servers

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary ShellBot malware infects mismanaged Linux SSH servers and uses IRC protocol for C&C. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn...

6.7AI score
Exploits0
hivepro
hivepro
added 2023/03/15 1:28 p.m.14 views

Microsoft fixed 83 vulnerabilities including two zero-day vulnerabilities

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Microsoft has released its March 2023 Patch Tuesday update, addressing a total of 83 vulnerabilities, including 9 critical, 70 important, 1 moderate, and 3 other vulnerabilities...

3AI score
Exploits0
hivepro
hivepro
added 2023/03/15 12:45 p.m.14 views

Tick Launches Attack on East Asian Data-Loss Prevention Software Company

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Tick, an APT group, attacked an East Asian data-loss prevention software company, compromising update servers and distributing malware, using trojanized installers, to access computers of government and...

4.1AI score
Exploits0
hivepro
hivepro
added 2023/03/10 10:0 a.m.14 views

New BlackSnake Ransomware Performs Clipper Operations on Cryptocurrency Users

Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary BlackSnake ransomware has been discovered with clipper functionality that intercepts and replaces the cryptocurrency wallet addresses of victims with those of attacke...

3AI score
Exploits0
hivepro
hivepro
added 2023/03/03 11:17 a.m.14 views

Royal Ransomware Targets Organizations with Custom Encryption and Double Extortion Tactics

Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary Since September 2022, threat actors have been attacking both US and international organizations using a version of ransomware called Royal. This ransomware is unique...

2.4AI score
Exploits0
hivepro
hivepro
added 2023/02/14 9:4 a.m.14 views

Russian Hacker Group Disrupts Relief Efforts for Turkey-Syria Earthquake with DDoS Attacks

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Killnet, a Russian hacker group, disrupted relief efforts for the Turkey-Syria earthquake by carrying out DDoS attacks, taking down the websites of NATO Special Operations Headquarters and Strategic...

2.6AI score
Exploits0
hivepro
hivepro
added 2023/02/09 8:9 a.m.14 views

Trigona Ransomware’s Rampant Threat to Businesses

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Trigona has gained momentum lately due to its utilization of the double-extortion technique of encrypting crucial assets within an organization, including endpoints and infrastructure, and demanding...

1.7AI score
Exploits0
hivepro
hivepro
added 2023/02/03 1:33 p.m.14 views

MalVirt: .NET Malware Loaders Spread through Malvertising Attacks

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary MalVirt is a cluster of virtualized .NET malware loaders are distributed through malvertising attacks that use obfuscated virtualization and the Windows Process Explorer driver to evade anti-analysis and...

3.4AI score
Exploits0
hivepro
hivepro
added 2023/01/09 1:37 p.m.14 views

Actors, Threats and Vulnerabilities 2 January 2023 – 8 January 2023

...

3.3AI score
Exploits0
hivepro
hivepro
added 2023/01/04 5:59 p.m.14 views

Summary of Vulnerabilities & Threats: December 2022

...

2.4AI score
Exploits0
hivepro
hivepro
added 2023/01/04 9:26 a.m.14 views

Linux malware leverages plugin exploits to backdoor WordPress sites

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary WordPress sites are being exploited by an unidentified strain of Linux malware that exploits flaws in plugins and compromises the sites by injecting malicious JavaScripts that are run sequentially until...

1AI score
Exploits0
hivepro
hivepro
added 2022/12/29 7:14 a.m.14 views

Bluenoroff Bypasses MoTW to Target Japanese Organizations

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Bluenoroff is known for targeting financial institutions and government organizations and has been active since at least 2014. From September onwards Bluenoroff threat actors added a new feature, that...

2.6AI score
Exploits0
hivepro
hivepro
added 2022/12/21 10:15 a.m.14 views

Outlining a new SiestaGraph backdoor

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Foreign Affairs Office of an Association of Southeast Asian Nations ASEAN member is targeted by multiple threat actors who are coordinating active campaigns via a vulnerable Microsoft Exchange server...

3.9AI score
Exploits0
hivepro
hivepro
added 2022/12/12 7:44 a.m.14 views

Hive Pro includes Breach & Attack Simulation as a feature in its Threat Exposure Management Platform

...

1.3AI score
Exploits0
hivepro
hivepro
added 2022/12/05 1:46 p.m.14 views

Multiple Ransomware groups targets open RDP Ports

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Many ransomware attacks are being launched against exposed Remote Desktop services by Threat Actors. At present, five ransomware families are attacking open RDP ports...

4AI score
Exploits0
hivepro
hivepro
added 2022/11/21 10:10 a.m.14 views

Heimdal addresses multiple vulnerabilities in v7.7.1

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Heimdal has addressed bugs in Heimdal KDC. A remote intruder can use unwrap des3 to induce a buffer overflow in Heimdal GSSAPI, leading to a denial of service or remote code execution on the host...

2.4AI score
Exploits0
hivepro
hivepro
added 2022/11/16 1:8 p.m.14 views

BumbleBee leverages Zerologon to get Domain Controller Access

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Since May 2022, threat actors are leveraging BumbleBee as an initial vector from a Contact Forms campaign. The intrusion started with the delivery of an ISO file that contained an LNK and a DLL. Using...

3AI score
Exploits0
hivepro
hivepro
added 2022/11/15 12:45 p.m.14 views

KmsdBot Cryptominer Targets the Gaming Industry

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary KmsdBot is Golang-based malware that leverages the Secure Shell SSH cryptographic protocol to obtain access to targeted systems to mine cryptocurrencies and carry out distributed denial-of-service DDoS...

1.9AI score
Exploits0
hivepro
hivepro
added 2022/11/11 2:19 p.m.14 views

Citrix Addresses Auth bypass Flaws Affecting ADC and Gateway Products

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Citrix has addressed bugs in Citrix ADC and Citrix Gateway. A remote intruder could exploit either of these flaws to obtain control of a susceptible system. To successfully exploit the vulnerabili...

2.5AI score
Exploits0
hivepro
hivepro
added 2022/10/18 4:7 a.m.14 views

Security flaws in multiple Adobe products

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Adobe has issued security upgrades to address a number of vulnerabilities in its products. An attacker can use some of these flaws to gain control of a vulnerable system...

2.4AI score
Exploits0
hivepro
hivepro
added 2022/10/18 3:50 a.m.14 views

Google releases Chrome 106 to address Vulnerabilities

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Google Chrome addresses multiple vulnerabilities with its latest stable channel update for Windows, Mac, and Linux...

1.8AI score
Exploits0
hivepro
hivepro
added 2022/10/13 12:40 p.m.14 views

VMware could not fix a vulnerability that has been disclosed for eleven months

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary VMware disclosed a vulnerability in November 2021 that has not been fixed as of October 2022. VMware initially patched this vulnerability, but later discovered that it did not fix it. The...

2.6AI score
Exploits0
hivepro
hivepro
added 2022/10/12 1:11 p.m.14 views

POLONIUM employs backdoors to target Israel

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary POLONIUM is a cyber espionage gang that leverages OneDrive and Dropbox cloud services for command and control C&C by employing a custom toolkit that includes seven backdoors and various spying modules to...

3AI score
Exploits0
Total number of security vulnerabilities1589