Lucene search
K
HiveproMost viewed

1589 matches found

hivepro
hivepro
added 2023/03/07 10:11 a.m.13 views

RedLine Stealer Used in Spear-Phishing Campaign Targeting Hospitality Industry

Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary A spear-phishing campaign targeting the hospitality industry used subject lines and text to trick hotel staff into clicking on malicious links that led to the downloa...

0.8AI score
Exploits0
hivepro
hivepro
added 2023/03/03 12:17 p.m.13 views

CISA Known Exploited Vulnerability Catalog February 2023

For a detailed CISAs KEV Catalog, download the pdf file here Summary For a detailed CISAs KEV Catalog, download the pdf file here The Known Exploited Vulnerability KEV catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. To be included ...

3.6AI score
Exploits0
hivepro
hivepro
added 2023/02/17 12:5 p.m.13 views

ProxyShellMiner Exploits Windows Exchange Server Vulnerabilities for Cryptocurrency Mining

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary ProxyShellMiner exploits Windows Exchange servers vulnerabilities, which are used to gain unauthorized access and compromise an organization, leading to the installation of cryptocurrency miners...

2.8AI score
Exploits0
hivepro
hivepro
added 2023/02/09 12:28 p.m.13 views

Chrome 110 Tackles a Collection of Security Weaknesses

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Google Chrome version 110 is now being rolled out to the stable channels for Windows, Mac, and Linux users. This update includes bug fixes and improvements, specifically addressing security issues...

3AI score
Exploits0
hivepro
hivepro
added 2023/01/24 7:42 a.m.13 views

Tracking the Stealthy Movements of Vidar Info-Stealer Malware

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Vidar is an info-stealer malware that was first spotted in the wild in late 2018. It is considered a distinct fork of the Arkei malware family and has a simple business model where customers pay between...

2.5AI score
Exploits0
hivepro
hivepro
added 2023/01/05 2:4 p.m.13 views

A New Emerging CatB Ransomware Using DLL Hijacking to Evade Detection

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary CatB is a ransomware that uses a technique called DLL hijacking to evade detection. It does this by injecting itself into the Microsoft Distributed Transaction Coordinator MSDTC service, a legitimate...

2.3AI score
Exploits0
hivepro
hivepro
added 2022/12/23 10:22 a.m.13 views

Two Zero-day Supply Chain Attacks Found in the Python Package Index

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A zero-day supply chain attack called "aioconsol" was discovered on December 9, 2022 in a Python package published on the Python Package Index PyPI on December 6, 2022. All three versions of the package...

1.2AI score
Exploits0
hivepro
hivepro
added 2022/12/21 10:8 a.m.13 views

Multiple Old Vulnerabilities actively exploiting in Cisco Products

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Several security old vulnerabilities actively exploiting in Cisco IOS, NX-OS, and HyperFlex software, some of which can be exploited for authentication bypassing to gain full control of the impact...

1.4AI score
Exploits0
hivepro
hivepro
added 2022/12/15 2:5 p.m.13 views

Mallox Ransomware is Ramping up its Operation

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Mallox ransomware strains have been spotted in the wild, indicating that the ransomware is operational, propagating rapidly, and infecting entities. An unknown .NET-based loader distributes these Mallox...

2.7AI score
Exploits0
hivepro
hivepro
added 2022/12/06 9:34 a.m.13 views

Actors, Threats and Vulnerabilities 28 November – 4 December 2022

...

3.8AI score
Exploits0
hivepro
hivepro
added 2022/11/22 12:7 p.m.13 views

Chinese APT Earth Preta runs spearphishing campaigns

Threat Level Actors Report For a detailed threat advisory, download the pdf file here Summary Earth Preta, an APT gang, staged a large-scale cyber espionage campaign in which the malware was transmitted via spear-phishing emails. The actors use various strategies to avoid detection and analysis,...

2.9AI score
Exploits0
hivepro
hivepro
added 2022/11/16 1:15 p.m.13 views

The DTrack Backdoor campaigns aimed European organizations

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary DTrack, a malware developed by the Lazarus group is a flexible backdoor that unloads malware in stages. It is dispersed with filenames that are routinely used in legitimate executables. The backdoor is...

4AI score
Exploits0
hivepro
hivepro
added 2022/11/11 2:14 p.m.13 views

Google addressed several flaws with Chrome 107

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Google Chrome addresses multiple vulnerabilities in its latest stable channel update for Windows, Mac, and Linux.The Use-After-Free UAF issue is responsible for four of the six Chrome...

2AI score
Exploits0
hivepro
hivepro
added 2022/10/19 4:5 a.m.13 views

How Continuous Threat Exposure Management (CTEM) can secure the Healthcare Sector

...

0.7AI score
Exploits0
hivepro
hivepro
added 2022/10/18 5:43 a.m.13 views

Summary of Vulnerabilities & Threats: September 2022

...

1.9AI score
Exploits0
hivepro
hivepro
added 2022/09/19 12:7 p.m.13 views

SparklingGoblin Revamps SideWalk Backdoor for Linux Variant

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary SparklingGoblin aka Earth Baku State-backed Chinese hackers has integrated a Linux variant of the SideWalk backdoor. SparklingGoblin Threat actors typically target East and Southeast Asian countries, wit...

3.2AI score
Exploits0
hivepro
hivepro
added 2022/09/13 6:19 a.m.13 views

Vulnerabilities & Threats that Matter 05 – 11 September

...

1.7AI score
Exploits0
hivepro
hivepro
added 2022/09/05 1:31 p.m.13 views

Vulnerabilities & Threats that Matter 29 August – 04 September

...

2AI score
Exploits0
hivepro
hivepro
added 2022/08/26 1:8 p.m.13 views

Kimsuky targets South Korean entities with phishing campaign

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary As of 2010, Kimsuky has targeted the governments, think tanks, media, and education entities of the United States and South Korea. Early in 2022, a new attack cluster GoldDragon was observed targeting med...

2.4AI score
Exploits0
hivepro
hivepro
added 2022/08/08 7:14 p.m.13 views

Vulnerabilities & Threats that Matter 01 – 07th Aug

Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 461 12 1 60 30 26 For a detailed threat digest, download the pdf file here Summary The first week of August 2022 witnessed the discovery of 461 vulnerabilities out of whic...

2.2AI score
Exploits0
hivepro
hivepro
added 2022/07/13 11:8 a.m.13 views

Several bugs in Node.js lead to Remote Code Execution

Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary Node.js has released several fixes for vulnerabilities in the JavaScript runtime environment, which could lead to arbitrary code execution, HTTP request smuggling, DNS rebinding vulnerability and other b...

1.2AI score
Exploits0
hivepro
hivepro
added 2022/06/22 6:34 a.m.13 views

DriftingCloud exploits zero-day in Sophos firewall

Threat Level Attack Report For a detailed advisory, download the pdf file here Summary The Chinese APT actor DriftingCloud exploits the RCE vulnerability in Sophos firewall to take over the entire network...

2.9AI score
Exploits0
hivepro
hivepro
added 2022/06/16 6:26 a.m.13 views

Security updates for Adobe InDesign June 2022

Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary Adobe has released security updates in Adobe InDesign that addresses critical vulnerabilities at priority 3 as per Adobe. These vulnerabilities could lead to arbitrary code execution on target systems, i...

2.6AI score
Exploits0
hivepro
hivepro
added 2022/06/16 6:15 a.m.13 views

Security updates for Adobe Illustrator June 2022

Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary Adobe has released security updates in Adobe Illustrator that addresses critical vulnerabilities at priority 3 as per Adobe. These vulnerabilities could lead to arbitrary code execution on target systems...

2.7AI score
Exploits0
hivepro
hivepro
added 2022/06/15 1:18 p.m.13 views

Microsoft addresses multiple RCE vulnerabilities in their June 2022 Patch Tuesday

Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary Microsoft June 2022 Patch Tuesday addressed 55 security flaws. One of them is the Follina which has been addressed in another detailed advisory. Three of them have been rated criticalas per Microsoft and...

1.7AI score
Exploits0
hivepro
hivepro
added 2022/06/02 1:36 p.m.13 views

Enemybot malware expands its arsenal by exploiting well-known vulnerabilities

Threat Level Attack Report For a detailed advisory, download the pdf file here Summary EnemyBot, a Mirai-based botnet, is expanding its arsenal by exploiting well-known vulnerabilities in log4j, VMware workspace, Spring Framework, and others. Keksec, also known as Nero and Freakout, is the threat...

3.9AI score
Exploits0
hivepro
hivepro
added 2022/03/18 8:16 a.m.13 views

Multiple Google Chrome Vulnerabilities affects all Platforms

THREAT LEVEL: Green. For a detailed advisory, download the pdf file here. Chrome versions prior to 99.0.4844.74 affects Windows, Mac, and Linux. Vendor has released fixes for ten vulnerabilities that allow an attacker to gain control of a vulnerable system. Nine of the ten Chrome vulnerabilities...

2AI score
Exploits0
hivepro
hivepro
added 2022/02/11 1:50 p.m.13 views

Multiple security vulnerabilities identified in Adobe

THREAT LEVEL: Green. For a detailed advisory, download the pdf file here Adobe addressed 17 security flaws in Premiere Rush, Photoshop, Illustrator, After Effects, and Creative Cloud Desktop. According to Adobe, none of the vulnerabilities have been exploited so far. Successful exploitation of...

7.3AI score
Exploits0
hivepro
hivepro
added 2022/01/20 10:41 a.m.13 views

FIN8 Hacker group using new ‘White Rabbit’ Ransomware against U.S. Banks

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. White Rabbit is a ransomware family that has only recently been discovered. It could be a subsidiary project of the FIN8 hacking gang. A ransomware expert seeking for a sample of the malware made the first public disclosure...

6.7AI score
Exploits0
hivepro
hivepro
added 2026/05/26 10:1 a.m.12 views

CrowdStrike vs Hive Pro: VM Compared

CrowdStrike vs Hive Pro for Vulnerability Management CrowdStrike vs Hive Pro is not a simple feature checklist. It is a decision about how your security team wants to manage exposure: through an endpoint-centered platform that extends into vulnerability assessment, or through a vendor-neutral...

5.9AI score
Exploits0
hivepro
hivepro
added 2026/05/13 4:57 a.m.12 views

DORA Compliance Cybersecurity Guide for Finance

DORA Compliance Cybersecurity: A Practical Guide for Financial Services Teams DORA compliance cybersecurity is now a board-level priority for banks, insurers, investment firms, payment providers, and the ICT providers that support them. The Digital Operational Resilience Act shifts the conversati...

5.9AI score
Exploits0
hivepro
hivepro
added 2024/07/05 11:23 p.m.12 views

Polyfill.io Supply Chain Attack: Widespread Compromise Affects Over 100,000 Websites

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/06/05 1:27 p.m.12 views

Summary of Vulnerabilities, Actors & Attacks: May 2024

Vulnerabilities Exploited| Adversaries in Action| Attacks Executed| Targeted Countries| Targeted Industries| MITRE ATT&CK TTPs ---|---|---|---|---|--- 24| 11| 38| 287| 23| 233 Summary In May, the cybersecurity arena garnered significant attention following the identification of eleven zero-day...

7.4AI score
Exploits0
hivepro
hivepro
added 2024/05/30 10:54 a.m.12 views

JAVS Courtroom Recording Software Hit by Supply Chain Attack

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/05/22 7:0 a.m.12 views

Attacks, Vulnerabilities and Actors 13 to 19 May 2024

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/05/14 10:53 a.m.12 views

FIN7 Group Leverages Sponsored Ads to Disseminate Malicious Payloads

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/05/10 3:24 p.m.12 views

The RokRAT Epidemic in South Korea

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/05/09 12:54 p.m.12 views

HijackLoader Enhances Its Arsenal with New Evasion Techniques

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/05/08 1:57 p.m.12 views

Cuttlefish Malware Silent Stalkers of Router Traffic

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/12 12:29 p.m.12 views

Raspberry Robin Expands Reach via WSF

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/10 1:13 p.m.12 views

Hackers Pocket Payment Data via Magento Exploitation

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/09 5:18 p.m.12 views

Attacks, Vulnerabilities and Actors 1 to 7 April 2024

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/02 12:40 p.m.12 views

Key Terms of Exposure Management: What You Need to Know

Keeping pace with the latest terminology and acronyms in cybersecurity can feel like trying to drink from a firehose. Individuals and organizations often find themselves reaching for a dictionary to decode the alphabet soup of acronyms and terminology that Gartner and similar experts continually...

7.4AI score
Exploits0
hivepro
hivepro
added 2024/03/27 12:11 p.m.12 views

APT29 Targets German Political Parties with New WINELOADER

Summary: APT29, linked to Russias SVR, targeted German political parties in late February 2024 using a new backdoor variant named WINELOADER, signaling a shift in operational focus beyond diplomatic missions. This marks a broader threat to European and Western political entities, driven by the SV...

7.1AI score
Exploits0
hivepro
hivepro
added 2024/03/05 9:15 a.m.12 views

Attacks, Vulnerabilities and Actors 26 February to 3 March 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of eight attacks were executed, twelve vulnerabilities were uncovered, and six active adversaries we...

8.6AI score
Exploits0
hivepro
hivepro
added 2024/03/04 7:33 a.m.12 views

CISA Known Exploited Vulnerability Catalog February 2024

For a detailed CISAs KEV Catalog, download the pdf file here Summary The Known Exploited Vulnerability KEV catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. It is recommended that all organizations review and monitor the KEV catalog,...

7.5AI score
Exploits0
hivepro
hivepro
added 2024/02/20 11:9 a.m.12 views

Novel Smishing Kit Leverages Cloud Platform

Summary: SNS Sender, a malicious Python script that leverages AWS SNS for mass SMS spamming, presents a novel approach to cloud-based attack tools, particularly in the area of smishing. The ARDUINODAS threat actor is linked to the operation that uses this cloud capability to send out a lot of...

6.8AI score
Exploits0
hivepro
hivepro
added 2024/02/02 10:35 a.m.12 views

CISA Known Exploited Vulnerability Catalog January 2024

For a detailed CISAs KEV Catalog, download the pdf file here Summary The Known Exploited Vulnerability KEV catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. It is recommended that all organizations review and monitor the KEV catalog,...

7.5AI score
Exploits0
hivepro
hivepro
added 2024/01/30 1:42 p.m.12 views

Malicious Google Ads Target Chinese Users, Covertly Delivering RATs

Summary: Chinese-speaking users are being targeted in an ongoing malvertising campaign that leverages Google ads. The threat actor employs Google advertiser accounts to create deceptive ads that lure users into downloading Remote Administration Trojans RATs. The malicious ads are designed to mimi...

7.1AI score
Exploits0
hivepro
hivepro
added 2024/01/23 6:56 a.m.12 views

ZLoader’s Resurgence after Two Years in the Shadows

Summary: Zloader is a highly sophisticated Trojan originating from the leaked Zeus source code. Notable for its adaptive nature, the malware continuously evolved through each campaign since its debut in August 2015. After nearly two years of dormancy, Zloader reemerged with new iterations. Threat...

7.2AI score
Exploits0
Total number of security vulnerabilities1589