Lucene search
K
HiveproMost viewed

1589 matches found

hivepro
hivepro
added 2026/05/12 6:39 a.m.11 views

CISO Guide: Building a Business Case for CTEM

Every CISO knows the frustration: you understand the exposure risk facing your organization, you know that a Continuous Threat Exposure Management program would fundamentally change your security posture, and yet, when budget season arrives, CTEM is one of the first line items questioned. Ready t...

5.8AI score
Exploits0
hivepro
hivepro
added 2026/05/11 4:26 a.m.11 views

CTEM Business Case: CISO Guide to ROI

CTEM Business Case: CISO Guide to ROI A strong CTEM business case has to do more than explain why Continuous Threat Exposure Management matters. It has to show how a CTEM program reduces measurable business risk, improves remediation speed, consolidates security spend, and gives the board a clear...

5.8AI score
Exploits0
hivepro
hivepro
added 2026/04/29 11:36 p.m.11 views

Security Tool Consolidation

The average enterprise security team manages 10 to 15 separate security tools. Each one generates its own alerts, requires its own maintenance, and delivers findings in its own format. The result? Fragmented visibility, duplicated costs, and a team that spends more time switching between dashboar...

5.6AI score
Exploits0
hivepro
hivepro
added 2026/04/09 3:40 a.m.11 views

Patch Management: A Complete Guide to Securing Your Organization

Your vulnerability scanners just returned 15,000 findings. Microsoft's Patch Tuesday alone dropped 97 fixes. Linux vendors released another 40. Third-party applications added dozens more. Your security team has exactly the same number of hours in the day as they did last month. This is the realit...

6AI score
Exploits0
hivepro
hivepro
added 2024/06/12 8:57 a.m.11 views

Enabling Proactive Security with Continuous Threat Exposure Management (CTEM) for Managed Service Providers

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/05/22 6:42 a.m.11 views

Critical ‘Linguistic Lumberjack’ Flaw in Fluent Bit Hits Major Cloud Providers

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/05/20 12:51 p.m.11 views

Kimsuky Expands Its Arsenal with New Backdoor

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/05/09 12:58 p.m.11 views

zEus Stealer’s Undercover Operation on YouTube and Minecraft

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/05/03 2:33 p.m.11 views

Cuckoo Malware Operates as Both an Infostealer and Spyware

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/25 2:37 p.m.11 views

Cyber Horizon Annual Threat Report 2023

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/24 2:30 p.m.11 views

Over 300k WordPress Sites Affected by Forminator Plugin Flaws

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/23 1:26 p.m.11 views

Middle East Targeted with CR4T Malware in DuneQuixote Campaign

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/19 2:4 p.m.11 views

FatalRAT’s Calculated Cryptocurrency Carnage

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/17 12:19 p.m.11 views

JSOutProx’s Latest Incarnation Strikes Fear in Financial Circles

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/08 7:51 a.m.11 views

Tracing the Footprints of Agent Tesla’s Conspirators

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/03/23 2:3 a.m.11 views

Unveiling AcidPour Evolution of Destructive Malware Targeting Ukraine

Summary: AcidPour, a variant of the destructive AcidRain wiper malware previously used during the Russia-Ukraine conflict, signals a heightened threat to Ukraines critical infrastructure. By targeting Linux UBI and DM logic, AcidPour poses a significant risk to large storage devices and RAID...

7.2AI score
Exploits0
hivepro
hivepro
added 2024/03/21 7:12 a.m.11 views

Operation PhantomBlu Deploys NetSupport RAT via OLE Template

Summary: Under the guise of Operation PhantomBlu, a new phishing campaign is aimed at American companies with the goal of deploying the remote access trojan NetSupport RAT. By utilising OLE template manipulation, the PhantomBlu operation presents a sophisticated exploitation technique. This...

7.4AI score
Exploits0
hivepro
hivepro
added 2024/03/21 6:35 a.m.11 views

Aiohttp Vulnerability Leveraged by ShadowSyndicate

Summary: The cybercriminal group ShadowSyndicate has been detected scanning for vulnerable servers, aiming to exploit a recently addressed vulnerability in the widely-used Aiohttp library. This exploit, if successful, could lead to unauthorized access to sensitive data on servers globally, posing...

7AI score
Exploits0
hivepro
hivepro
added 2024/03/04 7:44 a.m.11 views

Summary of Vulnerabilities, Actors & Attacks: February 2024

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/02/19 8:8 a.m.11 views

Turla Expands Their Arsenal with Next-Generation Malwares

Summary: In December 2023, a new backdoor dubbed TinyTurla-NG was deployed by the Russia-affiliated threat actor Turla as part of a three-month campaign targeting Polish non-governmental organizations NGOs. The threat actor utilized malicious PowerShell scripts hosted on various websites,...

7.2AI score
Exploits0
hivepro
hivepro
added 2024/01/22 8:15 a.m.11 views

Mint Sandstorm’s Campaign Targets Researchers with Novel Backdoor

Summary: Mint Sandstorm, a threat actor, focuses on high-profile individuals involved in Middle Eastern affairs at universities and research organizations. The group utilizes phishing lures in a campaign to socially engineer targets, enticing them to download malicious files that deploy new...

7.1AI score
Exploits0
hivepro
hivepro
added 2023/11/15 12:46 p.m.11 views

Hackers Employ Updated Ducktail to Target Indian Marketers

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The threat actors linked to the Ducktail stealer malware have been implicated in a new campaign that focused on marketing professionals in India. The primary goal of this campaign was to compromise and...

7.5AI score
Exploits0
hivepro
hivepro
added 2023/10/17 2:9 p.m.11 views

Storm-0978 unleashes PEAPOD to target Women Political Leaders

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Storm-0978, a threat actor group, utilized a new variant of the RomCom backdoor, "ROMCOM 4.0" also referred to as PEAPOD, to target attendees of the Women Political Leaders WPL Summit in Brussels. This...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/10/12 9:44 a.m.11 views

Microsoft’s October 2023 Patch Tuesday Addresses Three Zero-day Vulnerabilities

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary In the October Patch Tuesday release, Microsoft addressed 103 flaws, including three actively exploited zero-day vulnerabilities. These patches cover critical and important vulnerabilities, a...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/09/19 6:56 a.m.11 views

Attacks, Vulnerabilities and Actors 11 September to 17 September 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, a total of eight attacks were executed, along with eleven vulnerabilities discovered, and two different adversaries...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/09/14 5:55 a.m.11 views

Microsoft’s September 2023 Patch Tuesday Addresses Two Zero-day Vulnerabilities

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary In the September Patch Tuesday release, Microsoft addressed a total of 59 CVEs, encompassing five critical vulnerabilities. Within this range of vulnerabilities, the security update covered the...

6.5AI score
Exploits0
hivepro
hivepro
added 2023/09/07 3:23 a.m.11 views

Unveiling The SuperBear RAT campaigns Targeting the Journalists

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A recently discovered remote access trojan RAT named "SuperBear" has come to attention as it is actively utilized by hackers to target journalists that focus on covering geopolitical developments in Asia...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/09/01 9:33 a.m.11 views

Hive Pro Recognized in 2023 Gartner® Hype Cycle™ for Security Operations & Market Guide™ for Vulnerability Assessment

...

7AI score
Exploits0
hivepro
hivepro
added 2023/08/02 6:56 a.m.11 views

CISA Known Exploited Vulnerability Catalog July 2023

For a detailed CISAs KEV Catalog, download the pdf file here Summary The Known Exploited Vulnerability KEV catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. To be included in the catalog, a vulnerability must meet three criteria: hav...

7AI score
Exploits0
hivepro
hivepro
added 2023/07/06 7:25 a.m.11 views

Vulnerability in WordPress Plugin threatens Website takeover

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary WordPress Ultimate Member Plugin, with over 200K installations helps in streamlining user registration and login processes. It has been found vulnerable to unauthenticated privilege escalation,...

7AI score
Exploits0
hivepro
hivepro
added 2023/06/29 6:9 a.m.11 views

JokerSpy macOS Backdoor Attacks Japanese Cryptocurrency Exchange

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary An unknown cryptocurrency exchange in Japan became the target of a precise attack employing an intricate Apple macOS backdoor called JokerSpy. References to JokerSpy can be traced back to as early as Apr...

6.6AI score
Exploits0
hivepro
hivepro
added 2023/06/19 6:36 a.m.11 views

Cybercriminals Exploit Old Telerik Bug for Data Theft

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary APT actors and financially motivated cybercriminals were observed exploiting old Telerik vulnerabilities in an attack targeting a US government agency. To receive real-time threat advisories, please foll...

7AI score
Exploits0
hivepro
hivepro
added 2023/06/06 7:16 a.m.11 views

Actors, Threats and Vulnerabilities 29 May to 4 June 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, three attacks were executed, taking advantage of two different vulnerabilities in various systems, and involving one...

7AI score
Exploits0
hivepro
hivepro
added 2023/06/05 11:3 a.m.11 views

The Exploitation of Critical Zero-Day Vulnerability Found in MOVEit Transfer

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The MOVEit Transfer vulnerability is that it allows for unauthorized access to the database, potential manipulation or deletion of its contents, and exploitation of affected systems. To receive...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/05/17 11:42 a.m.11 views

8220 Gang Exploiting Vulnerabilities in Cloud Environments for Cryptocurrency Mining

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The 8220 Gang is a cyber threat group that targets cloud and container environments, exploiting vulnerabilities in applications like Oracle WebLogic, Apache Log4j, and Atlassian Confluence. To receive...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/05/12 1:16 p.m.11 views

Greatness a Growing Threat to Microsoft 365 Users

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Phishing-as-a-Service PaaS platform named Greatness has experienced a surge in its operations, which target organizations utilizing Microsoft 365 in the United States, United Kingdom, Australia, Sout...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/05/08 10:2 a.m.11 views

Fortinet addresses Vulnerabilities in FortiADC, FortiOS and FortiProxy

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Fortinet has issued security patches for two high-severity vulnerabilities - an OS command vulnerability in FortiADC, and an out-of-bounds write flaw in sslvpnd of FortiOS and FortiProxy. To recei...

7.1AI score
Exploits0
hivepro
hivepro
added 2023/05/05 1:6 p.m.11 views

New Atomic Stealer MacOS malware Steals Browser Cookies and Cryptocurrency Wallets

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Atomic Stealer malware is a full-featured infostealer designed to steal sensitive data from macOS users. The malware can grab account passwords, browser data, session cookies, and crypto-wallets. To...

6.7AI score
Exploits0
hivepro
hivepro
added 2023/04/27 1:19 p.m.11 views

New PingPull Malware Variant Targets Linux Systems

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The PingPull malware variant that targets Linux systems is linked to Alloy Taurus, and it communicates with a domain over HTTPS to receive encrypted commands for executing specific functions. To receive...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/04/12 6:59 a.m.11 views

New Cylance Ransomware Targets Linux and Windows Operating Systems

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Cylance ransomware is a new malware that is capable of adjusting to customized encryption tactics and can accept different command-line parameters. To receive real-time threat advisories, please follow...

6.7AI score
Exploits0
hivepro
hivepro
added 2023/04/10 6:53 a.m.11 views

Money Message Ransomware Strikes with Million-Dollar Demands

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Money Message is a new ransomware group that targets victims all over the world, demanding million-dollar ransoms to avoid data leaks and deliver a decryptor. To receive real-time threat advisories, plea...

6.7AI score
Exploits0
hivepro
hivepro
added 2023/03/13 1:20 p.m.11 views

Actors, Threats and Vulnerabilities 6 March to 12 March 2023

For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here Last week, HiveForce Labs discovered three threat actors. One of them is a Russian group called TA499, which has a history of conducting different cyberattacks such as...

0.9AI score
Exploits0
hivepro
hivepro
added 2023/02/20 12:3 p.m.11 views

Multiple Fortinet products are vulnerable to unauthorized code execution flaws

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Fortinet has released security updates to rectify security weaknesses in its range of products, such as FortiWeb, FortiOS, FortiNAC, FortiProxy, and others. The most significant vulnerability...

1.4AI score
Exploits0
hivepro
hivepro
added 2023/02/13 1:50 p.m.11 views

Russia-linked Nodaria group employs Graphiron information stealer

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A cyber espionage group linked to Russia, known as Nodaria, has been spotted deploying a newly created information-stealing malware named Graphiron in attacks aimed at Ukraine. The malware, coded in Go,...

2.5AI score
Exploits0
hivepro
hivepro
added 2023/01/06 2:25 p.m.11 views

Blind Eagle Hackers resurfaced with a formidable infection chain

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Blind Eagle is a financially motivated threat group that has been targeting individuals in numerous South American countries since at least 2018. A novel infection chain involving a more complex toolkit w...

1.3AI score
Exploits0
hivepro
hivepro
added 2022/12/27 11:14 a.m.11 views

Campaigns Spread InfoStealer Malware Targeting Italy, Germany, and Turkey

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A number of campaigns have been launched that spread InfoStealer malware written in the .NET programming language using phishing emails and Windows Shortcut LNK files and Batch Scripts BAT. Based on the...

2AI score
Exploits0
hivepro
hivepro
added 2022/12/15 11:32 a.m.11 views

The Cloud Atlas Perpetual Threat aims to persuade entities in Russia

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Cloud Atlas is a cyberespionage gang. They have launched repeated, highly focused attacks on critical infrastructure spanning geographical zones and political disputes since their discovery in 2014. As...

2.3AI score
Exploits0
hivepro
hivepro
added 2022/12/08 7:6 a.m.11 views

Buffer Overflow vulnerability in FreeBSD

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A vulnerability in FreeBSD ping has been discovered that could allow remote code execution. A remote host can trigger the memory safety bug, causing the ping program to crash. Ping runs inside a...

1.5AI score
Exploits0
hivepro
hivepro
added 2022/12/01 1:16 p.m.11 views

Chinese cyber espionage hackers target Southeast Asian firms

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary UNC4191, a threat actor with a suspected China affiliation, has been linked to a series of espionage assaults primarily in Southeast Asia that use USB sticks as an initial infection vector. A variety of...

2.4AI score
Exploits0
hivepro
hivepro
added 2022/12/01 1:2 p.m.11 views

How ScarCruft APT group enhances its toolkit with a powerful Dolphin backdoor

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary ScarCurft aka Reaper, APT 37, Ricochet Chollima is North Korean espionage group, active since 2012. ScarCruft has targeted South Korea Newspaper with a watering hole attack in the last year. In this...

0.2AI score
Exploits0
Total number of security vulnerabilities1589