Lucene search
K
HiveproMost viewed

1589 matches found

hivepro
hivepro
added 2022/11/25 12:35 p.m.11 views

A new RansomExx ransomware strain revised in Rust

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary RansomExx is a ransomware variant that operates on a ransomware-as-a-service RaaS model and has been active since it first appeared in 2018 as Defray777. The latest version, dubbed RansomExx2 by threat...

4.2AI score
Exploits0
hivepro
hivepro
added 2022/11/15 12:41 p.m.11 views

FRwL destroys data with Somnia to disrupt operations in Ukraine

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary FRwLFrom Russia with Love group, tracked as UAC-0118 uses a fake website to trick Ukrainian organization employees into downloading the Advanced IP Scanner software. Upon installation, the system is...

3.8AI score
Exploits0
hivepro
hivepro
added 2022/10/26 5:47 a.m.11 views

Vulnerabilities & Threats that Matter 17-23 October 2022

...

1.9AI score
Exploits0
hivepro
hivepro
added 2022/10/12 1:14 p.m.11 views

The surge of cryptojacking campaigns

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Recent cryptojacking campaigns disclosed that intruders exploited DLL Side-Loading issues in Microsoft OneDrive by writing a fake secur32.dll file to establish persistence and operate undetected on...

3.3AI score
Exploits0
hivepro
hivepro
added 2022/09/29 7:15 a.m.11 views

Vulnerabilities & Threats that Matter 19 – 25 September

...

1.7AI score
Exploits0
hivepro
hivepro
added 2022/08/22 5:20 p.m.11 views

Iranian-linked hacker group victimized Israel’s shipping industry

Threat Level Actor Report For a detailed advisory, download the pdf file here Summary Iranian threat group UNC3890 used social engineering lures and a watering hole to jeopardize Israels shipping, government, energy, aviation, and healthcare sectors. This campaign has been running since at least...

1.6AI score
Exploits0
hivepro
hivepro
added 2022/08/17 3:20 a.m.11 views

APT-C-35 infection chain adds novel Windows framework modules

Threat Level Actor Report For a detailed advisory, download the pdf file here Summary APT-C-35 is an advanced persistent threat actor that has been active since 2016. The gang has upgraded its Windows spyware architecture, dubbed YTY, Jaca. They target South Asian government and military...

3.6AI score
Exploits0
hivepro
hivepro
added 2022/08/12 8:59 a.m.11 views

Who is behind the Cisco attack?

Threat Level Attack Report For a detailed advisory, download the pdf file here Summary Cisco has revealed that they have faced a breach carried out by threat actors, the UNC2447, the Lapsus$, and the Yanluowang ransomware gang. They stole around 2.8 GB of data, which included non-disclosure...

3.5AI score
Exploits0
hivepro
hivepro
added 2022/07/20 10:56 a.m.11 views

North Korean hacker group targets victims globally with Holy Ghost ransomware

Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary The H0lyGh0st ransomware group, also tracked as DEV-0530 have been using ransomware payloads to compromise several small to mid-sized organizations across the world...

1.5AI score
Exploits0
hivepro
hivepro
added 2022/07/17 6:46 p.m.11 views

Microsoft uncovers a macOS App Sandbox escape vulnerability

Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary Microsoft has recently discovered a vulnerability in macOS that allows third parties to bypass sandbox restrictions and execute malicious commands...

4AI score
Exploits0
hivepro
hivepro
added 2022/04/20 6:6 a.m.11 views

OldGremlin, a threat actor targeting Russian organizations with phishing emails since 2020

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here After almost a year, OldGremlin made a comeback in March 2022 by resuming their malicious email campaigns against two Russian organizations. Over the last two years, OldGremlin has carried out 13 malicious email campaigns...

7.1AI score
Exploits0
hivepro
hivepro
added 2022/03/31 4:11 a.m.11 views

New PlugX variant “Talisman” used by famous Chinese APT

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here PlugX is a well-known malware family with samples dating back to as early as 2008. A Chinese state-backed threat actor, RedFoxtrot group, is discovered to use a new variant of the PlugX malware, Talisman. The threat actor grou...

1AI score
Exploits0
hivepro
hivepro
added 2022/03/04 7:48 a.m.11 views

Unpromising Vulnerability Prioritization with Common Vulnerability Scoring System (CVSS)

...

2.3AI score
Exploits0
hivepro
hivepro
added 2022/02/22 12:27 p.m.11 views

Weekly Threat Digest: 14-20 February 2022

...

1.6AI score
Exploits0
hivepro
hivepro
added 2022/02/03 11:41 a.m.11 views

Critical Samba vulnerability allows remote code execution as root

...

4.1AI score
Exploits0
hivepro
hivepro
added 2021/10/31 12:7 p.m.11 views

Adobe Illustrator 2021 has several critical Vulnerabilities

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Adobe Illustrator 2021 has an update that addresses several important vulnerabilities that might result in memory leaks, arbitrary code execution, and application denial of service. Vulnerability Details Patch Link Referenc...

2AI score
Exploits0
hivepro
hivepro
added 2026/05/27 10:3 a.m.10 views

Identity Exposure Management: Why It Matters

Millions of corporate credentials leak onto the public internet every single week. These exposed credentials act as open doors for threat actors looking to breach hybrid networks. When security teams rely only on legacy tools, they remain blind to these silent entry points. Book a HivePro demo to...

5.9AI score
Exploits0
hivepro
hivepro
added 2026/05/25 10:25 a.m.10 views

NIST Cybersecurity Framework and CTEM Alignment

The NIST Cybersecurity Framework gives security leaders a common language for managing cyber risk, but it does not tell teams which exposed asset to fix first on Monday morning. Continuous Threat Exposure Management fills that execution gap. When the NIST cybersecurity framework and CTEM are...

5.9AI score
Exploits0
hivepro
hivepro
added 2025/12/16 2:0 p.m.10 views

IE Mode: A Window to the Web – or to Attackers?

Running short on time but still want to stay in the know? Well, we’ve got you covered! We’ve condensed all the key takeaways into a handy audio summary. Our AI-driven podcasts are fit for on the go. Recently, Internet Explorer IE Mode has been weaponized by threat actors through multiple zero-day...

7.5CVSS8AI score0.84345EPSS
Exploits7
hivepro
hivepro
added 2025/11/21 5:42 p.m.10 views

7 Best Vulnerability Management Tools Compared

Let's be direct: if your team is drowning in a sea of CVEs and struggling to decide what to patch first, you're not alone. The sheer volume of vulnerabilities can feel overwhelming, leaving even the most skilled security teams stuck in a reactive cycle of chasing alerts. This is where modern...

6.3AI score
Exploits0
hivepro
hivepro
added 2025/10/17 7:59 p.m.10 views

5 Types of Cybersecurity Assessment Tools Compared

Your organization’s assets are everywhere: on-premise servers, multi-cloud environments, remote endpoints, and countless applications. Trying to secure this sprawling digital footprint with siloed tools gives you a fragmented, incomplete picture of your risk. You might have one tool for cloud...

6.8AI score
Exploits0
hivepro
hivepro
added 2025/05/08 3:41 p.m.10 views

One Click Could Cost You Everything – Even Your Smartest Employee Might Be the Biggest Security Risk!

Running short on time but still want to stay in the know? Well, we’ve got you covered! We’ve condensed all the key takeaways into a handy audio summary. Our AI-driven podcasts are fit for on the go. Click right here to hear it all on CAASM & CDMB Inefficiencies! Introduction: The Persistent Threa...

7.6AI score
Exploits0
hivepro
hivepro
added 2024/07/30 7:0 a.m.10 views

A Scenario: Protecting a Financial Institution from External Threats With EASM

Background Carman Bank, a mid-sized financial institution, has experienced rapid growth over the past five years. As part of its expansion, the bank has significantly increased its digital presence by launching new online banking services, mobile applications, and integrating various third-party...

7.4AI score
Exploits0
hivepro
hivepro
added 2024/07/15 10:52 p.m.10 views

Attacks, Vulnerabilities and Actors 08 to 14 July 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of five attacks were executed, nine vulnerabilities were uncovered, and two active adversaries were...

7.1AI score
Exploits0
hivepro
hivepro
added 2024/07/09 8:16 p.m.10 views

Attackers Impersonating Israeli Ministry with Blended Tools

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/07/02 3:25 a.m.10 views

Summary of Vulnerabilities, Actors & Attacks: June 2024

Vulnerabilities Exploited| Adversaries in Action| Attacks Executed| Targeted Countries| Targeted Industries| MITRE ATT&CK TTPs ---|---|---|---|---|--- 38| 11| 29| 256| 31| 187 Summary In June, the cybersecurity arena garnered significant attention following the identification of nine zero-day...

7.4AI score
Exploits0
hivepro
hivepro
added 2024/06/27 7:51 p.m.10 views

UAC-0184 Strikes Ukraine with XWorm RAT

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/06/20 10:8 p.m.10 views

Noodle RAT: Understanding the Full Scope of this Cross-Platform Malware

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/06/13 2:51 p.m.10 views

New Face of ValleyRAT: Enhanced Commands and Infiltration Tactics

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/06/10 2:29 p.m.10 views

Muhstik Botnet Exploits Apache RocketMQ Flaw in Latest Operations

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/05/27 9:3 a.m.10 views

Sharp Dragon’s Foray into African and Caribbean Governance Networks

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/05/16 5:41 a.m.10 views

Black Basta Ransomware Impacts Over 500 Organizations Worldwide

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/05/08 1:53 p.m.10 views

Tinyproxy Vulnerability Exposes Hosts to Remote Code Execution

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/19 1:52 p.m.10 views

Cisco IMC Flaw Enables Attackers to Escalate Privileges to Root

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/08 8:2 a.m.10 views

Ivanti Addresses Flaws Leading to DoS Attacks and Code Execution

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/04/08 7:20 a.m.10 views

Sync-Scheduler: The Premier Document Stealer

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/03/18 7:33 a.m.10 views

Magnet Goblin Strikes Public-Facing Servers

Summary: Magnet Goblin, characterized by its financial incentives, strategically exploits zero-day vulnerabilities within publicly accessible services by employing sophisticated malware sourced from the Nerbian family, which also includes NerbianRAT and MiniNerbian. Threat Level - Red | Actor...

7.4AI score
Exploits0
hivepro
hivepro
added 2024/02/19 8:18 a.m.10 views

A Fresh Look at the Bumblebee’s Comeback Strategies

Summary: BumbleBee, a malicious loader discovered in March 2022, resurfaced in the cyber threat landscape on February 8, 2024, after a four-month hiatus. Unlike in previous campaigns, this attack chain diverges from conventional techniques. Threat Level - Amber | Attack Report For a detailed thre...

7.2AI score
Exploits0
hivepro
hivepro
added 2024/02/13 5:40 p.m.10 views

Centralizing Your Threat Exposure Visibility In One Place

Modern cybersecurity functions staffed with only a handful of analysts and engineers rely on more than 10+ tools to manage their IT infrastructure and security. Most of these tools, mainly scanners, produce large amounts of data such as logs, alerts, and reports, each contributing to the...

7.8AI score
Exploits0
hivepro
hivepro
added 2024/01/12 5:18 p.m.10 views

FBot’s Arsenal against the SaaS Giants

Summary: FBot, a Python-based exploit tool, has systematically targeted critical infrastructures, spanning from web servers and cloud services to content management systems CMS and major Software as a Service SaaS platforms. Its primary objective is to infiltrate these services, acquiring...

7.2AI score
Exploits0
hivepro
hivepro
added 2024/01/05 7:11 a.m.10 views

SMTP Smuggling Enabling Spoofed Emails to Evade Authentication Protocols

Summary: A new email spoofing technique called "SMTP Smuggling" lets attackers send emails from fake addresses, bypassing security checks. This trick works by abusing how different servers handle line endings in email messages. The attack could affect millions of email users, so updating your...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/12/18 7:37 a.m.10 views

Rhadamanthys Stealer Version 0.5.0 Upgrade Overview

Summary: Rhadamanthys, the information-stealing malware, has taken a significant leap with its v0.5.0 upgrade, introducing expanded stealing features, raw syscalls, and an enhanced loader design, showcasing advanced evasion techniques. Its modular architecture allows for continuous updates,...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/11/20 8:17 a.m.10 views

Scattered Spider Cyber Threat Key Findings and Security Measures

Summary: A cybercriminal group, Scattered Spider, known for targeting commercial facilities, highlighting their evolving tactics, social engineering expertise, phishing, and SIM swap attacks, evolving techniques like file encryption post-exfiltration to maintain persistence and adapt to security...

7.3AI score
Exploits0
hivepro
hivepro
added 2023/09/15 7:9 a.m.10 views

Proof-of-Concept Released for Kubernetes Vulnerabilities Exposing Windows Nodes

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Three interconnected high-severity security vulnerabilities have been identified in Kubernetes. These vulnerabilities could potentially be exploited to achieve remote code execution with elevated...

8AI score
Exploits0
hivepro
hivepro
added 2023/08/29 9:21 a.m.10 views

Attacks, Vulnerabilities and Actors 21 August to 27 August 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of twelve attacks executed, six vulnerabilities, and three different adversaries...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/07/12 8:53 a.m.10 views

The Unrelenting Nature of TOITOIN Malware

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The TOITOIN malware campaign, targeting businesses in the LATAM region, employs sophisticated techniques and multi-stage infection chains with numerous malware samples disguised as compressed ZIP archive...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/07/06 10:23 a.m.10 views

New Variant of RUSTBUCKET Malware Targeting Cryptocurrency Providers

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary RUSTBUCKET malware family is actively developing, adding persistence capabilities, while the REF9135 operation by the DPRK targets cryptocurrency service providers. To receive real-time threat advisories...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/06/01 10:22 a.m.10 views

CISA Known Exploited Vulnerability Catalog May 2023

For a detailed CISAs KEV Catalog, download the pdf file here Summary The Known Exploited Vulnerability KEV catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. To be included in the catalog, a vulnerability must meet three criteria: hav...

7AI score
Exploits0
hivepro
hivepro
added 2023/05/19 1:40 p.m.10 views

Apple Patches Three Exploited Zero-Day Vulnerabilities in macOS

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Apple addresses three exploited zero-day vulnerabilities in macOS, fixing sandbox escape and code execution issues in the WebKit browser engine. To receive real-time threat advisories, please foll...

7.5AI score
Exploits0
hivepro
hivepro
added 2023/05/11 5:34 a.m.10 views

Immediate Threat Reduction for a Telecom Company

In this video, Anand Choudha, CEO at Hive Pro, and Jeelan Poola, CPO at Hive Pro, introduce the HivePro Uni5 Threat Exposure Management Platform. HivePro Uni...

7AI score
Exploits0
Total number of security vulnerabilities1589