1589 matches found
Outdated Internet Protocol Vulnerable to Massive DoS
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Critical SLP vulnerability affects 54k devices, including VMware, posing a risk of massive DoS attacks costing businesses up to $120k. To receive real-time threat advisories, please follow HiveFor...
The Bitter Group Targets Chinese Agencies with CHM Malware via Email Attachments
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Bitter group targets South Asian government agencies with Office documents and has recently distributed CHM malware to specific Chinese organizations via email attachments. To receive real-time threa...
Multiple Vulnerabilities Found in Cisco IP Phones Web-Based Management Interface
Threat Level Vulnerability Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary Cisco has disclosed two high-severity vulnerabilities affecting its IP phones, with one causing remote code execution RCE and the other enabling...
Red Eyes Exploits Hangul EPS Vulnerability and Steganography to Spread Malware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Red Eyes group used an old vulnerability in Hangul word processor to spread malicious code via steganography, stealing personal PC information and mobile phone data, and executing C&C commands using ...
NewsPenguin Threat Actor Unleashes Malicious Attacks on Pakistani Firms
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary A recently identified adversary, referred to as NewsPenguin, has been associated with a sophisticated phishing campaign targeting Pakistani organizations. The attacker employs a highly intricate payload...
Apple addresses macOS Dirty Cow, Achilles, and other flaws
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Apple addressed multiple vulnerabilities in macOS Monterey. These vulnerabilities affect different functionalities such as Bluetooth, BOM, DriverKit, File System, IOHIDFamily, Kernel, and...
A New GoLang Botnet named GoTrim BruteForcing multiple CMS
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new GoTrim botnet has been scanning and brute-forcing on the four Content Management Systems WordPress, DataLife Engine, Joomla!, and OpenCart websites. GoTrim botnet is written in Go Programming...
Why Organizations Need Continuous Threat Exposure Management
...
Prestige Ransomware impacts transportation industry in Ukraine and Poland
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Prestige Ransomware is using already-gained ADMIN access to target organizations in Ukraine and Poland by deploying its payload. The activity has been associated with DEV-0960...
Budworm Attackers Return with New Espionage Strikes Against the United States
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The Budworm espionage group exploited Log4j vulnerabilities to jeopardize the Apache Tomcat service by integrating several custom and publicly available tools to exfiltrate sensitive information...
Earth Aughisky uses a new set of malware
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Earth Aughisky, a well-known cyber espionage group is exploiting legitimate accounts, software, applications, and other weaknesses by conducting a spearphishing campaign to disrupt everyday activities of...
Raspberry Robin worm infects Multiple Windows Network Devices
Threat Level Attack Report For a detailed advisory, download the pdf file here Summary The Raspberry Robin worm spreads via USB devices and shared folders to infect Windows installers and QNAP devices using compromised QNAP devices as stagers. Majority of the victims in Europe are being targeted...
Vulnerability in the UnRaR leads to code execution in Zimbra
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary Unrar has a path traversal vulnerability that allows an unauthenticated attacker to execute arbitrary commands as a Zimbra user and escalate privileges...
FabricScape lets attackers takeover Linux containers
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary FabricScape, a container escape vulnerability in Microsoft Service Fabric could allow an attacker to escalate privileges and compromise the cluster...
Monthly Threat Digest: April 2022
...
RangnarLocker Ransomware hits Critical Infrastructure Compromising 50+ Organizations
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here The Federal Bureau of Investigation FBI has released an alert on Ragnarlocker campaign that has affected nearly 52 organizations encompassing 10 critical infrastructure sectors, including entities in significant manufacturing,...
Weekly Threat Digest: 21-27 February 2022
...
Millions of WordPress site backups at risk due to a vulnerability in UpdraftPlus plugin
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here UpdraftPlus is a backup tool for WordPress files, databases, plug-ins, and themes that allows you to create, restore, and migrate backups. UpdraftPlus is utilized by more than three million WordPress websites, according to i...
Threat actors are actively exploiting OMIGOD vulnerabilities impacting Microsoft Azure
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Azure VMs using Linux management solutions with Azure Automation, Azure Automatic Update, Azure Operations Management Suite OMS, Azure Log Analytics, Azure Configuration Management, or Azure Diagnostics are affected by...
Critical flaws in Cisco’s Small Business RV Series VPN routers
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Cisco has patched serious vulnerabilities that might be exploited by sending maliciously crafted HTTP requests to the web-based management interfaces of vulnerable Small Business RV Series Routers. However, the remote...
Nucleus Security vs Hive Pro: CTEM Comparison
Choosing between Nucleus Security vs Hive Pro is really a decision about how your security team wants to run exposure management: as an aggregation and workflow layer over existing tools, or as a broader CTEM platform that combines aggregation, native discovery, threat intelligence, validation, a...
The Machine Found It First. The Machine Will Exploit It Next.
& For decades, the question behind every CVE has been "who found it, and how fast can attackers catch up?" As of May 12, 2026, the question has flipped. Machines found the bug. Machines will weaponize the next one. The race is no longer human-versus-human with a stopwatch. Discovery Discovery...
Cyber Insurance Requirements for Cybersecurity
Cyber Insurance Requirements for Cybersecurity Cyber insurance requirements cybersecurity teams face today are stricter than they were even a few years ago. Underwriters no longer accept a simple security questionnaire and a list of tools. They want evidence that your organization can identify...
Firefox Security Vulnerabilities: An Expert Guide
For any vulnerability management team, the daily flood of alerts can be overwhelming. When your scanner flags dozens of new CVEs, it’s easy to see browser-related issues as lower priority. Yet, a critical flaw in a widely used application like Firefox can be the initial foothold an attacker needs...
6 Essential AI Cybersecurity Tools for Your Stack
Is your security team spending more time chasing low-level alerts than hunting for genuine threats? It’s a common problem that leads to burnout and allows critical risks to slip through the cracks. The most significant advantage of AI cybersecurity tools is their ability to restore focus. By...
The Impact of Supply Chain Attacks on the Global Landscape
Background From the Silk Road’s ancient trade routes to today’s global networks, supply chains have shaped empires, fueled revolutions, and driven economies. Now, in an age of digital transformation, they’ve evolved from logistical backbones into dynamic, tech-driven ecosystems. Powered by digita...
Paris Olympics 2024: Securing The Games
The Rising Cyber Threats In recent years, the threat of cyberattacks has grown exponentially, affecting the sports sector as well. Major international events like the Olympics are prime targets for cybercriminals, hacktivists, and even nation-states. The reasons are clear: these events attract...
InnoLoader Malware Stealth Mastery, Unique Instances per Download
...
Critical Vulnerabilities Patched in Progress Software’s MOVEit
...
F5 BIG-IP Exploited in Three-Year Espionage Campaign by Velvet Ant
...
Veeam Addresses Critical Flaws, Urges Admins to Patch
...
POC Exploit Code Released for Apache HugeGraph RCE Vulnerability
...
Fog Ransomware Targets US Sectors Via Compromised VPN Credentials
...
Attacks, Vulnerabilities and Actors 3 to 9 June 2024
For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made significant advancements in identifying cybersecurity threats. Over the past week alone, HiveForce Labs has detected six executed attacks, reported nine vulnerabilities, and identified two active...
Patches Made Available for Vulnerable EoL Zyxel NAS Models
...
Hackers Exploit LiteSpeed Cache for WordPress Site Takeover
...
Building Stronger Partnerships: Why Threat Exposure Management (CTEM) Matters
The enterprise digital landscape is too large to simply manage. Gone are the days of securing just a physical network perimeter. Today's IT infrastructure encompasses everything from lines of code to sprawling cloud environments. This sprawl creates a massive attack surface, making it increasingl...
The Exposure Management Acronym Dictionary
In this video, Anand Choudha, CEO at Hive Pro, and Jeelan Poola, CPO at Hive Pro, introduce the HivePro Uni5 Threat Exposure Management Platform. HivePro Uni...
SapphireStealer’s Stealthy Invasion via Deceptive Legal Documents
Summary: An intricate campaign aimed at Russian individuals has emerged, showcasing the SapphireStealer malware, a publicly available information-stealing tool introduced in December 2022. The incorporation of social engineering techniques significantly enhances the efficacy of these campaigns,...
New macOS Backdoor Stealthily Stealing Cryptowallets
Summary: MacOS users have reported infections resulting from the use of cracked software, exposing a previously undisclosed stealer malware that has the capability to collect data from cryptocurrency wallets and system configurations. Threat Level - Amber | Attack Report For a detailed threat...
ScarCruft Unleashes Tailored Attacks on Cybersecurity Frontlines
Summary: The ScarCruft APT group is actively targeting attacks on media organizations and individuals in the realm of threat intelligence. ScarCruft employs persistent tactics, using phishing emails to deliver RokRAT, a custom-designed backdoor. Threat Level - Amber | Attack Report For a detailed...
Windows SmartScreen Exploit Paves the Way for Phemedrone Stealer
Summary: The Phemedrone stealer malware campaign exploits a vulnerability in Microsoft Defender SmartScreen. Phemedrone, an open-source information-stealing malware written in C, is designed to extract data from web browsers, and cryptocurrency wallets. Threat Level - Red | Attack Report For a...
Attacks, Vulnerabilities and Actors 8 January to 14 January 2024
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of seven attacks were executed, two vulnerabilities were uncovered, and three active adversaries wer...
Play Ransomware A Global Threat Impacting Businesses
Summary: The Play ransomware group, active since June 2022, employs a double-extortion model, impacting businesses globally. Utilizing legitimate tools for malicious activities, the group has affected approximately 300 entities. Threat Level - Red | Attack Report For a detailed threat advisory,...
North Korean Hackers Target Crypto Users with RustBucket and KandyKorn
Summary: North Korean-aligned threat actors are targeting macOS users with two malware frameworks, RustBucket and KandyKorn, in an attempt to steal cryptocurrency. Threat Level - Amber | Attack Report For a detailed threat advisory, download the pdf file here To receive real-time threat advisorie...
Chinese Hacking Group Exploits Barracuda Zero-Day
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Chinese-linked hacking group, tracked as UNC4841, has prominently directed its efforts towards infiltrating and compromising various entities in recent attacks. These offensives were particularly...
Summary of Vulnerabilities & Threats: July 2023
...
A Deep Dive into Space Pirates’ Unconventional Cyber Arsenal
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Space Pirates have been a persistent digital threat since 2017, relentlessly targeting over 16 organizations in Russia and one in Serbia. Despite retaining its core methods, this infamous group continuous...
TA445 Targeting Government and Military Sectors in Ukraine and Poland
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary TA455 conducts ongoing campaigns targeting government entities, military organizations, and civilians in Ukraine and Poland to steal information and establish remote access, using multi-stage infection...
Crysis Threat Actors Unleash Venus Ransomware via RDP
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The threat actors behind the Crysis ransomware are currently utilizing the Venus ransomware as a component of their attack strategy, with a primary focus on targeting vulnerable systems through active...