1589 matches found
Veeam Recovery Orchestrator Flaw Enables Forge of Valid JWT Tokens
...
Microsoft’s June 2024 Patch Tuesday Addresses 49 Vulnerabilities
...
Zero-Day Flaw in Palo Alto Networks PAN-OS Patched After Active Exploitation
...
Summary of Vulnerabilities, Actors & Attacks: March 2024
...
Summary of Vulnerabilities, Actors & Attacks: January 2024
...
Summary of Vulnerabilities, Actors & Attacks: December 2023
...
Microsoft’s December 2023 Patch Tuesday Addresses One Zero-day Vulnerability
Summary: In the December Patch Tuesday release, Microsoft addressed a total of 42 CVEs, including one zero-day vulnerability. Within this range of vulnerabilities, the security update covered the typical spectrum of issues, including RCE flaws, concerns related to privilege escalation, spoofing,...
The Unseen Thread Linking Sandman APT and KEYPLUG Backdoor
Summary: The Sandman Advanced Persistent Threat APT is closely linked to suspected threat clusters originating from China, specifically identified as Storm-0866, also known as Red Dev 40. Within the same victim environments, the Sandmans Lua-based malware, LuaDream, and the KEYPLUG backdoor have...
CISA Known Exploited Vulnerability Catalog November 2023
For a detailed CISAs KEV Catalog, download the pdf file here Summary The Known Exploited Vulnerability KEV catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. It is recommended that all organizations review and monitor the KEV catalog,...
Attackers Exploit Brazil’s PIX System with GoPIX Malware Campaign
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The popularity of Brazils PIX payment system has attracted cybercriminals using GoPIX malware, targeting users searching for "WhatsApp web" with malicious ads. This poses a threat to users financial and...
A New XorDDoS Linux Trojan That Launches Powerful DDoS Attacks
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The XorDDoS Trojan, a Linux-based malware, orchestrates DDoS attacks through infected devices, with a recent campaign detected in 2023. Attackers employ scanning, persistence, and C2 infrastructure...
Deciphering Mirai’s Next Chapter: the Strategies of the Latest Players
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The realm of cybersecurity witnessed the rise of formidable botnet variants stemming from the notorious Mirai source code. Prominent among them are hailBot, kiraiBot, and catDDoS, showcasing heightened...
CustomerLoader Disseminating Diverse Malware Payloads
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A covert .NET loader, known as CustomerLoader, was specifically designed to facilitate the retrieval, deciphering, and activation of subsequent payloads. Throughout the early days of June 2023, various...
LockBit Ransomware Evolving Tactics and Pervasive Impact in 2023
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary LockBit ransomware is a highly impactful Ransomware-as-a-Service RaaS variant that targets critical sectors globally. Since 2020, victims in the US alone have paid around $91 million in ransom payments...
Summary of Vulnerabilities & Threats: May 2023
...
MichaelKors Ransomware Targets Linux and VMware ESXi Systems with Hypervisor Jackpotting
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary MichaelKors ransomware, a new RaaS operation, has been targeting Linux and VMware ESXi systems since April 2023, utilizing the tactic of "hypervisor jackpotting" to gain unrestricted access and encrypt...
Actors, Threats and Vulnerabilities 17 to 23 April 2023
For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, they identified a total of ten attacks that were executed...
Rilide Stealer Extension Targets Chromium-Based Browsers
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Rilide Stealer Extension is a sophisticated malware that disguises itself as a benign Google Drive extension and targets Chromium-based browsers. To receive real-time threat advisories, please follow...
SmoothOperator Campaign Trojanizes 3CXDesktopApp
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The 3CX desktop app trojanized via a multi-stage supply attack chain in the SmoothOperator campaign. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn...
Actors, Threats and Vulnerabilities 20 March to 26 March 2023
For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, they identified a total of 19 attacks that were executed...
HivePro Uni5: The Ultimate Solution for Cybersecurity Teams
...
Chrome 111 addresses an array of security flaws
Threat Level Vulnerability Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary Chrome has addressed several security vulnerabilities that encompass unauthorized access, Use after Free, Type Confusion, and Heap buffer overflow...
SYS01 Stealer Targets Government and Manufacturing Industry
Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary The SYS01 stealer has been targeting critical government infrastructure employees, manufacturing companies, and other industries, and using various delivery technique...
Ice Breaker a Looming Threat on the Gaming Industry
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Online gaming and gambling companies have been targeted by hackers using unseen backdoors. The attacks are grouped together and referred to as "Ice Breaker." The intrusions make use of smart social...
Summary of Vulnerabilities & Threats: January 2022
...
Actors, Threats and Vulnerabilities 9 January 2023 – 15 January 2023
...
Actors, Threats and Vulnerabilities 26 December 2022 – 02 January 2023
...
Actors, Threats and Vulnerabilities 12 – 18 December 2022
...
Actors, Threats and Vulnerabilities 5 – 11 December 2022
...
New Venus Ransomware Targets Healthcare industry
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Venus ransomware, also called Goodgame, has been a source of concern since August 2022. Venus ransomware is an example of the legacy ransomware model: a standalone package sold on underground markets...
DarkTortilla crypter is set to become a formidable threat
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary DarkTortilla is a sophisticated and highly configurable .NET-based crypter that has been active since at least August 2015. The malware is popular for the deployment of remote access trojans RATs, target...
Adobe addresses new vulnerabilities in Adobe Acrobat and Reader
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary Adobe addresses multiple critical vulnerabilities as per Adobe and has released security updates for Adobe Acrobat and Reader for Windows and macOS...
HavanaCrypt ransomware spreads through fake google updates
Threat Level Attack Report For a detailed advisory, download the pdf file here Summary HavanaCrypt is a new ransomware that distinguishes itself as a Google software update. It evades detection using a Microsoft web hosting service IP address as the command and control C&C server...
Security updates for Adobe Animate June 2022
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary Adobe has issued a security update for Adobe Animate. The update resolves a critical vulnerability at priority 3 as per Adobe that could lead to arbitrary code execution in the context of the current use...
Security updates for Adobe InCopy June 2022
Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary Adobe has released security updates in Adobe InCopy that address critical vulnerabilities at priority 3 as per Adobe. These vulnerabilities could lead to arbitrary code execution...
The Exploit Pipeline Just Went Autonomous.
& In February, I wrote about the breach zone — the gap between CVE disclosure and scanner signature. In April, I wrote that the breach zone became permanent when NIST stopped enriching the majority of CVEs. Both posts assumed the same ceiling: humans, working at human speed, are the bottleneck fo...
Benefits of Breach and Attack Simulation in Vulnerability Management
Vulnerability management teams face an overwhelming challenge: tens of thousands of CVEs published annually, limited remediation capacity, and no reliable way to separate genuine threats from background noise. Traditional approaches rely on CVSS scores and scanner output, but these methods lack t...
How to Present Cybersecurity ROI to Your Board of Directors
...
What is Predictive Threat Intelligence for Organizations?
You wouldn’t set sail across the ocean without checking the weather forecast. Meteorologists gather data on temperature, wind, and pressure systems to predict an incoming storm, giving you time to prepare. Predictive threat intelligence applies the same logic to cybersecurity. It collects and...
What Is a Risk-Based Vulnerability Management Platform?
A vulnerability scanner tells you where the cracks are in your defenses, but it doesn't tell you which ones an attacker will actually use. To truly understand your exposure, you need to see your network from their perspective. How can a low-severity flaw on one server be combined with a...
What Is a Risk-Based Vulnerability Management Tool?
Your security team is talented, but they aren't miracle workers. With a persistent skills shortage and ever-tightening budgets, asking them to patch every single vulnerability is not just unrealistic; it's inefficient. Chasing low-risk issues wastes valuable time and leads to burnout, all while...
Risk-Based Vulnerability Management: The Complete Guide to Smarter Threat Prioritization
Your vulnerability scanner just flagged 12,000 findings. Your team has the bandwidth to remediate maybe 200 this sprint. Which ones do you fix first? If your answer is "sort by CVSS score and work down the list," you are making the same mistake most security teams make. You are treating a 9.8-rat...
What is CTEM? A Guide to Proactive Cybersecurity
Most security teams are great at finding problems. The real challenge is figuring out which problems to solve first. When everything is a priority, nothing is. This is a common frustration that leaves teams feeling overworked and unsure if their efforts are making a real difference. A more...
Exposure Management vs Vulnerability Management: Key Differences
Is your security program truly reducing risk, or is it just getting really good at patching? This question is at the heart of the exposure management vs vulnerability management debate. A traditional approach can tell you that a door has a weak lock, but it can't tell you if that door leads to a...
7 Steps to Improve Cyber Exposure Visibility
Attackers don’t look for the strongest part of your defense; they look for the one you forgot about. An unmanaged server, a misconfigured cloud service, or an employee’s unsecured home device can become their front door. Poor cyber exposure visibility creates these hidden entry points. The best w...
Rapid7 vs. Hive Pro: A Head-to-Head Comparison
See how Rapid7 and Hive Pro compare in features, setup, pricing, and threat intelligence to help you choose the right threat exposure management platform. Threat intelligence and Business context are the secret sauces that transform vulnerability management from a frantic game of whack-a-mole int...
Threat Exposure Management vs. Legacy Scanners: A Clear Winner
Attackers don’t think in terms of CVSS scores. They think in terms of attack paths. They look for the weakest link—a misconfiguration here, an unpatched server there—that they can chain together to reach your most valuable assets. Traditional vulnerability scanners are completely blind to this...
What Is Continuous Threat Monitoring? A Full Guide
Relying on periodic security scans is like checking your rearview mirror once every ten miles on a busy highway. You get a snapshot of what’s behind you, but you miss the real-time dangers closing in. This reactive approach leaves dangerous gaps for attackers to exploit, keeping your security tea...
Vulnerability Management vs Exposure Management: The Next Step
An attacker doesn’t care about your long list of CVEs or your internal CVSS scores. They care about finding a single path into your network. This is the fundamental idea that separates the old way of thinking from the new. The discussion around vulnerability management vs exposure management is...
6 Actionable Vulnerability Management Best Practices
Every unpatched vulnerability is more than just a technical flaw; it's a direct business risk. These security gaps are the entry points for breaches that lead to devastating financial losses, operational downtime, and long-term damage to your brand's reputation. When viewed through this lens,...