Lucene search
K
HiveproMost viewed

1589 matches found

hivepro
hivepro
added 2023/10/14 7:43 a.m.68 views

Attacks, Vulnerabilities and Actors 2 October to 8 October 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of seven executed attacks, zero instances of adversary activity, and eight zero-day...

7.5CVSS6.9AI score0.99156EPSS
Exploits39
hivepro
hivepro
added 2023/07/14 6:45 a.m.68 views

Storm-0978 actively exploited the unpatched Office zero-day

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Storm-0978 is a Russian cybercriminal group that specializes in executing sophisticated phishing campaigns. Storm-0978 was found to be engaged in a new wave of attacks, leveraging the exploitation of...

6.8CVSS6.8AI score0.99083EPSS
Exploits3
hivepro
hivepro
added 2022/11/17 12:28 p.m.68 views

Iranian hackers leveraged Log4Shell to penetrate US federal agency

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Iranian APT activity was detected on the networks of federal agencies. The intruders utilized an exploit targeting Log4Shell CVE-2021-44228 to install XMRig crypto mining software on an unpatched VMware...

9.3CVSS2.7AI score0.99999EPSS
Exploits348
hivepro
hivepro
added 2024/01/03 9:22 a.m.66 views

Zero-Day Authentication Bypass Exploit in Apache OFBiz

Summary: CVE-2023-51467 is a critical authentication bypass vulnerability in Apache OFBiz. Exploitation of this vulnerability could result in bypass authentication to achieve a simple Server-Side Request Forgery SSRF or arbitrary code execution. Users are advised to update to Apache OFBiz version...

7.5CVSS8AI score0.96001EPSS
Exploits12
hivepro
hivepro
added 2023/01/24 5:29 a.m.66 views

CrySIS Ransomware A Long-Standing Threat with a New Twist

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The ransomware family CrySIS, dubbed Dharma, has been advancing since 2016. Its source code was made available to the public, enabling others to customize it for their use. The criminals behind the malwa...

2.2AI score
Exploits0
hivepro
hivepro
added 2021/10/31 10:11 a.m.66 views

For the third month in a row, it’s time to update Google Chrome

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Multiple vulnerabilities have been discovered in the worlds most popular browser. Two of them have been used in the wild CVE-2021-38000, CVE-2021-38003. Google has recently patched these vulnerabilities in Google Chrome versi...

6.8CVSS0.36238EPSS
Exploits3
hivepro
hivepro
added 2022/04/17 9:38 p.m.65 views

Google Chrome issues an emergency update to address the third zero-day of year 2022

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here A zero-day vulnerability has been discovered in Google Chrome versions prior to 100.0.4896.127. A type of confusion vulnerability tracked as CVE-2022-1364, is said to be exploited in the wild. This vulnerability affects the V8...

1.9AI score0.1372EPSS
Exploits2
hivepro
hivepro
added 2022/04/02 12:31 a.m.65 views

Two Vulnerabilities affecting Apple macOS exploited-in-the-wild

THREAT LEVEL: Red For a detailed advisory, download the pdf file here Two zero-day vulnerabilities were discovered in macOS Monterey versions prior to 12.3.1. These new issues bring the total number of zero-day vulnerabilities discovered in the Apple ecosystem to four. CVE-2022-22674 is an...

1.4AI score0.12642EPSS
Exploits0
hivepro
hivepro
added 2022/03/09 11:9 a.m.65 views

Weekly Threat Digest: 28 February – 6 March 2022

For a detailed threat digest, download the pdf file here Published Vulnerabilities Interesting Vulnerabilities Targeted Countries Targeted Industries ATT&CK TTPs 381 19 3 5 22 The first week of March 2022 witnessed the discovery of 381 vulnerabilities out of which 19 garnered the attention of...

0.6AI score0.80004EPSS
Exploits22
hivepro
hivepro
added 2023/09/27 10:22 a.m.64 views

Critical Security Vulnerabilities Discovered in Atlassian Products

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Atlassian have revealed the existence of several security vulnerabilities, namely CVE-2022-25647, CVE-2023-22512, CVE-2023-22513, and CVE-2023-28709, which affect their products. These...

6.5CVSS7.8AI score0.51547EPSS
Exploits1
hivepro
hivepro
added 2023/02/10 12:55 p.m.64 views

OpenSSL Releases Update to Address Several High-Severity Vulnerabilities

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The OpenSSL Project has released fixes for several security flaws, including a high-severity bug CVE-2023-0286 that could expose users to malicious attacks. The bug is related to a type of confusi...

1.5AI score0.59501EPSS
Exploits0
hivepro
hivepro
added 2022/08/05 6:22 p.m.64 views

Woody RAT leverages Follina to target Russia

Threat Level Attack Report For a detailed advisory, download the pdf file here Summary The unknown threat actor employs the Woody RAT to spear-phish Russian organizations. The malware was distributed via archive files and later switched to Microsoft Office documents leveraging the now-patched...

9.3CVSS3.4AI score0.99374EPSS
Exploits62
hivepro
hivepro
added 2022/01/24 11:5 a.m.64 views

SolarWinds Serv-U vulnerability exploited to deliver Log4j attack

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. SolarWinds is affected by a vulnerability CVE-2021-35247 due to improper input validation when processing LDAP queries in the Serv-U web login screen. Serv-U versions up to 15.2.5 are affected by this flaw and were fixed in...

9.3CVSS0.2AI score0.99999EPSS
Exploits348
hivepro
hivepro
added 2023/11/27 12:47 p.m.63 views

The Rise of DarkCasino APT Group Exploiting WinRAR 0-Day

Summary: DarkCasino, an APT group with economic motivations, was initially identified in 2021. The group introduced DarkMe, a Trojan Horse program based on Visual Basic. Recently, DarkCasino has been linked to the zero-day exploitation of CVE-2023-38831, an arbitrary code execution vulnerability...

4.4CVSS8AI score0.97798EPSS
Exploits49
hivepro
hivepro
added 2022/04/18 1:31 p.m.63 views

Old Zimbra vulnerability used to target Ukrainian Government Organizations

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here The Ukrainian Computer Emergency Response Team CERT-UA has issued an alert about a campaign targeting Ukrainian government entities that involve an exploit for an XSS vulnerability in Zimbra Collaboration Suite. The attacker...

4.3CVSS0.8AI score0.23717EPSS
Exploits2
hivepro
hivepro
added 2022/07/28 6:6 a.m.62 views

Spyware Group Candiru exploits Chrome Zero-Day to Target Middle East

Threat Level Attack Report For a detailed advisory, download the pdf file here Summary CandiruSaito Tech spyware used the recently fixed CVE-2022-2294 Chrome zero-day in assaults on journalists, with a substantial portion of the attacks taking place in Lebanon. This recently patched vulnerability...

1.7AI score0.70461EPSS
Exploits0
hivepro
hivepro
added 2022/04/14 5:8 a.m.62 views

Microsoft Patch Tuesday April 2022 addressed two zero-day vulnerabilities

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Microsoft addressed 128 vulnerabilities in there April patch Tuesday update. Two of them have been categorized as zero-day vulnerabilities. One of the two zero-days is exploited-in-the-wild as well. The vulnerability,...

4.6CVSS1.4AI score0.09817EPSS
Exploits4
hivepro
hivepro
added 2023/10/27 1:16 p.m.61 views

Vmware vCenter Flaws Leading to RCE Attacks

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Two vulnerabilities, CVE-2023-34048 and CVE-2023-34056, were identified in VMware vCenter Server, a server management software used for centralized management of virtual machines and ESXi hosts...

7.5CVSS7.8AI score0.99428EPSS
Exploits1
hivepro
hivepro
added 2023/05/30 7:42 a.m.61 views

Actors, Threats and Vulnerabilities 22 to 28 May 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of ten attacks executed, taking advantage of four different vulnerabilities in vario...

9.3CVSS6.8AI score0.99374EPSS
Exploits62
hivepro
hivepro
added 2023/01/17 9:59 a.m.61 views

A Critical Vulnerability That Affects ManageEngine Products

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A critical vulnerability in several ManageEngine products allows for remote code execution RCE without authentication. This vulnerability is tracked as CVE-2022-47966 and is caused by an outdated...

3.5AI score0.99753EPSS
Exploits15
hivepro
hivepro
added 2022/12/08 7:20 a.m.61 views

BackdoorDiplomacy targets the telecom industry in the Middle East

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary BackdoorDiplomacy, an advanced persistent threat APT gang with roots in China, is most likely behind a hostile campaign targeting the Middle East. The espionage action, aimed at a Middle Eastern telecom...

7.5CVSS0.9AI score0.99999EPSS
Exploits63
hivepro
hivepro
added 2022/10/11 7:28 a.m.61 views

Zero-Day Remote Code Execution Vulnerability in Zimbra Collaboration Suite

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The active exploitation of an unpatched CVE-2022-41352 remote code execution RCE vulnerability found in the Zimbra Collaboration Suite ZCS. It empowers attackers to upload arbitrary files and...

4.9AI score0.95478EPSS
Exploits7
hivepro
hivepro
added 2022/04/02 12:44 a.m.61 views

Authentication Bypass Vulnerability in Zyxel Firmware

THREAT LEVEL: Amber For a detailed advisory, download the pdf file here A severe vulnerability CVE-2022-0342 has been discovered in the firmware of some of Zyxels business-grade firewall and VPN products, potentially allowing attackers administrator-level access to affected devices. This...

7.5CVSS1.3AI score0.84839EPSS
Exploits0
hivepro
hivepro
added 2022/03/09 2:14 p.m.61 views

Microsoft addressed three zero-day vulnerabilities March 2022 Patch Tuesday Update

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Microsoft addressed 71 the following vulnerabilities in their March 2022 Patch Tuesday Update. This advisory briefs about six vulnerabilities out of which three of them have been rated critical in severity and three of them ar...

7.2CVSS1.3AI score0.40789EPSS
Exploits3
hivepro
hivepro
added 2023/11/01 12:39 p.m.60 views

Atlassian’s Latest Critical Confluence Flaw Poses Risk of Data Loss

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A critical vulnerability identified in Atlassian as CVE-2023-22518 which pertains to be an improper authorization issue in Confluence Data Center and Server. If successfully exploited by an...

7AI score0.99999EPSS
Exploits14
hivepro
hivepro
added 2022/08/19 4:40 a.m.60 views

Chrome’s zero-day flaw allows arbitrary code execution

Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary A vulnerabilityCVE-2022-2856 in Google Chrome, has been exploited in the wild. Additionally, Chrome has addressed several other use-after-free vulnerabilities in multiple components, including FedCM,...

2.4AI score0.04493EPSS
Exploits1
hivepro
hivepro
added 2021/09/26 8:2 a.m.60 views

Chrome’s eleventh zero-day vulnerability for the year 2021 has been patched

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. A vulnerability in Chrome and Microsoft edgeChromium based exists as a result of a use-after-free issue when processing HTML data in Google Chromes Portals component. A remote attacker can create a specially designed site,...

6.8CVSS0.7AI score0.11735EPSS
Exploits0
hivepro
hivepro
added 2021/09/16 1:49 p.m.60 views

Apple fixes the zero-day vulnerabilities exploited by Pegasus spyware named “FORCEDENTRY”

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Two actively exploited vulnerabilities CVE-2021-30858 and CVE-2021-30860 have been fixed in Apples iOS 14.8, iPadOS 14.8, watchOS 7.6.2, macOS Big Sur 11.6, and Safari 14.1.2 releases. The NSO group carried out the attack by...

6.8CVSS0.5AI score0.75994EPSS
Exploits2
hivepro
hivepro
added 2022/08/04 11:18 a.m.59 views

LockBit 3.0 makes a comeback by exploiting Log4j

Threat Level Actor Report For a detailed advisory, download the pdf file here Summary LockBit 3.0 LockBit Black, a new variant of LockBit Ransomware, is deploying Cobalt Strike beacons on compromised systems by exploiting the Windows Defender command line tool and Log4j in VMware Horizon...

2.2AI score
Exploits0
hivepro
hivepro
added 2021/12/26 4:11 a.m.59 views

Rook: New Ransomware in the market scavenges code from Babuk

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Security researchers found new ransomware dubbed as Rook that reuses the code from Babuk which was released earlier. It was initially seen on VirusTotal on November 26th and pwned its first victim, a Kazkh financial...

6.5AI score
Exploits0
hivepro
hivepro
added 2024/02/15 1:17 p.m.58 views

Microsoft’s February 2024 Patch Tuesday Addresses Two Zero-day Vulnerabilities

Summary: Microsofts February 2024 Patch Tuesday addresses 73 vulnerabilities, including actively exploited zero-days, spanning various products like Office, Exchange Server, and Windows Kernel. Critical flaws in Windows SmartScreenCVE-2024-21351, Internet Shortcut FilesCVE-2024-21412, and Microso...

7.5CVSS7.1AI score0.95443EPSS
Exploits2
hivepro
hivepro
added 2023/11/22 4:54 a.m.58 views

Kinsing Malware Utilizes Apache ActiveMQ RCE to Deploy Rootkits

Summary: The Kinsing malware operator is actively taking advantage of the critical vulnerability CVE-2023-46604 in Apache ActiveMQ, an open-source message broker. The vulnerability allows remote code execution, facilitating deployment of Kinsing malware aka h2miner, which functions as a...

7.5CVSS9.7AI score0.99654EPSS
Exploits31
hivepro
hivepro
added 2023/11/07 8:23 a.m.58 views

Kinsing Exploits Looney Tunables Vulnerability to Breach Cloud Environments

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The threat actor Kinsing has recently been observed exploiting the Linux privilege escalation vulnerability known as "Looney Tunables CVE-2023-4911" as part of a new campaign aimed at breaching cloud...

4.3CVSS7.2AI score0.81422EPSS
Exploits26
hivepro
hivepro
added 2022/04/26 12:22 p.m.58 views

What will be the consequence of this disputed vulnerability in 7-ZIP?

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here The zero-day vulnerability in 7- Zip software, tracked as CVE-2022-29072 is marked as disputed by the National Vulnerability DatabaseNVD, and sparked discussions over its consequences. This started when a researcher published ...

7.2CVSS0.4AI score0.01523EPSS
Exploits8
hivepro
hivepro
added 2022/11/02 7:27 a.m.57 views

Patch available for pre-announced Critical Vulnerability in OpenSSL

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary OpenSSL has released the Patch for the pre-announced critical vulnerability. In the announcement the severity of the vulnerability was Critical based on the fact that it can lead to RCE but after...

1.2AI score0.91153EPSS
Exploits6
hivepro
hivepro
added 2022/11/01 5:21 a.m.57 views

Google Chrome’s seventh zero-day of 2022

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A zero-day vulnerability has been discovered in Google Chrome versions prior to 107.0.5304.87. A type of confusion vulnerability tracked as CVE-2022-3723 is the seventh zero day of 2022 and is sai...

2.9AI score0.0675EPSS
Exploits1
hivepro
hivepro
added 2022/03/25 1:56 p.m.57 views

Microsoft’s privilege escalation vulnerability that refuses to go away

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here After seven months, a vulnerability that was addressed in August 2021 patch Tuesday remained unpatched. This locally exploited vulnerability is tracked as CVE-2021-34484 and affects the Windows User Profile Service. While...

6.9CVSS0.9AI score0.14393EPSS
Exploits2
hivepro
hivepro
added 2021/10/26 9:32 a.m.57 views

BillQuick Web Suite’s severe vulnerability may affect 400K users

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Multiple versions of BillQuick Web Suite have been found to have a critical vulnerability. A hacker was able to get initial access to a US engineering company by exploiting this serious vulnerability CVE 2021 42258. It also...

7AI score
Exploits0
hivepro
hivepro
added 2024/02/01 6:56 a.m.56 views

Critical Remote Code Execution Flaws Uncovered in Jenkins

Summary: Multiple vulnerabilities have been discovered in Jenkins and number of associated plugins, allowing attackers unauthorized data access and execute arbitrary commands. The critical vulnerability CVE-2024-23897, allows attackers to read system files and opens number of attack vectors...

5CVSS8.2AI score0.99999EPSS
Exploits46
hivepro
hivepro
added 2024/01/18 3:10 p.m.56 views

GitLab Fixes Critical Account Takeover Vulnerability

Summary: Critical GitLab vulnerability CVE-2023-7028 enables unauthorized users to take over the administrator account without user interaction. Exploiting password reset flaws, attackers can submit two emails, both target as well as attacker account leading to complete account takeover. Users wi...

5CVSS7.3AI score0.94955EPSS
Exploits16
hivepro
hivepro
added 2023/09/06 7:52 a.m.56 views

New IDAT Loader Unleashes Infostealers in Fake Browser Update Campaign

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary In a recent malware campaign, threat actors utilized a new IDAT Loader to distribute a range of malicious software, including InfoStealers and RATs, employing evasion methods. This loader is packaged...

6.8AI score
Exploits0
hivepro
hivepro
added 2022/08/16 2:38 a.m.56 views

BlueSky ransomware incorporates Multithreading to expedite encryption

Threat Level Attack Report For a detailed advisory, download the pdf file here Summary BlueSky ransomware is actively targeting businesses and demanding a ransom. It appears that they have ties with the Conti ransomware group. The malware is now primarily targeting Windows hosts and uses...

1.7AI score
Exploits0
hivepro
hivepro
added 2022/05/10 1:47 p.m.56 views

Have you patched this actively exploited BIG-IP vulnerability?

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here Last week, F5 patched a vulnerability tracked as CVE-2022-1388, soon after a successful Proof-of-conceptPoC was developed by security researchers making it susceptible to further exploitation. This authentication bypass...

7.5CVSS2.1AI score0.99956EPSS
Exploits63
hivepro
hivepro
added 2022/02/21 4:34 a.m.56 views

Privilege Escalation Vulnerability in Snap Package Manager puts Linux users at risk

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here A privilege escalation vulnerability has been identified in Canonical Snap software package manager that affects the Linux-based operating systems. Successful exploitation of this issue might allow an attacker to escalate...

6.9CVSS1.9AI score0.00966EPSS
Exploits4
hivepro
hivepro
added 2021/11/14 10:42 a.m.56 views

A zero-day vulnerability has been discovered in PAN’s GlobalProtect firewall

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Palo Alto Networks PAN released an update on November 10, 2021, that patched CVE-2021-3064, which was discovered and disclosed by Randori. This vulnerability affects PAN firewalls that use the GlobalProtect Portal VPN, and ...

10CVSS10AI score0.19087EPSS
Exploits1
hivepro
hivepro
added 2023/06/27 11:7 a.m.55 views

Attacks, Vulnerabilities and Actors 19 June to 25 June 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of twelve attacks executed, taking advantage of seventeen different vulnerabilities ...

9.3CVSS6.7AI score0.99512EPSS
Exploits75
hivepro
hivepro
added 2023/02/03 8:40 a.m.55 views

VectorStealer Malware steals Sensitive Information via RDP Hijacking and Phishing Attacks

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary VectorStealer is a malware that steals .rdp files through phishing emails, can be generated for USD 63 in Bitcoin, exfiltrates stolen information through SMTP, Discord, or Telegram, and uses the KGB...

2.3AI score
Exploits0
hivepro
hivepro
added 2023/01/19 1:36 p.m.55 views

Kasablanka Group Launches Phishing Campaigns Targeting Russian Government Entities

Threat Level Actors Report For a detailed threat advisory, download the pdf file here Summary The GitLab CE and EE have two security issues in Git. One of them is CVE-2022-41903, which is an integer overflow in the ‘git-log’ and ‘git-archive’ commands that can result in arbitrary heap writes and...

2.2AI score0.56334EPSS
Exploits0
hivepro
hivepro
added 2022/12/13 11:11 a.m.55 views

Active exploitation of the Fortinet pre-auth RCE vulnerability

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Fortinet has addressed a critical security flaw in its FortiOS SSL-VPN product, which is being actively exploited in the wild. The heap-based buffer overflow bug in FortiOS sslvpnd is listed as...

2AI score0.99474EPSS
Exploits11
hivepro
hivepro
added 2024/02/06 8:18 a.m.54 views

Attacks, Vulnerabilities and Actors 29 January to 4 February 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of seven executed attacks, two instances of adversary activity, and six exploited...

6.4CVSS7.1AI score0.99999EPSS
Exploits5
Total number of security vulnerabilities1589