Lucene search
K
HiveproMost viewed

1589 matches found

hivepro
hivepro
added 2023/09/18 7:9 a.m.55 views

‘ThemeBleed’ flaw in Windows 11 Enables Code Execution

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The CVE-2023-38146 vulnerability in Windows 11 allows remote attackers to execute arbitrary code, potentially compromising the affected systems security and integrity, and posing a significant...

6.8CVSS7.5AI score0.39491EPSS
Exploits4
hivepro
hivepro
added 2023/06/07 8:48 a.m.54 views

MediaArena: A Deceptive Browser Hijacker Exploiting User Data and Security Threats

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary MediaArena is a deceptive software that hijacks browsers, redirects searches, and collects user data for malicious activities, emphasizing the importance of removal and caution. To receive real-time thre...

6.9AI score
Exploits0
hivepro
hivepro
added 2022/09/26 6:35 a.m.54 views

Zero-Day vulnerability in WPGateway Plugin compromises WordPress sites

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The recently uncovered CVE-2022-3180 zero-day vulnerability allows an unauthenticated attacker to add an administrator account to WPGateway-powered websites. WPGateway is a commercial plugin that...

3.7AI score0.08841EPSS
Exploits2
hivepro
hivepro
added 2022/03/17 2:17 p.m.54 views

OpenSSL exposed to Denial-of-service vulnerability causing Infinite Loop

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. A security flaw exists in OpenSSL software library that could lead to a denial-of-service DoS condition when parsing certificates. The vulnerability, identified as CVE-2022-0778, arises from parsing a malformed certificate...

5CVSS0.6AI score0.70561EPSS
Exploits2
hivepro
hivepro
added 2023/11/09 5:0 a.m.53 views

SideCopy Leverages Multi-platform RAT, Assaults Indian Government Entities

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A threat actor linked to Pakistan named SideCopy is capitalizing on WinRARs CVE-2023-38831 vulnerability to target Indian government agencies. This security vulnerability facilitates distribution of...

4.4CVSS7.5AI score0.97798EPSS
Exploits49
hivepro
hivepro
added 2023/08/25 8:16 a.m.53 views

WinRAR Zero-Day Exploit Targeting Traders Since April

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The zero-day vulnerability CVE-2023-38831 in WinRAR, allowing hackers to install malware through manipulated archives, exposing users to hidden malicious scripts and potential cyberattacks. To...

4.4CVSS6.3AI score0.97798EPSS
Exploits49
hivepro
hivepro
added 2023/06/13 6:58 a.m.53 views

Actors, Threats and Vulnerabilities 5 June to 11 June 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of seven attacks executed, taking advantage of five different vulnerabilities in...

9.3CVSS6.9AI score0.99934EPSS
Exploits77
hivepro
hivepro
added 2023/01/26 12:7 p.m.53 views

Titan Stealer – A Cross-Platform Information Stealer Malware Distributed by Threat Actors

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Titan Stealer is a cross-platform information stealer malware actively distributed by a threat actor through a Telegram channel, capable of stealing various information from infected Windows machines and...

4.1AI score
Exploits0
hivepro
hivepro
added 2023/01/16 10:56 a.m.53 views

The Vulnerability Discovered in the Cacti Open-Source RRD tool

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A high-severity vulnerability named CVE-2022-46169 has been found in Cacti, a free, open-source, web-based network monitoring and graphing tool designed as a front-end application for the...

2.1AI score0.99826EPSS
Exploits48
hivepro
hivepro
added 2022/03/30 1:10 p.m.53 views

DOS Vulnerability discovered in SonicWall Next-Generation Firewall

THREAT LEVEL: Amber For a detailed advisory, download the pdf file here SonicWall, a manufacturer of security hardware discovered a flaw in their SonicOS security operating system that allows denial of service DoS attacks and could lead to remote code execution RCE. The identified vulnerability...

7.5CVSS1.2AI score0.57324EPSS
Exploits3
hivepro
hivepro
added 2022/03/04 1:47 p.m.53 views

Thousands of GitLab instances impacted by multiple security flaws

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here Multiple security vulnerabilities have been discovered by researchers in GitLab, an open-source DevOps software. Some of these flaws could allow an unauthenticated remote attacker to retrieve all information linked to GitLab...

1.8AI score0.80004EPSS
Exploits4
hivepro
hivepro
added 2022/02/18 12:40 p.m.53 views

Apache Cassandra database affected by easily exploitable Remote code execution

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here Apache Cassandra is a database software being used by many companies such as Uber, Facebook, Netflix, Twitter, Instagram, Spotify, Instacart, Reddit, and Accenture. A remote code execution flaw CVE-2021-44521 is reported whi...

8.5CVSS0.6AI score0.54889EPSS
Exploits7
hivepro
hivepro
added 2023/01/10 12:11 p.m.52 views

New Vulnerability Found in the JsonWebToken Open-Source Project

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A new high-severity vulnerability named CVE-2022-23529 has been discovered in the popular JsonWebToken open-source package. This vulnerability allows attackers to execute remote code on servers th...

5.2AI score
Exploits0
hivepro
hivepro
added 2021/11/25 12:6 p.m.52 views

VMware patches SSRF and arbitrary file read vulnerabilities in vCenter Server

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. VMware has released fixes to address two security flaws in vCenter Server and Cloud Foundation tracked as CVE-2021-21980 and CVE-2021-22049. The vulnerability CVE-2021-21980 arbitrary file read is of major concern as an...

7.5CVSS8.8AI score0.04601EPSS
Exploits2
hivepro
hivepro
added 2023/05/25 6:36 a.m.51 views

GUI-Vil Threat Group Exploits AWS for Crypto Mining

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary GUI-Vil p0-LUCR-1, an Indonesian threat group, conducts unauthorized cryptocurrency mining using personalized infiltration tactics. They exploit AWS, leveraging compromised credentials and vulnerabilitie...

7.5CVSS7AI score0.99731EPSS
Exploits30
hivepro
hivepro
added 2023/02/18 7:46 a.m.51 views

The Impact of Artificial Intelligence on Cybersecurity

Abstract: Artificial Intelligence AI has been a game-changer in many industries, and cybersecurity is no exception. AI has revolutionized the way organizations approach security, providing new and innovative solutions for detecting and mitigating cyber threats. However, with its increasing use, i...

1.8AI score
Exploits0
hivepro
hivepro
added 2023/01/06 2:10 p.m.51 views

Threat Actors Using WerFault.exe to Deploy Pupy RAT

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Pupy RAT malware is using a technique called DLL side-loading to disguise itself as the legitimate WerFault.exe process in order to evade detection. The malware is delivered via an ISO image that...

1.2AI score
Exploits0
hivepro
hivepro
added 2022/12/06 6:19 a.m.51 views

Google Chrome’s ninth zero-day in 2022

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary CVE-2022-4262 is the fourth actively exploited type confusion bug in Chrome addressed by Google and the ninth zero-day flaw exploited in the wild in 2022. The bug exists as a result of a type...

1.7AI score0.16109EPSS
Exploits2
hivepro
hivepro
added 2022/11/04 12:48 p.m.51 views

Threat actors buy new BlueFox Stealer to exfiltrate data

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A Russian-speaking user named distamx has been selling BlueFox Stealer as malware-as-a-service since December 2021. A subscription to the customizable malware costs $350 per month on underground forums...

1.4AI score
Exploits0
hivepro
hivepro
added 2022/05/19 3:20 a.m.51 views

Weekly Threat Digest: 9-15 May 2022

For a detailed threat digest, download the pdf file here Published Vulnerabilities Interesting Vulnerabilities Active Threat Groups Targeted Countries Targeted Industries ATT&CK TTPs 650 3 1 14 10 13 The second week of May 2022 witnessed the discovery of 650 vulnerabilities out of which 3 gained...

7.2CVSS0.4AI score0.09823EPSS
Exploits0
hivepro
hivepro
added 2024/05/31 11:22 a.m.50 views

Check Point Fixes Zero-Day CVE-2024-24919 Exploited in the Wild

...

8.6CVSS6.8AI score0.99978EPSS
Exploits52
hivepro
hivepro
added 2024/03/23 2:0 a.m.50 views

TeamCity Vulnerabilities Unleash Jasmin Ransomware and More

Summary: Recently patched vulnerabilities in JetBrains TeamCity CVE-2024-27198, CVE-2024-27199 have emerged as a breeding ground for cyber threats, as attackers leverage them to disseminate various dangers such as Jasmin ransomware, XMRig cryptominers, SparkRAT backdoor, and remote access trojans...

7.5CVSS7.7AI score0.99991EPSS
Exploits25
hivepro
hivepro
added 2024/02/02 3:18 p.m.50 views

Ivanti Addresses Zero-Day Vulnerability Exploited in Attacks

Summary: Ivanti has addressed two new high-severity vulnerabilities, CVE-2024-21893 and CVE-2024-21888, affecting its Connect Secure and Policy Secure products. CVE-2024-21893, in particular, has been actively exploited in the wild, posing a significant risk to affected systems. Threat Level - Re...

6.5CVSS7.1AI score0.99999EPSS
Exploits7
hivepro
hivepro
added 2023/11/20 4:51 a.m.50 views

Four Threat Actors Capitalized on Zimbra Zero Day to Infiltrate Government Organizations

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A zero-day vulnerability identified as CVE-2023-37580 in Zimbra Collaboration email software has been exploited by four different groups in attacks. These attacks aimed to illicitly obtain email data, us...

5.8CVSS7.3AI score0.59041EPSS
Exploits0
hivepro
hivepro
added 2023/10/26 8:37 a.m.50 views

Attackers Exploit VMware’s Aria Operations for Logs Vulnerability

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A critical authentication bypass vulnerability CVE-2023-34051 in VMware Aria Operations for Logs allows remote code execution with root privileges under certain conditions, raising concerns for...

7.5CVSS8.2AI score0.44667EPSS
Exploits1
hivepro
hivepro
added 2023/10/04 8:27 a.m.50 views

Exim Vulnerable to Zero-Day Remote Code Execution Attacks

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Six zero-day vulnerabilities have been discovered in the Exim Internet Mailer, potentially putting thousands of email servers worldwide at risk. These vulnerabilities, if successfully exploited,...

8.2AI score0.10042EPSS
Exploits5
hivepro
hivepro
added 2023/09/26 4:57 a.m.50 views

Apple Addresses Zero-Day Flaws Exploited in the Wild

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Apple addressed three zero-day vulnerabilities used in an iPhone exploit chain to deliver the Predator spyware. The vulnerabilities involved were CVE-2023-41991, CVE-2023-41992, and CVE-2023-41993...

7.5CVSS7.8AI score0.29179EPSS
Exploits3
hivepro
hivepro
added 2022/12/19 1:1 p.m.50 views

VMware tackles security flaws in ESXi and vRealize

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary VMware addressed security weaknesses to address a critical-severity vulnerability affecting ESXi, Workstation, Fusion, and Cloud Foundation, as well as a critical-severity command injection flaw...

0.7AI score0.01546EPSS
Exploits0
hivepro
hivepro
added 2022/09/14 1:58 p.m.50 views

Two Zero-day vulnerabilities in macOS BigSur

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Apple addresses ten vulnerabilities, two of which are actively exploited. The vulnerabilities have been assigned CVE-2022-32917 and CVE-2022-32894 and could allow an attacker to execute arbitrary...

3.6AI score0.05557EPSS
Exploits0
hivepro
hivepro
added 2022/09/01 10:53 a.m.50 views

RCE flaw resides in the Atlassian Bitbucket Server and Data Center

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Atlassian has patched a significant security hole in Bitbucket Server and Data Center, which could allow attackers to execute arbitrary code on susceptible systems. The vulnerability is identified...

4.4AI score0.99174EPSS
Exploits24
hivepro
hivepro
added 2022/04/26 12:44 p.m.50 views

Newly patched VMware vulnerability exploited by Iranian espionage group, Rocket Kitten

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here An Iranian cyber espionage gang known as Rocket Kitten has began delivering the Core Impact penetration testing tool on susceptible computers by exploiting a newly fixed severe vulnerability in VMware Workspace ONE...

10CVSS1.3AI score0.99997EPSS
Exploits24
hivepro
hivepro
added 2022/03/08 8:30 a.m.50 views

Linux Distributions affected by a privilege escalation vulnerability

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here A new privilege escalation vulnerability has been reported that affects all the major releases of the Linux kernel and being tracked as CVE-2022-0492. The issue primarily affects the Linux kernel feature known as control...

1.7AI score0.05528EPSS
Exploits12
hivepro
hivepro
added 2023/12/28 2:23 p.m.49 views

Cloud Atlas Exploits Six-Year-Old Flaw to Target Russian Companies

Summary: The threat actor Cloud Atlas has been identified in spear-phishing attacks targeting Russian enterprises. The modus operandi involves a phishing message in the initial stage, containing a lure document that exploits CVE-2017-11882, a memory corruption vulnerability in Microsoft Offices...

9.3CVSS7.7AI score0.99945EPSS
Exploits33
hivepro
hivepro
added 2023/11/17 8:40 a.m.49 views

In-Depth Analysis of NoEscape Ransomware

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The NoEscape ransomware, suspected to be a rebrand of Avaddon, targets enterprises globally through multi-extortion attacks. Operating as Ransomware-as-a-Service, it encrypts files, changes wallpapers, a...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/10/20 12:47 p.m.49 views

A Longstanding Zero-Day in Citrix Devices Exploited Since August

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A zero-day exploit, identified as CVE-2023-4966, has been actively targeting critical vulnerabilities in Citrix NetScaler ADC/Gateway devices since late August 2023. This exploit has the potential...

5CVSS7.3AI score0.99999EPSS
Exploits15
hivepro
hivepro
added 2023/02/13 11:34 a.m.49 views

Clop Ransomware Group Claims Responsibility for GoAnywhere MFT Attacks

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Clop ransomware group claims responsibility for recent cyber attacks that exploited a zero-day vulnerability in the GoAnywhere MFT secure file transfer tool. The vulnerability, now known as...

2.2AI score0.99999EPSS
Exploits12
hivepro
hivepro
added 2022/11/18 8:42 a.m.49 views

RCE flaw in F5 BIG-IP and BIG-IQ

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Two security flaws in F5 BIG-IP and BIG-IQ can be exploited to enable remote code execution. An adversary could get persistent root access to the devices management interface by successfully...

3.5AI score0.87987EPSS
Exploits7
hivepro
hivepro
added 2023/10/27 7:45 a.m.48 views

Winter Vivern Capitalizes on Zero-Day Flaw in Roundcube

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Winter Vivern cyberespionage group has been actively exploiting a zero-day vulnerability in the Roundcube webmail. The identified vulnerability, CVE-2023-5631, permits stored cross-site scripting...

4.9CVSS6.6AI score0.73445EPSS
Exploits2
hivepro
hivepro
added 2023/08/03 6:1 a.m.48 views

Ivanti Addressed Second Zero-Day Flaw Exploited by Attackers

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The zero-day vulnerability CVE-2023-35081 in Ivanti EPMM enables admin-authenticated attackers to write arbitrary files, risking unauthorized access, OS command execution, and malicious web shell...

5.8CVSS7.1AI score0.63316EPSS
Exploits0
hivepro
hivepro
added 2022/09/16 10:51 a.m.48 views

Monti ransomware infiltrates networks via the well-known Log4Shell

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Monti ransomware infiltrated the clients internet-facing VMware Horizon virtualization system by exploiting the well-known "Log4Shell" vulnerability, a.k.a. CVE-2021-44228. Furthermore, the threat...

9.3CVSS2AI score0.99999EPSS
Exploits348
hivepro
hivepro
added 2022/03/10 6:21 a.m.48 views

Mozilla release Security Advisories for multiple vulnerabilities affecting Firefox and Firefox ESR

THREAT LEVEL: Green. For a detailed advisory, download the pdf file here Mozilla addressed multiple security vulnerabilities by releasing two security advisories and four of the bugs have high impact. One of the four vulnerabilities is a Time-of-Check Time-of-Use bug CVE-2022-26387, which occurs...

9AI score0.00931EPSS
Exploits2
hivepro
hivepro
added 2021/12/01 4:26 a.m.48 views

Microsoft could not patch this vulnerability yet again

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. An improperly patched Windows vulnerability CVE-2021-24084 can lead to local privilege escalation and information disclosure. The vulnerability was disclosed in October 2020 and even after Microsoft addressed this...

4.9CVSS0.9AI score0.02745EPSS
Exploits0
hivepro
hivepro
added 2024/02/08 2:6 p.m.47 views

Mispadu Leverages CVE-2023-36025 Vulnerability in Latest Attack

Summary: A new variant of the Mispadu infostealer, a malware known for targeting Spanish and Portuguese speakers, specifically targets Mexican regions and leverages the CVE-2023-36025 vulnerability to gain access. It extends its data theft reach beyond previous versions, capturing browser history...

6.8CVSS7.4AI score0.88196EPSS
Exploits2
hivepro
hivepro
added 2024/01/18 9:45 a.m.47 views

Google Fixes First Actively Exploited Chrome Zero-day of 2024

Summary: Google has addressed the first actively exploited Chrome zero-day vulnerability of 2024, identified as CVE-2024-0519. Its a high-severity out-of-bounds memory access weakness in Chromes V8. Attackers could exploit it to access data beyond the intended memory buffer, potentially leaking...

6.8CVSS6.3AI score0.03769EPSS
Exploits1
hivepro
hivepro
added 2024/01/08 9:7 a.m.47 views

Ivanti Addresses Critical Vulnerability in Endpoint Manager

Summary: Ivanti addressed a critical vulnerability CVE-2023-39336 in its Endpoint Management software, ensuring secure usage for its 40,000 worldwide customers. The flaw, resolved in version 2022 Service Update 5, posed a risk of pre-authenticated sql injection and possibly Remote Code Injection ...

5.8CVSS8.2AI score0.0997EPSS
Exploits0
hivepro
hivepro
added 2022/12/15 1:53 p.m.47 views

Citrix ADC and Gateway Zero-Day Vulnerability Exploited by APT5

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Patch Tuesday for December tackles two zero-day vulnerabilities, one of which is being actively exploited CVE-2022-44698 and another that was publicly disclosed at the time of release CVE-2022-44710, alo...

2.1AI score0.76106EPSS
Exploits0
hivepro
hivepro
added 2022/12/15 11:42 a.m.47 views

Microsoft addresses actively exploited zero-day and numerous critical flaws

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Patch Tuesday for December tackles two zero-day vulnerabilities, one of which is being actively exploited CVE-2022-44698 and another that was publicly disclosed at the time of release...

2AI score0.76106EPSS
Exploits0
hivepro
hivepro
added 2024/04/03 2:11 a.m.46 views

Attacks, Vulnerabilities and Actors 25 to 31 March 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of twelve attacks were executed, ten vulnerabilities were uncovered, and two active adversaries were...

8.1AI score0.19883EPSS
Exploits6
hivepro
hivepro
added 2024/02/07 9:43 a.m.46 views

EventLogCrasher Flaw Not Serviced by Microsoft

Summary: A recently identified vulnerability, known as EventLogCrasher, poses a significant risk to Windows platforms by allowing authenticated attackers to disrupt the Windows Event Log service. This vulnerability affects all iterations of Windows and has yet to be addressed by Microsoft, lackin...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/05/03 7:19 a.m.46 views

FIN7-Affiliated Hackers Exploit Flaws in Veeam Backup Servers

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Publicly accessible servers using Veeam Backup & Replication VBR software were attacked, likely through a recently fixed vulnerability CVE-2023-27532, by a group with similarities to the FIN7 activity...

6.8AI score0.7761EPSS
Exploits4
Total number of security vulnerabilities1589