Lucene search
K
HiveproMost viewed

1589 matches found

hivepro
hivepro
added 2023/01/15 6:28 p.m.46 views

Pro-Russian Hacktivist Group NoName057(16) Launches Cyber Attacks on Ukraine and NATO Organizations

Threat Level Actors Report For a detailed threat advisory, download the pdf file here Summary NoName05716 is a pro-Russian hacktivist group that has been conducting a campaign of DDoS attacks on Ukraine and NATO organizations since the early days of the war in Ukraine. The group has targeted...

1.1AI score
Exploits0
hivepro
hivepro
added 2022/11/30 11:46 a.m.46 views

Adversaries strike critical Windows IKE flaw in the “Bleed You” campaign

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary An active "Bleed You" campaign is leveraging a critical RCE CVE-2022-34721 vulnerability in Windows Internet Key Exchange IKE Protocol Extensions to assist subsequent malware and ransomware assaults and...

4.6AI score0.75711EPSS
Exploits0
hivepro
hivepro
added 2022/11/10 10:1 a.m.46 views

Microsoft addressed ProxyNotShell with November Patch Tuesday

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Microsoft addressed six zero-day vulnerabilities in this patch Tuesday, along with other significant vulnerabilities that could lead to Remote Code Execution, Information Disclosure, and Denial of...

1.7AI score0.24808EPSS
Exploits0
hivepro
hivepro
added 2022/04/07 9:23 a.m.46 views

Sandworm Team using a new modular malware Cyclops Blink

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here The National Cyber Security Centre NCSC in the United Kingdom, the Cybersecurity and Infrastructure Security Agency CISA, the National Security Agency NSA, and the Federal Bureau of Investigation FBI have discovered that the...

9CVSS0.13318EPSS
Exploits1
hivepro
hivepro
added 2021/09/22 1:29 p.m.46 views

Drop everything and patch VMware’s vCenter Server Vulnerabilities

THREAT LEVEL: Green. For a detailed advisory, download the pdf file here. VMware has issued patches for 19 new vulnerabilities. CVE-2021-22005 is the worst of the lot, defined as "an arbitrary file upload vulnerability in the Analytics service" of the vCenter Server. An attacker with network acce...

7.5CVSS1.1AI score0.99999EPSS
Exploits11
hivepro
hivepro
added 2023/11/28 5:18 a.m.45 views

Attacks, Vulnerabilities and Actors 20 November to 26 November 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of eight executed attacks, six instances of adversary activity, and one exploited...

7.5CVSS9.6AI score0.99654EPSS
Exploits31
hivepro
hivepro
added 2023/11/14 8:22 a.m.45 views

Lace Tempest Exploits Zero-Day in a Strategic Strike on SysAid

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Lace Tempest has been implicated in exploiting a zero-day vulnerability, identified as CVE-2023-47246. This exploitation allows for the execution of code within SysAid on-premise software, leading...

7.5CVSS7.5AI score0.98851EPSS
Exploits3
hivepro
hivepro
added 2023/10/05 10:18 a.m.45 views

‘Looney Tunables’ Flaw Enables Local Privilege Escalation in Glibc

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary CVE-2023-4911, also known as "Looney Tunables," is a critical buffer overflow vulnerability discovered in the GNU C Librarys dynamic loader, specifically in the processing of the GLIBCTUNABLES...

4.3CVSS7.4AI score0.81422EPSS
Exploits26
hivepro
hivepro
added 2023/02/22 8:47 a.m.45 views

DarkCloud Stealer A Multi-Stage Malware That Pilfers Sensitive data

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary DarkCloud Stealer is a type of malware distributed worldwide through spam operations and designed to pilfer sensitive information from a victims device. The sale of DarkCloud Stealer was reported in...

3.3AI score
Exploits0
hivepro
hivepro
added 2023/02/16 1:7 p.m.45 views

Dalbit Threat Actor Launches Attack Campaign Against Multiple Korean Organizations

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Dalbit is a threat actor group that has been active since at least 2022. They have been targeting South Korean companies, with more than 50 confirmed attack attempts so far. The group relies on open-sourc...

1.3AI score
Exploits0
hivepro
hivepro
added 2023/02/14 10:51 a.m.45 views

Apple Addressed A Zero-day Vulnerability With An Emergency Security Update

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Apple has released an emergency security update to fix a zero-day vulnerability, CVE-2023-23529, that could be used to hack iPhones, iPads, and Macs. The vulnerability was found in WebKit and coul...

0.5AI score0.09502EPSS
Exploits0
hivepro
hivepro
added 2022/04/25 12:42 p.m.45 views

Bypass Authentication vulnerability in Atlassian Jira Seraph

THREAT LEVEL: Green. For a detailed advisory, download the pdf file here Atlassian has addressed a vulnerability in its Jira Seraph software, tracked as CVE-2022-0540. An unauthenticated attacker can use to bypass authentication. By submitting a specially crafted HTTP request to the affected...

6.8CVSS2.4AI score0.88333EPSS
Exploits2
hivepro
hivepro
added 2021/08/11 1:25 p.m.45 views

Critical Vulnerabilities revealed in Microsoft’s Patch Tuesday

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Multiple vulnerabilities have been patched by Microsoft in August 2021 Patch Tuesday. Three of them have been labeled as zero-day vulnerabilities CVE-2021-36936, CVE-2021-36942, and CVE-2021-36948. One of them CVE-2021-36948...

7.5CVSS0.2AI score0.66023EPSS
Exploits4
hivepro
hivepro
added 2024/02/19 5:35 a.m.44 views

Water Hydra Exploits CVE-2024-21412 to Target Financial Traders

Summary: Water Hydra exploited CVE-2024-21412 to bypass Microsoft Defender SmartScreen, targeting financial traders with DarkMe malware through sophisticated spearphishing tactics. This underscores the persistent threat of APT groups and highlights the challenge of defending against evolving atta...

5.8CVSS7AI score0.95443EPSS
Exploits2
hivepro
hivepro
added 2024/01/24 1:24 p.m.44 views

Critical RCE Flaw in Atlassian Confluence Sparks Active Exploitation

Summary: CVE-2023-22527 is a critical Remote Code Execution vulnerability in outdated Atlassian Confluence versions, actively exploited by malicious actors. Immediate patching to recommended versions is crucial, as nearly 40,000 exploitation attempts have been recorded within three days of...

7.5CVSS7.9AI score0.99984EPSS
Exploits31
hivepro
hivepro
added 2023/12/29 4:5 a.m.44 views

Barracuda Fixes ACE Zero-day Vulnerability Exploited by Attackers

Summary: The Barracuda Email Security Gateway vulnerability CVE-2023-7102 allows remote attackers to execute arbitrary commands, posing a substantial threat to the security and functionality of affected systems. Exploitation by threat actors has led to the deployment of new malware variants,...

7.9AI score0.43323EPSS
Exploits2
hivepro
hivepro
added 2023/12/22 7:32 a.m.44 views

Google’s Battle Against Zero-Day Vulnerability Continues

Summary: Google has recently implemented a security enhancement to address a high-severity zero-day vulnerability, identified as CVE-2023-7024, that can lead to program crashes or enable arbitrary code execution. Threat Level - Red | Vulnerability Report For a detailed threat advisory, download t...

6.8CVSS7.6AI score0.07356EPSS
Exploits2
hivepro
hivepro
added 2023/09/22 5:19 a.m.44 views

GitLab Releases Critical Patch to Address Pipeline Execution Vulnerability

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The critical security vulnerability CVE-2023-5009 affects all versions of GitLab Enterprise Edition EE. This vulnerability is significant as it enables an attacker to execute pipelines as another...

7.5CVSS7AI score0.08263EPSS
Exploits1
hivepro
hivepro
added 2023/09/07 1:30 p.m.44 views

DreamBus Botnet Exploiting A Critical Vulnerability in Apache RocketMQ

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A critical vulnerability CVE-2023-33246 in Apache RocketMQ servers enables remote code execution, leading to a surge in attacks, including the deployment of the DreamBus malware. Timely system...

7.5CVSS7.5AI score0.96604EPSS
Exploits11
hivepro
hivepro
added 2023/03/27 7:25 a.m.44 views

A Financially Motivated Threat Group UNC961 Targeting North American Organizations

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary UNC961 is a financially motivated cyber threat group that targets organizations in North America, with a focus on exploiting vulnerable Internet-facing servers during periods of vulnerability and exploit...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/01/19 12:24 p.m.44 views

GitLab releases new CE and EE versions to address integer overflow vulnerabilities

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The GitLab CE and EE have two security issues in Git. One of them is CVE-2022-41903, which is an integer overflow in the ‘git-log’ and ‘git-archive’ commands that can result in arbitrary heap writ...

2.7AI score0.56334EPSS
Exploits0
hivepro
hivepro
added 2022/09/29 6:56 a.m.44 views

Vulnerable Atlassian Confluence Servers utilized to drop Crypto Miners

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Atlassian Confluence Servers CVE-2022-26134, an unauthenticated remote code execution RCE vulnerability that was recently patched, is being used by adversaries to deploy cryptocurrency mining malware...

7.5CVSS5.1AI score0.99999EPSS
Exploits75
hivepro
hivepro
added 2023/07/11 11:43 a.m.43 views

Apple Addresses A Zero-Day Vulnerability Which Is Actively Exploited in Wild

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The zero-day vulnerability CVE-2023-37450 discovered in multiple Apple products is being actively exploited in the wild, specifically when processing web content. This vulnerability can potentially resul...

7.6AI score0.18185EPSS
Exploits0
hivepro
hivepro
added 2023/02/24 10:49 a.m.43 views

Lazarus Strikes with WinorDLL64 Backdoor Discovered in Wslink Malware loader

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A newly discovered backdoor named WinorDLL64 seems to be associated with the malware downloader Wslink. This revelation suggests that Lazarus, the notorious North Korea-aligned group, may have employed...

1.5AI score
Exploits0
hivepro
hivepro
added 2022/11/23 12:13 p.m.44 views

Atlassian Addresses Issues in Crowd and Bitbucket Products

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Atlassian has two security holes that can be abused to allow arbitrary code execution. CVE-2022-43782 allows an intruder connecting from an IP address on the allow list to authenticate as the crow...

3AI score0.98035EPSS
Exploits3
hivepro
hivepro
added 2024/04/01 5:52 a.m.42 views

Google Patches Critical Zero-Day Exploits Found at Pwn2Own

Summary: Google patched two zero-day vulnerabilities in Chrome CVE-2024-2886, CVE-2024-2887 from Pwn2Own Vancouver 2024, allowing arbitrary code execution. Updating Chrome is essential to ensure youre protected. Threat Level - Red | Vulnerability Report For a detailed threat advisory, download th...

7.9AI score0.19883EPSS
Exploits6
hivepro
hivepro
added 2024/03/14 6:27 p.m.42 views

Fortinet Releases Patches for Critical Vulnerabilities in Various Products

Summary: A critical SQL Injection vulnerability CVE-2023-48788 in FortiClientEMS software enables attackers to execute unauthorized code or commands via specially crafted HTTP requests. Additionally, two other critical bugs in FortiOS and FortiProxy have been addressed. Update promptly to patched...

7.5CVSS8.7AI score0.97591EPSS
Exploits4
hivepro
hivepro
added 2024/03/01 3:8 p.m.42 views

Ivanti Gateways Under Attack by Cybercriminals Patch Now

Summary: Cyber threat actors have been exploiting vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure gateways, including CVE-2023-46805, CVE-2024-21887, and CVE-2024-21893, which allow them to bypass authentication and execute arbitrary commands with elevated privileges. Despite...

6.4CVSS8.5AI score0.99999EPSS
Exploits24
hivepro
hivepro
added 2024/02/20 11:51 a.m.42 views

Attacks, Vulnerabilities and Actors 12 to 18 February 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of eight attacks were executed, five vulnerabilities were uncovered, and three active adversaries we...

5.8CVSS7.5AI score0.95443EPSS
Exploits2
hivepro
hivepro
added 2024/02/12 11:47 a.m.42 views

Ivanti Addresses Yet Another VPN Flaw Within a Month

Summary: Ivanti has addressed a newly discovered vulnerability impacting ZTA, Policy, and Connect Secure gateways. Tracked as CVE-2024-22024, this vulnerability stems from a weakness in the SAML component of the gateways related to XXE XML eXternal Entities, enabling remote attackers to access...

7.5CVSS7.2AI score0.94721EPSS
Exploits1
hivepro
hivepro
added 2023/11/15 9:15 a.m.42 views

Attacks, Vulnerabilities and Actors 6 November to 12 November 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of twenty-five executed attacks, six instances of adversary activity, and four exploited...

7.5CVSS7.4AI score0.98851EPSS
Exploits3
hivepro
hivepro
added 2023/11/07 6:24 a.m.42 views

Socks5Systemz Proxy Botnet Infects 10,000 Systems

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A sophisticated proxy botnet known as Socks5Systemz has insidiously infiltrated over 10,000 computers by employing the PrivateLoader and Amadey malware loaders. The masterminds behind this botnet offer...

7.4AI score
Exploits0
hivepro
hivepro
added 2022/12/12 5:43 a.m.42 views

Fortinet addresses Authentication Bypass in addition to numerous flaws

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Fortinet addressed security flaws across its products, including a high-severity authentication bypass affecting FortiOS and FortiProxy tracking CVE-2022-35843 in FortiOSs SSH login component. Onl...

2AI score0.00889EPSS
Exploits0
hivepro
hivepro
added 2022/01/12 10:29 a.m.42 views

Security Updates in Multiple Products of Adobe

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Multiple vulnerabilities have been discovered in Adobe Products: 16 critical vulnerabilities have been fixed in Adobe Acrobat and Reader which are listed below: Code execution: CVE-2021-44701, CVE-2021-44704, CVE-2021-44705...

9.3CVSS2.1AI score0.57304EPSS
Exploits0
hivepro
hivepro
added 2022/01/06 4:36 a.m.42 views

Google fixes multiple vulnerabilities in Chrome

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Google Chrome has been updated to version 97, which addresses 37 security flaws. Google has classed ten of them as High and one as Critical, while the remaining thirteen have been classified as Medium or Low. These flaws po...

0.8AI score0.01477EPSS
Exploits19
hivepro
hivepro
added 2021/07/18 1:12 p.m.42 views

Weren’t you warned about reactivating the Print Spooler?

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. After almost 10 days of releasing an advisory by the Hive Pro Threat Research team, a new vulnerability has been found in Windows Print Spooler. This is a privilege escalation flaw that allows attackers to run arbitrary code...

4.6CVSS8.9AI score0.45423EPSS
Exploits1
hivepro
hivepro
added 2024/01/18 9:49 a.m.41 views

Citrix Warns of Critical Netscaler Flaws Actively Exploited in Attacks – Urges Immediate Patching

Summary: Two zero-day security vulnerabilities, identified as CVE-2023-6548 and CVE-2023-6549, have been discovered in NetScaler ADC and NetScaler Gateway. These vulnerabilities are actively exploited in the wild. CVE-2023-6548 affects the NetScaler management interface, potentially leading to...

6.4CVSS7.8AI score0.57633EPSS
Exploits0
hivepro
hivepro
added 2024/01/15 12:56 p.m.42 views

Active Exploitation of Two Critical Flaws in Microsoft SharePoint

Summary: Active attacks targeting a critical Microsoft SharePoint Server vulnerability CVE-2023-29357 pose a severe risk, enabling privilege escalation for potential full administrator access. This flaw, coupled with CVE-2023-24955, allows arbitrary code execution. Immediate patching is crucial, ...

7.5CVSS8.3AI score0.99618EPSS
Exploits11
hivepro
hivepro
added 2024/01/11 7:20 a.m.41 views

Microsoft’s January 2024 Patch Tuesday Addresses 49 Vulnerabilities

Summary: Microsofts January 2024 Patch Tuesday addressed 49 vulnerabilities, including two critical ones, covering various products. Notably, a high-risk Kerberos security flaw CVE-2024-20674 and a network-adjacent Hyper-V vulnerability CVE-2024-20700 were patched, urging prompt updates to mitiga...

6.8CVSS6.9AI score0.17168EPSS
Exploits1
hivepro
hivepro
added 2023/11/29 11:50 a.m.41 views

Google Addresses Sixth Zero-Day Flaw Exploited by Attackers Wildly

Summary: Multiple vulnerabilities have been discovered in Google Chrome, including a zero-day vulnerability CVE-2023-6345 actively exploited for remote code execution. Users are advised to update Chrome to version 119.0.6045.199/.200 Windows or 119.0.6045.199 Mac and Linux promptly to safeguard...

6.8CVSS8AI score0.1963EPSS
Exploits0
hivepro
hivepro
added 2023/09/12 1:5 p.m.41 views

Google Addresses Fourth Zero-Day Flaw Exploited by Attackers Wildly

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The zero-day vulnerability CVE-2023-4863 in Google Chrome enables arbitrary code execution and system crashes. Actively exploited "in the wild," it poses severe risks, including data exposure and...

7.5AI score0.99739EPSS
Exploits9
hivepro
hivepro
added 2023/08/25 2:19 p.m.41 views

A Critical Vulnerability in Openfire Admin Console Actively Exploited in the Wild

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The vulnerability CVE-2023-32315 in Ignite Realtime Openfire, enabling unauthorized access to privileged pages. Attackers exploit this by bypassing authentication, prompting immediate updates for...

5CVSS6.7AI score0.99999EPSS
Exploits15
hivepro
hivepro
added 2023/06/20 7:53 a.m.41 views

STORM-1359 DDoS triggered outage of Microsoft Services

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The STORM-1359 group a.k.a Anonymous Sudan recently targeted Microsoft services with a DDoS attack, resulting in the disruption of multiple services. To receive real-time threat advisories, please follow...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/02/07 5:28 a.m.41 views

A critical flaw in Cisco IOx Root Access Threat has been discovered

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Cisco has issued security patches to address a high-severity vulnerabilityCVE-2023-20076 in the Cisco IOx application hosting environment that can be exploited to execute arbitrary commands as roo...

2AI score0.01506EPSS
Exploits0
hivepro
hivepro
added 2023/02/01 5:51 a.m.41 views

Proof-of-concept released for Windows CryptoAPI vulnerability

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary CVE-2022-34689 is a critical vulnerability in Windows CryptoAPI that was publicly announced by Microsoft in October 2022. The vulnerability allows an attacker to masquerade as a legitimate entity by...

3AI score0.37926EPSS
Exploits0
hivepro
hivepro
added 2022/07/28 5:58 a.m.41 views

Shell Command Injection Vulnerability found in Apache Spark

Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary Apache Spark recently disclosed a weakness, CVE-2022-33891, which would allow threat actors to execute arbitrary shell commands as a Spark...

3.8AI score0.92984EPSS
Exploits12
hivepro
hivepro
added 2024/03/11 9:51 a.m.40 views

Critical VMware Vulnerabilities Leading To Sandbox Escape

Summary: Critical vulnerabilities tracked as CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, and CVE-2024-22255 have been addressed by Vmware. These vulnerabilities allow attackers to bypass virtual machines and execute commands on the host machine. Workstation, Fusion, Cloud Foundation, and VMwa...

4.6CVSS7.6AI score0.03542EPSS
Exploits0
hivepro
hivepro
added 2023/12/19 6:27 a.m.40 views

Attacks, Vulnerabilities and Actors 11 December to 17 December 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of eleven executed attacks, six instances of adversary activity, and five exploited...

7.5CVSS7.5AI score0.99979EPSS
Exploits17
hivepro
hivepro
added 2023/09/12 5:39 a.m.40 views

Attacks, Vulnerabilities and Actors 4 September to 10 September 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of ten executed attacks, one instance of adversary activity, and six vulnerabilities...

7.5CVSS8AI score0.96604EPSS
Exploits11
hivepro
hivepro
added 2023/07/31 5:57 a.m.40 views

Zimbra Fixes A Zero-Day Vulnerability Exploited in Attacks

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The vulnerability CVE-2023-37580 in Zimbra Collaboration Suite ZCS version 8.8.15 is a Cross-Site Scripting XSS flaw in the Zimbra Classic Web Client interface. Its impact is severe as it can...

5.8CVSS5.9AI score0.59041EPSS
Exploits0
Total number of security vulnerabilities1589