Lucene search
K
HiveproMost viewed

1589 matches found

hivepro
hivepro
added 2023/05/17 9:26 a.m.40 views

Rancoz Ransomware Employs Advanced Techniques to Encrypt Victims’ Files

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Rancoz ransomware demonstrates the growing danger of tailored ransomware strains, leveraging advanced encryption techniques. To receive real-time threat advisories, please follow HiveForce Labs on Linked...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/04/17 9:48 a.m.40 views

Google Chrome Emergency Update Fixes Zero-Day Exploit in the Wild

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A potential vulnerability in Google Chrome versions before 112.0.5615.121, identified as CVE-2023-2033, involves Type confusion in V8, which could allow a remote attacker to potentially exploit he...

8.5AI score0.40798EPSS
Exploits1
hivepro
hivepro
added 2022/10/28 8:52 a.m.40 views

Threat Actors launch a campaign to exploit vulnerability in Fortinet

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Tailgate campaign is currently being carried out by the threat actors Hafnium and OilRig. The goal of this campaign is to exploit vulnerabilities in Fortinet. Recently discovered vulnerability...

2.1AI score0.99984EPSS
Exploits25
hivepro
hivepro
added 2022/09/26 11:9 a.m.40 views

Zero-day vulnerability in Windows terminal management tool gets a hotfix

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Microsoft Endpoint Configuration Manager MECM has a spoofing vulnerability that allows remote attackers to access sensitive data. The zero-day vulnerability has been identified as CVE-2022-37972...

4AI score0.01433EPSS
Exploits0
hivepro
hivepro
added 2022/03/09 2:37 p.m.40 views

Chinese state-sponsored threat group APT41 targets U.S. critical organizations using two Zero-Days

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here A China state-sponsored threat group known as APT41 is observed compromising at least six U.S. state governments networks in a threat campaign beginning from May 2021. APT41 is a well-known Chinese state-sponsored espionage...

9.3CVSS0.2AI score0.99999EPSS
Exploits348
hivepro
hivepro
added 2024/02/08 2:38 p.m.39 views

JetBrains TeamCity Authentication Bypass Flaw, Paving the Way for Server Takeover

Summary: JetBrains addressed a critical security flaw in its TeamCity On-Premises product. The vulnerability identified as CVE-2024-23917, could potentially allow an unauthorized attacker with HTTPS access to a TeamCity server to circumvent authentication mechanisms and acquire administrative...

7.5CVSS7.4AI score0.5373EPSS
Exploits0
hivepro
hivepro
added 2024/01/29 2:47 p.m.39 views

Attacks, Vulnerabilities and Actors 22 January to 28 January 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of eight executed attacks, three instances of adversary activity, and three exploited...

7.5CVSS9.9AI score0.99984EPSS
Exploits31
hivepro
hivepro
added 2024/01/24 8:44 a.m.39 views

Apple Fixes First Actively Exploited Zero-day of 2024

Summary: The CVE-2024-23222 vulnerability in Apples WebKit is actively being exploited, as the processing of maliciously crafted web content may result in arbitrary code execution, posing a severe threat to the security and control of affected tvOS, iPhones, iPads, and macOS. Immediate updating i...

7.4AI score0.10593EPSS
Exploits6
hivepro
hivepro
added 2024/01/12 7:43 a.m.39 views

Two Zero-Day Flaws Found in Ivanti Connect Secure and Policy Secure

Summary: The active exploitation of zero-day vulnerabilities CVE-2023-46805 and CVE-2024-21887 in Ivanti Connect Secure and Ivanti Policy Secure gateways presents a serious threat, allowing unauthorized remote code execution. The actor, recognized as the Chinese nation-state-level entity UTA0178,...

6.4CVSS7.8AI score0.99999EPSS
Exploits23
hivepro
hivepro
added 2023/12/07 5:51 a.m.39 views

Adobe ColdFusion Vulnerability Leads to Federal Agency Breach

Summary: Unidentified threat actors exploit Adobe ColdFusion vulnerability CVE-2023-26360 on government servers, leading to potential unauthorized code execution. Incidents involve reconnaissance, data extraction attempts, and emphasize the importance of software updates. Threat Level - Red |...

5CVSS7.7AI score0.97115EPSS
Exploits13
hivepro
hivepro
added 2023/10/31 5:56 a.m.39 views

Attacks, Vulnerabilities and Actors 23 October to 29 October 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of seven executed attacks, two instances of adversary activity, and three exploited...

4.9CVSS7.4AI score0.73445EPSS
Exploits2
hivepro
hivepro
added 2023/09/15 6:10 a.m.39 views

Apple Addresses Two Zero-Day Flaws Exploited by Attackers

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Apples two zero-day vulnerabilities CVE-2023-41064 and CVE-2023-41061 enable arbitrary code execution and system crashes. As these vulnerabilities are actively exploited, they pose severe risks,...

4.4CVSS7.8AI score0.15263EPSS
Exploits2
hivepro
hivepro
added 2023/08/22 1:26 a.m.39 views

Cuba Ransomware Targets U.S. with Veeam Exploit

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Cuba ransomware has targeted attacks on critical infrastructure organizations in the United States and IT enterprises across Latin America. In order to acquire credentials, it employs a blend of old...

5CVSS6.9AI score0.7761EPSS
Exploits4
hivepro
hivepro
added 2023/03/23 8:2 a.m.39 views

A Deserialization Vulnerability Found in Apache Dubbo

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Apache has released a security notice for a deserialization vulnerability CVE-2023-23638 in Apache Dubbo that allows remote attackers to execute arbitrary code on the target system. To receive...

9.6AI score0.04847EPSS
Exploits3
hivepro
hivepro
added 2023/03/22 8:56 a.m.39 views

UNC3886 targets technologies with custom malware and exploits zero-day vulnerabilities

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary UNC3886 is a cyber espionage Chinese group that targets technologies without EDR solutions and exploits zero-day vulnerabilities to steal user credentials and maintain access. To receive real-time threat...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/03/02 9:59 a.m.39 views

Iron Tiger APT Group Updates SysUpdate Malware to Target Linux Platforms

Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary The Iron Tiger aka APT27 group updated their custom malware, SysUpdate, to target Linux platforms and evade security solutions. They specifically targeted a...

0.1AI score
Exploits0
hivepro
hivepro
added 2023/02/09 12:23 p.m.39 views

The SteelClover Group is Spreading Malware via Google Ads in Japan

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary SteelClover is a malicious attack group that has been active since 2019 and has been observed to conduct various attacks for financial gain. SteelClover recently saw a rise in malware downloading inciden...

2.7AI score
Exploits0
hivepro
hivepro
added 2023/01/18 11:51 a.m.39 views

Google Chrome Vulnerability Exposes Data of 2.5 Billion Users

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A vulnerability in Google Chrome could affect over 2.5 billion users. An attacker can exploit this vulnerability for the theft of sensitive files, such as crypto wallets and cloud provider...

3.1AI score
Exploits0
hivepro
hivepro
added 2022/09/14 2:32 p.m.39 views

Zero-day Vulnerability in the WordPress BackupBuddy Plugin

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A zero-day vulnerability in the BackupBuddy WordPress plugin is being actively exploited. There are an estimated 140,000 active installations of the plugin, and the arbitrary file download/read...

3.4AI score0.63761EPSS
Exploits2
hivepro
hivepro
added 2022/04/20 6:34 a.m.39 views

Two Vulnerabilities discovered in AWS Client VPN

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here Two flaws have been discovered in the AWS VPN Client. One of them CVE-2022-25166 was discovered due to a time-of-check to time-of-use TOCTOU condition, which could lead to privilege escalation. Another vulnerability...

4.3CVSS1.5AI score0.0145EPSS
Exploits2
hivepro
hivepro
added 2022/01/17 2:38 p.m.39 views

Ukraine government entities targeted by a destructive malware “Whispergate”

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. A malware attack was carried out on Ukraine government, non-profit, and IT entities with a wiper disguised as ransomware. The threat actor, DEV-0586 targeted government bodies that provide critical executive branch or emergen...

6.4CVSS0.2AI score0.90418EPSS
Exploits1
hivepro
hivepro
added 2021/11/30 10:11 a.m.39 views

Have you updated your Zoom meeting?

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Two Critical vulnerabilities have been found in Zoom products. These vulnerabilities were discovered by Natalie Silvanovich, a researcher from Google Project Zero. The first vulnerability, CVE-2021-34423 is a high severity...

7.5CVSS2AI score0.03207EPSS
Exploits2
hivepro
hivepro
added 2024/01/17 12:5 p.m.38 views

Juniper’s Critical RCE Vulnerability Shakes Network Security

Summary: Juniper Networks has a critical remote code execution RCE vulnerability, CVE-2024-21591, which affects SRX Series firewalls and EX Series switches. This flaw enables attackers to trigger a Denial-of-Service condition and potentially execute remote code with root privileges. Threat Level ...

7.5CVSS8.1AI score0.17668EPSS
Exploits1
hivepro
hivepro
added 2024/01/04 1:58 p.m.38 views

Attacks, Vulnerabilities and Actors 25 December to 31 December 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of eight executed attacks, four instances of adversary activity, and five exploited...

7.5CVSS8.3AI score0.96001EPSS
Exploits12
hivepro
hivepro
added 2023/12/13 6:46 a.m.38 views

Lazarus’s Operation Blacksmith Deploys Novel Dlang RATs

Summary: The Lazarus Group, a North Korea-linked threat actor, has been identified in a new global campaign called "Operation Blacksmith." In this campaign, the group opportunistically exploits the security vulnerability CVE-2021-44228 in Log4j to deploy previously undocumented RATs on compromise...

9.3CVSS7AI score0.99999EPSS
Exploits348
hivepro
hivepro
added 2023/10/14 8:25 a.m.38 views

GNOME Linux Systems Exposed to 1-Click RCE Attacks

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A new security vulnerability, known as CVE-2023-43641, has been identified in the libcue library. This library is utilized by Tracker Miners and is shipped along with the GNOME desktop environment...

7.5AI score0.1657EPSS
Exploits1
hivepro
hivepro
added 2023/01/25 3:14 a.m.38 views

Actors, Threats and Vulnerabilities 16 January 2023 – 22 January 2023

For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here Hive Pro identified three active actors during the past week. The first, Earth Bogle, is a notable threat actor known for information theft and espionage. The second,...

1.9AI score0.99753EPSS
Exploits15
hivepro
hivepro
added 2022/10/28 7:21 a.m.38 views

Stranger Strings: A 22-year-old vulnerability in SQLite

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A vulnerability in the SQLite library API has been assigned CVE-2022-35737, which could allow an attacker to crash or control programs...

2.7AI score0.19193EPSS
Exploits2
hivepro
hivepro
added 2022/08/25 9:29 a.m.38 views

Input validation flaw in GitLab’s Community and Enterprise Software

Threat Level Vulnerability Report For a detailed advisory, download the pdf file here Summary A remote code execution vulnerability that affects GitLab Community Edition CE and Enterprise Edition EE has been identified as CVE-2022-2884. It can be exploited using the GitHub import API, However it...

2.4AI score0.75718EPSS
Exploits4
hivepro
hivepro
added 2022/03/21 1:54 p.m.38 views

Environment Variables Leak affect Multiple browsers

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. A system environment variables leak security bug was found in Chromium 92 version. Multiple web browsers are based on the chromium engine, such as Google Chrome, Microsoft Edge, Opera, and Brave. Most of them are reported t...

1.3AI score0.01266EPSS
Exploits2
hivepro
hivepro
added 2022/03/08 11:40 a.m.38 views

Two actively exploited Zero-Day vulnerabilities discovered in Mozilla Firefox

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Two critical zero-day vulnerabilities have been identified in Mozilla Firefox that are being exploited in-the-wild and tracked as CVE-2022-26485 and CVE-2022-26485. Both are use-after-free bugs that exist in XSLT parameter...

2.1AI score0.14261EPSS
Exploits1
hivepro
hivepro
added 2022/02/16 1:43 p.m.38 views

VMware addresses security flaws discovered during Tianfu Cup Pwn Contest

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here VMware addressed vulnerabilities in ESXi, Workstation, Fusion, and Cloud Foundation, few months after the discovery of these bugs by participants at Tianfu Cup Pwn Contest. VMware has rated some of these vulnerabilities as...

6CVSS0.7AI score0.01035EPSS
Exploits0
hivepro
hivepro
added 2024/03/23 2:6 a.m.37 views

Critical SQL Injection Vulnerability Discovered in Atlassian Bamboo

Summary: Atlassian has released patches addressing several security vulnerabilities, including a significant critical issue impacting Bamboo Data Center and Server, identified as CVE-2024-1597. This flaw, leading to a SQL injection, poses a risk of unnecessary data exposure and potential data...

7.5CVSS7.4AI score0.0481EPSS
Exploits0
hivepro
hivepro
added 2024/03/14 6:10 p.m.37 views

Microsoft’s March 2024 Patch Tuesday Addresses 60 Vulnerabilities

Summary: Microsofts March 2024 Patch Tuesday addresses 60 vulnerabilities, including two critical vulnerabilities, spanning various products like Office, Exchange Server, and Windows Kernel. Critical flaws in Windows Hyper-V CVE-2024-21407 and CVE-2024-21408 require immediate attention to mitigat...

5.1CVSS6.8AI score0.16384EPSS
Exploits0
hivepro
hivepro
added 2024/03/06 5:58 p.m.37 views

Apple Rolls Out Critical Updates to Address Zero-Day Flaws

Summary: Apple has addressed two zero-day vulnerabilities in iOS, namely CVE-2024-23225 and CVE-2024-23296. These vulnerabilities were exploited in attacks targeting Mobile devices, providing attackers with arbitrary kernel read and write privileges, enabling them to bypass kernel memory...

4.3CVSS7AI score0.01481EPSS
Exploits0
hivepro
hivepro
added 2023/11/10 6:46 a.m.37 views

BlazeStealer Malware Uncovered in Python Packages on PyPI

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Python Package Index PyPI repository is infiltrated with number of malicious python packages. These packages masquerade as obfuscation tools, however they harbor BlazeStealer malware, which initiates a...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/10/20 12:59 p.m.37 views

North Korean Actors Behind Active Exploitation of TeamCity Vulnerability

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The North Korean threat actors Lazarus and its subgroup Andariel are actively exploiting the CVE-2023-42793 vulnerability, which is an authentication bypass vulnerability, after successful exploitation, ...

7.5CVSS8.3AI score0.99979EPSS
Exploits17
hivepro
hivepro
added 2023/10/14 8:1 a.m.37 views

China’s Cyber Espionage Targets Semiconductor Giants in East Asia

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary In recent cyber espionage activities, threat actors affiliated with the Peoples Republic of China PRC have targeted semiconductor companies operating in Mandarin/Chinese-speaking regions of East Asia...

6.8AI score
Exploits0
hivepro
hivepro
added 2022/10/28 7:27 a.m.37 views

VMware Cloud Foundation has a significant RCE flaw

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A Remote Code Execution RCE vulnerability through the XStream open-source library tagged as CVE-2021-39144 in the VMware Cloud Foundation, which is a hybrid cloud platform for hosting enterprise...

6CVSS1.8AI score0.9851EPSS
Exploits6
hivepro
hivepro
added 2022/09/06 3:23 a.m.37 views

Google Chrome browser suffers from another zero-day vulnerability

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary There is a vulnerability in the Chrome browser, identified as CVE-2022-3075, that is actively exploited in the wild...

3.7AI score0.0568EPSS
Exploits0
hivepro
hivepro
added 2022/02/09 1:44 p.m.37 views

Microsoft Patch Tuesday addresses a zero-day vulnerability in Windows Kernel

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here Microsoft addressed 51 vulnerabilities in the February 2022 patch Tuesday release, one of which was classified as a zero-day vulnerability. A remote attacker could exploit some of these vulnerabilities to gain control of a...

6.9CVSS0.3AI score0.03193EPSS
Exploits0
hivepro
hivepro
added 2024/03/27 5:12 a.m.36 views

Attacks, Vulnerabilities and Actors 18 to 24 March 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of fifteen attacks were executed, eight vulnerabilities were uncovered, and five active adversaries...

7.5CVSS7.6AI score0.99991EPSS
Exploits40
hivepro
hivepro
added 2023/12/15 6:56 a.m.36 views

Critical Remote Code Execution Flaw Uncovered in Apache Struts 2

Summary: A significant vulnerability has been identified in the Apache Struts 2 open-source web application framework, labeled CVE-2023-50164. This flaw poses a severe risk of remote code execution and unauthorized path traversal. Threat Level - Red | Vulnerability Report For a detailed threat...

7.5CVSS7.6AI score0.80819EPSS
Exploits15
hivepro
hivepro
added 2023/07/13 6:59 a.m.36 views

Exploit found in the wild for Critical VMware Aria Operations Bug

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary An exploit has surfaced for CVE-2023-20864, a highly significant security vulnerability within the VMware Aria Operations for Logs analysis tool utilized in cloud management. This exploit empowers...

7.5CVSS7.7AI score0.7165EPSS
Exploits0
hivepro
hivepro
added 2023/04/19 11:31 a.m.36 views

Hive Pro: Threat Exposure Management – Datasheet

In this video, Anand Choudha, CEO at Hive Pro, and Jeelan Poola, CPO at Hive Pro, introduce the HivePro Uni5 Threat Exposure Management Platform. HivePro Uni...

6.8AI score
Exploits0
hivepro
hivepro
added 2022/11/29 6:11 a.m.36 views

Actively Exploited Zero-Day Bug in Chrome

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary CVE-2022-4135 is a high-severity heap buffer overflow issue that affects the GPU component. The fault is caused by a boundary error in the GPU while processing untrusted HTML input. An attacker wh...

1AI score0.31864EPSS
Exploits1
hivepro
hivepro
added 2022/10/13 12:15 p.m.36 views

Did Patch Tuesday address the zero-day flaw in Microsoft Exchange

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Microsoft addresses two new zero-day vulnerabilities tracked under CVE-2022-41033, an Elevation of Privilege vulnerability exploited in the wild. CVE-2022-41043 is an Information Disclosure...

1.1AI score0.01777EPSS
Exploits0
hivepro
hivepro
added 2022/01/19 1:49 p.m.36 views

Zoho ManageEngine Desktop Central affected by critical vulnerability

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Zoho has patched a critical vulnerability CVE-2021-44757 in Desktop Central and Desktop Central MSP which are unified endpoint management UEM solutions. A security vulnerability exists in the Desktop Central and Desktop...

6.4CVSS0.1AI score0.24195EPSS
Exploits0
hivepro
hivepro
added 2022/01/10 4:0 p.m.36 views

A similar vulnerability like Log4shell discovered in H2 database console

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. An unauthenticated remote code execution vulnerability similar to Log4shell has been discovered in H2 Database a popular Java SQL database console and has been assigned CVE-2021-42392. It is claimed to be similar to the...

10CVSS2.2AI score0.63211EPSS
Exploits3
hivepro
hivepro
added 2024/07/10 5:49 p.m.35 views

Attacks, Vulnerabilities and Actors 01 to 07 July 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made substantial advancements in identifying cybersecurity threats. In just the past week, HiveForce Labs detected eleven executed attacks, reported five vulnerabilities, and identified three active...

8.8CVSS7.4AI score0.99506EPSS
Exploits107
Total number of security vulnerabilities1589