Lucene search
K
HiveproMost viewed

1589 matches found

hivepro
hivepro
added 2023/09/12 6:53 a.m.27 views

HijackLoader a Deceptive Modular Malware Loader

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new malware loader, HijackLoader, is swiftly gaining prominence within the cybercriminal sphere, being leveraged to disseminate an array of malicious malware strains, including DanaBot, SystemBC, and...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/08/30 10:55 a.m.27 views

Agniane Stealer’s Cryptocurrency Quest

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Agniane Stealer, coded in C, operates as an information pilferer. It primarily focuses on extracting stored credentials from a wide array of sources, with a specific emphasis on targeting...

6.6AI score
Exploits0
hivepro
hivepro
added 2023/08/18 8:37 a.m.27 views

JanelaRAT Strikes at Latin American Financial Sector

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary JanelaRAT, a financial malware, is directed toward users in Latin America LATAM with the ability to seize sensitive data. This malicious software primarily focuses on gathering financial and cryptocurren...

6.6AI score
Exploits0
hivepro
hivepro
added 2023/08/18 5:14 a.m.27 views

Monti Ransomware’s New Linux Variant Enhanced Encryption

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Monti ransomware, resembling Conti, resurfaces after a break, targeting legal and government sectors. A new Linux variant diverges significantly, using distinct tactics for encryption and virtual machine...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/07/21 2:53 p.m.27 views

Turla Exploits Ukraine’s Defense Sector with DeliveryCheck Backdoor

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary DeliveryCheck, a .NET-based backdoor, targets Ukraines defense sector, attributed to Russian actor Turla; it aims to exfiltrate Signal app data. Notably, it breaches Microsoft Exchange servers using...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/06/07 12:17 p.m.27 views

Google Addresses High-Stakes Chrome Zero-Day Vulnerability

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Google tackles Chromes zero-day CVE-2023-3079 vulnerability, which is related to a weakness in the Chrome V8 JavaScript engine. It poses a significant threat by allowing attackers to execute...

6.8CVSS7.7AI score0.32724EPSS
Exploits2
hivepro
hivepro
added 2023/05/23 6:2 a.m.27 views

APT28’s Cyber Espionage Campaigns Targeting Ukraine

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The APT28 intrusion group, linked to the Russian GRU and renowned for its cyber espionage and sabotage endeavors, was observed employing various phishing methodologies to target the Ukrainian civic...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/04/27 8:24 a.m.27 views

Daggerfly APT Deploys MgBot to Target African Telecoms Organization

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Daggerfly advanced persistent threat group has been observed using previously unseen plugins from the MgBot malware framework in a recent campaign. To receive real-time threat advisories, please foll...

6.7AI score
Exploits0
hivepro
hivepro
added 2023/03/31 6:45 a.m.27 views

Creal Stealer Preys on Cryptocurrency Users

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A phishing site that is impersonating a cryptocurrency mining platform is disseminating the New Creal Stealer. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn...

6.7AI score
Exploits0
hivepro
hivepro
added 2022/09/04 5:8 p.m.27 views

Chile government’s Windows and Linux servers hit by RedAlert ransomware

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Chilean Ministry of Interior asserted that RedAlert ransomware aka N13V attack had disrupted the operations and online services of a government agency in the country. In classic double-extortion...

3.2AI score
Exploits0
hivepro
hivepro
added 2022/02/24 4:54 a.m.27 views

Chinese APT group targets financial institutions in the campaign “Operation Cache Panda”

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Chinese threat actor APT10 conducted a series of large-scale supply chain attacks that exclusively targeted the financial software systems of Taiwanese financial institutions from the end of November 2021 until the middle of...

2AI score
Exploits0
hivepro
hivepro
added 2022/01/12 7:45 a.m.27 views

Privilege escalation vulnerability in Citrix Workspace for Linux

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. A local privilege escalation vulnerability could allow a local user to gain root privileges on the computer running Citrix Workspace app for Linux. This vulnerability CVE-2022-21825 affects the Citrix Workspace app for Linu...

2.4AI score0.00223EPSS
Exploits0
hivepro
hivepro
added 2021/07/08 3:12 p.m.27 views

Critical vulnerabilities found in WordPress plugin affecting 400,000 sites.

THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Around 400,000 sites were affected by several critical vulnerabilitiesCVE-2021-34621, CVE-2021-34622, CVE-2021-34623, CVE-2021-34624 discovered in ProfilePress, a WordPress plugin. The vulnerabilities are easily exploitable...

7.5CVSS1AI score0.68862EPSS
Exploits14
hivepro
hivepro
added 2024/06/03 10:15 a.m.26 views

UNC5537 Targeting Snowflake Users for Data Theft and Extortion

...

7.3AI score
Exploits0
hivepro
hivepro
added 2024/03/22 9:50 a.m.26 views

Critical Flaw In Ivanti Standalone Sentry Leads To Remote Code Execution

Summary: Ivanti Standalone Sentry has been identified as vulnerable to a critical remote code execution flaw, tracked as CVE-2023-41724. Exploiting this vulnerability, a remote attacker could gain unauthorized access to the target system and execute arbitrary commands. Threat Level - Red |...

8.4AI score0.12844EPSS
Exploits0
hivepro
hivepro
added 2024/03/22 9:44 a.m.26 views

From Observer to Asuka – The Reinvention of Stealer

Summary: A malware-as-a-service MaaS called AsukaStealer, advertised on a Russian-language cybercrime forum by the alias breakcore, has surfaced. Priced at $80 per month, AsukaStealer is written in C++ and features customizable configurations and a user-friendly interface designed for harvesting...

7.2AI score
Exploits0
hivepro
hivepro
added 2024/03/12 6:27 a.m.26 views

Evasive Panda China-Linked Cyberespionage Targeting Tibetans

Summary: Evasive Panda, a threat actor associated with China, has masterminded an intricate cyberespionage campaign targeting Tibetan users since at least September 2023. This operation employs both watering hole and supply chain attacks to achieve its objectives. Threat Level - Red | Attack Repo...

7.2AI score
Exploits0
hivepro
hivepro
added 2024/01/29 12:28 p.m.26 views

AllaKore RAT’s Grip Tightens on Mexican Financial Institutions

Summary: A threat actor has been targeting Mexican banks and cryptocurrency trading since at least 2021. Using custom installers, the actor distributes a modified version of the AllaKore RAT, an open-source remote access tool. The campaign cleverly mimics the Mexican Social Security Institute IMS...

7.3AI score
Exploits0
hivepro
hivepro
added 2023/11/03 6:36 a.m.26 views

Scarred Manticore’s Middle Eastern Gambit

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Scarred Manticore, an actor associated with Irans Ministry of Intelligence and Security MOIS, has been conducting a highly sophisticated cyber espionage campaign with a strong focus on the Middle East...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/10/03 7:29 a.m.26 views

CISA Known Exploited Vulnerability Catalog September 2023

For a detailed CISAs KEV Catalog, download the pdf file here Summary The Known Exploited Vulnerability KEV catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. To be included in the catalog, a vulnerability must meet three criteria: hav...

7AI score
Exploits0
hivepro
hivepro
added 2023/10/02 10:8 a.m.26 views

AtlasCross Exploits Organizations with DangerAds and AtlasAgent Trojans

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new threat actor by the name of AtlasCross has been identified employing phishing tactics that use Red Cross-themed lures as part of their attack strategy. These phishing campaigns are being used to...

6.9AI score
Exploits0
hivepro
hivepro
added 2023/08/08 8:39 a.m.26 views

STRRAT a Java-Powered Versatile Remote Access Trojan

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary STRRAT, a Java-based RAT, excels in utilizing a wide array of capabilities. Its latest version, STRRAT 1.6, is notable for employing diverse infection paths and conducting startup host queries to...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/07/21 2:44 p.m.26 views

Kanti Ransomware Strikes Cryptocurrency Users

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Kanti is a novel strain of ransomware that has been specifically designed to target cryptocurrency users. This sophisticated ransomware is cunningly crafted to infiltrate systems and encrypt files,...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/06/20 6:45 a.m.26 views

Actors, Threats and Vulnerabilities 12 June to 18 June 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of seven attacks executed, taking advantage of twenty different vulnerabilities in...

2.3CVSS7AI score0.13638EPSS
Exploits0
hivepro
hivepro
added 2023/05/05 8:4 a.m.26 views

New LOBSHOT Malware Being Distributed Through Google Ads

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary LOBSHOT is a new malware that is being distributed through Google Ads. It is a remote access trojan that can allow threat actors to take control of an infected Windows devices hidden desktop, execute...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/03/28 10:35 a.m.26 views

Bitter APT Group Targets Chinese Energy Sector with New phishing Campaign

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary A new cyber espionage campaign targeting the energy sector in China by the South Asian threat group Bitter APT. The campaign involves the use of social engineering tactics through phishing emails that...

6.5AI score
Exploits0
hivepro
hivepro
added 2023/03/01 10:19 a.m.26 views

Highly Sophisticated SCARLETEEL Cloud Attack That Stole Proprietary Data

Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary The SCARLETEEL attack was a highly sophisticated cloud operation that involved the theft of proprietary data by exploiting a compromised Kubernetes container,...

1.7AI score
Exploits0
hivepro
hivepro
added 2023/02/23 12:55 p.m.26 views

Icarus a Versatile Infostealer with Rootkit and hVNC Capabilities

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Icarus Stealer malware is equipped with a Hidden Virtual network computing hVNC feature, which enables the attacker to generate a concealed desktop and traverse the compromised system without any...

1.3AI score
Exploits0
hivepro
hivepro
added 2023/02/07 2:31 p.m.26 views

Iranian OilRig Group Strikes with AutoHotkey Keylogger and Malicious Macro

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary In a recent intrusion, a threat actor utilized AutoHotkey to launch a keylogger. The Iranian OilRig group is suspected to be the culprit behind this attack. The initial compromise was initiated with a...

2.9AI score
Exploits0
hivepro
hivepro
added 2023/02/01 9:9 a.m.26 views

Infection and Evolution of the GOOTLOADER Malware

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary GOOTLOADER malware infects via malicious archive download, executing JavaScript and PowerShell, delivering FONELAUNCH, Cobalt Strike BEACON/SNOWCONE, with the latest variant writing JavaScript to disk an...

4.6AI score
Exploits0
hivepro
hivepro
added 2023/02/01 4:9 a.m.26 views

QNAP addresses a vulnerability in NAS devices

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary QNAP has released updates to address a security flaw in its network-attached storage NAS devices that allows arbitrary code injection. This vulnerability enables a remote attacker to run any SQL...

3.3AI score0.02663EPSS
Exploits0
hivepro
hivepro
added 2022/10/27 1:9 p.m.26 views

SideWinder APT group’s new arsenal named WarHawk

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The SideWinder APT gang operates espionage campaigns against government, military, and business sectors throughout Asia, primarily Pakistan, by employing the WarHawk backdoor to exfiltrate vulnerable syst...

3.3AI score
Exploits0
hivepro
hivepro
added 2022/02/14 6:10 a.m.26 views

Multiple vulnerabilities affect Mozilla Firefox and Firefox ESR

THREAT LEVEL: Green. For a detailed advisory, download the pdf file here Mozilla has issued two security advisories, which addresses 13 security issues in Firefox and Firefox ESR. Four of the thirteen have been rated as high, and some of these vulnerabilities, if successfully exploited, might all...

0.9AI score0.00702EPSS
Exploits1
hivepro
hivepro
added 2024/03/13 7:25 a.m.25 views

Attacks, Vulnerabilities and Actors 4 to 10 March 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of seven attacks were executed, four vulnerabilities were uncovered, and two active adversaries were...

7.5CVSS7.7AI score0.99991EPSS
Exploits25
hivepro
hivepro
added 2024/01/29 3:10 p.m.25 views

Midnight Blizzard Exploiting Legacy OAuth for Lateral Movement

Summary: Midnight Blizzard exploited a legacy test OAuth application with elevated access due to a common password and lack of multi-factor authentication MFA. The attackers leveraged this access to move laterally within Microsofts network, potentially exfiltrating data and gaining broader contro...

7.6AI score
Exploits0
hivepro
hivepro
added 2023/11/27 6:33 a.m.25 views

Mirai Botnet’s Offspring InfectedSlurs Exploits Dual Zero-Days

Summary: A new Mirai-based malware botnet, InfectedSlurs, is actively conducting a sophisticated campaign by exploiting two zero-day remote code execution RCE vulnerabilities in routers and video recorder NVR devices. These vulnerabilities, currently being exploited in the wild, facilitate the...

8.3AI score
Exploits0
hivepro
hivepro
added 2023/11/27 5:47 a.m.25 views

Lazarus Group Orchestrates Supply Chain Attack on CyberLink Corp

Summary: The Lazarus Group Labyrinth Chollima orchestrated a supply chain attack on CyberLink Corp., manipulating a legitimate application installer to impact over 100 devices globally. The attack involves a second-stage payload, labeled LambLoad, communicating with compromised infrastructure and...

7.2AI score
Exploits0
hivepro
hivepro
added 2023/11/17 6:45 a.m.25 views

Microsoft’s November 2023 Patch Tuesday Addresses Five Zero-day Vulnerabilities

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary In the November Patch Tuesday release, Microsoft addressed a total of 63 CVEs, including three zero-day vulnerabilities. Within this range of vulnerabilities, the security update covered the typic...

7AI score
Exploits0
hivepro
hivepro
added 2023/10/09 5:37 a.m.25 views

BunnyLoader: The New Malware-as-a-Service Threat

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary BunnyLoader is a Malware-as-a-Service threat, boasting advanced features like anti-sandbox techniques, keylogging, stealing data, cryptocurrency wallets, and remote command execution, posing risks to...

7AI score
Exploits0
hivepro
hivepro
added 2023/07/27 1:6 p.m.25 views

Fenix Botnet Preys on Mexico and Chile

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Fenix Botnet targets tax-paying individuals in Mexico and Chile, aiming to infiltrate specific networks and pilfer valuable data. To receive real-time threat advisories, please follow HiveForce Labs ...

6.8AI score
Exploits0
hivepro
hivepro
added 2023/03/30 10:22 a.m.25 views

New DBatLoader Malware Campaign Targets European Countries

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new malware campaign using DBatLoader to target European businesses through phishing emails. The attackers use obfuscation techniques and various file formats to distribute the malware, including Remco...

6.7AI score
Exploits0
hivepro
hivepro
added 2023/03/16 6:36 a.m.25 views

Revamped Prometei Botnet Version Infects Over 10,000 Systems

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Prometei v3 botnet, an upgraded version of the Prometei botnet malware, has compromised over 10,000 systems mining the Monero cryptocurrency. To receive real-time threat advisories, please follow...

3.2AI score
Exploits0
hivepro
hivepro
added 2023/03/14 10:44 a.m.25 views

New KamiKakaBot Malware Targeting Government Entities in ASEAN Countries

Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary The new KamiKakaBot malware has been discovered targeting government entities in ASEAN countries, with the Dark Pink APT group believed to be behind the campaign...

1.2AI score
Exploits0
hivepro
hivepro
added 2023/03/02 11:55 a.m.25 views

Snip3 Crypter an Advanced RAT Loader Targeting Multiple Industries

Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary A multi-stage remote access trojan RAT loader called Snip3 crypter was recently discovered deploying RAT families, including QuasarRAT and DcRAT, to target victims...

1.3AI score
Exploits0
hivepro
hivepro
added 2023/02/28 11:39 a.m.25 views

TA866 New Financially-Motivated Threat Actor Targeting US and Germany Organizations

Threat Level Actor Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary A new financially motivated threat actor named TA866 has been active since October 2022 and targets organizations in the United States and Germany. The attack chain...

1.1AI score
Exploits0
hivepro
hivepro
added 2023/02/14 7:2 a.m.25 views

Actors, Threats and Vulnerabilities 6 February to 12 February 2023

For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here Hive Pro identified three active actors over the past week. The first, OilRig, is a well-known threat actor known for its information theft and espionage activities. The secon...

1.3AI score
Exploits0
hivepro
hivepro
added 2023/01/23 3:48 a.m.25 views

Korean Word Processor Scam Alert Orcus RAT Lurking in Cracked Versions

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Orcus RAT, formerly known as Schnorchel, first appeared in April 2016 and allows for remote control of infected systems. Intruders are attempting to deploy a variant of Orcus RAT along with XMRig...

3.2AI score
Exploits0
hivepro
hivepro
added 2023/01/06 2:13 p.m.25 views

Linux Malware Using SHC Compiler Installs CoinMiner and DDoS Bots

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new strain of Linux malware, developed using the Shc compiler, has been found to install a CoinMiner on infected systems. It is believed that this malware is being spread through dictionary attacks on...

2.6AI score
Exploits0
hivepro
hivepro
added 2022/12/30 8:21 a.m.25 views

New Ransomware Variants Created Using Leaked Conti Source Code

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The leaked source code of the Conti ransomware has been used to create new strains of the ransomware. These new strains include Putin Team, ScareCrow, BlueSky, and Meow ransomware are being distributed...

2.3AI score
Exploits0
hivepro
hivepro
added 2022/10/28 11:57 a.m.25 views

What can you do about the critical vulnerability in OpenSSL 3.0

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary OpenSSL has a critical vulnerability that affects all the versions from 3.0 to 3.0.6. Due to the criticality of the vulnerability, OpenSSL has pre-announced the security update for security teams ...

3.2AI score
Exploits0
Total number of security vulnerabilities1589