Attackers Impersonating Israeli Ministry with Blended Tools

...

Polyfill.io Supply Chain Attack: Widespread Compromise Affects Over 100,000 Websites

...

8220 Gang’s Heist: Exploiting Oracle WebLogic for Cryptomining

...

MSI Installer Flaw Enables Privilege Escalation on Windows Systems

...

APT29: A Deep Dive into Russia’s Cyber Espionage

...

Juniper Routers Auth Bypass Flaw Leads to Complete Device Takeover

...

Microsoft MSHTML Flaw the Silent Doorway for MerkSpy Malware

...

Free Trials of Sticky Notes Installer Trojanized

...

China-linked Hackers Exploit Cisco NX-OS as Zero-Day

...

regreSSHion: Exploiting Signal Handler Race Condition in OpenSSH

...

Summary of Vulnerabilities, Actors & Attacks: June 2024

Vulnerabilities Exploited| Adversaries in Action| Attacks Executed| Targeted Countries| Targeted Industries| MITRE ATT&CK TTPs ---|---|---|---|---|--- 38| 11| 29| 256| 31| 187 Summary In June, the cybersecurity arena garnered significant attention following the identification of nine zero-day...

CISA Known Exploited Vulnerability Catalog June 2024

Summary The Known Exploited Vulnerability KEV catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. It is recommended that all organizations review and monitor the KEV catalog, prioritize remediation of listed vulnerabilities, and reduce...

Attacks, Vulnerabilities and Actors 24 to 30 June 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made significant advancements in identifying cybersecurity threats. Over the past week alone, HiveForce Labs has detected eight executed attacks, reported thirteen vulnerabilities, and identified five...

SneakyChef Group Hits Governments Using SugarGh0st and SpiceRAT

...

InnoLoader Malware Stealth Mastery, Unique Instances per Download

...

ChamelGang’s Double Play: Strategy Beyond Encryption

...

Critical Vulnerabilities Patched in Progress Software’s MOVEit

...

Boolka: From Scripting to Sophisticated Malware Attacks

...

UAC-0184 Strikes Ukraine with XWorm RAT

...

ExCobalt’s GoRed the Silent Infiltrator of Russian Sectors

...

DragonForce Unleashes Chaos with Leaked Lockbit Builder

...

Attacks, Vulnerabilities and Actors 17 to 23 June 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of ten attacks were executed, nine vulnerabilities were uncovered, and three active adversaries were...

Phoenix UEFI Firmware Flaw Exposes Multiple Intel CPUs to Risk

...

Active Exploitation of SolarWinds Serv-U Flaw for Accessing Private Data

...

Fickle Stealer’s Dynamic Attack Strategies

...

UNC3886 Covert Operations Leveraging Rootkits and Backdoored Applications

...

Attacks, Vulnerabilities and Actors 10 to 16 June 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made significant advancements in identifying cybersecurity threats. Over the past week alone, HiveForce Labs has detected five executed attacks, reported seven vulnerabilities, and identified one active...

DISGOMOJI: Linux Malware Leveraging Emojis for C2

...

F5 BIG-IP Exploited in Three-Year Espionage Campaign by Velvet Ant

...

BadSpace Backdoor Infiltrates via Fake Browser Updates

...

VMware Address Critical Heap-Overflow and Privilege Escalation Flaws

...

Surge in QR Code Phishing Attacks, Hits Chinese Citizens

...

Noodle RAT: Understanding the Full Scope of this Cross-Platform Malware

...

Veeam Recovery Orchestrator Flaw Enables Forge of Valid JWT Tokens

...

Black Basta Ransomware Linked to Zero-Day Windows Exploit

...

ARM’s Zero-Day Flaw Leads to Improper GPU Memory Processing

...

Microsoft’s June 2024 Patch Tuesday Addresses 49 Vulnerabilities

...

PHP RCE Flaw Opens a Gateway for TellYouThePass Ransomware

...

WARMCOOKIE Backdoor: Rising via Recruitment-Themed Phishing

...

New Face of ValleyRAT: Enhanced Commands and Infiltration Tactics

...

Veeam Addresses Critical Flaws, Urges Admins to Patch

...

Enabling Proactive Security with Continuous Threat Exposure Management (CTEM) for Managed Service Providers

...

POC Exploit Code Released for Apache HugeGraph RCE Vulnerability

...

Fog Ransomware Targets US Sectors Via Compromised VPN Credentials

...

Attacks, Vulnerabilities and Actors 3 to 9 June 2024

For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made significant advancements in identifying cybersecurity threats. Over the past week alone, HiveForce Labs has detected six executed attacks, reported nine vulnerabilities, and identified two active...

Muhstik Botnet Exploits Apache RocketMQ Flaw in Latest Operations

...

RansomHub A Rebranded Menace Exploiting the ZeroLogon Vulnerability

...

Novel TargetCompany Ransomware Linux Variant Now Attacks ESXi

...

Attacker Employs Multi-Stage Malware Strategy to Target Ukraine

...

CarnavalHeist: New Banking Trojan Targets Brazilian Users

...