Threat Advisories

Storm-0978 actively exploited the Office zero-day

July 14, 2023

Threat Level

Actor Report

For a detailed threat advisory, download the pdf file here

Summary

Storm-0978 is a Russian cybercriminal group that specializes in executing sophisticated phishing campaigns. Storm-0978 was found to be engaged in a new wave of attacks, leveraging the Zero-day flaw (CVE-2023-36884) to distribute the RomCom backdoor.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.

New Python-Based Fileless Malware Named ‘PyLoose’ Targeting Cloud Environments

TA445 Targeting Government and Military Sectors in Ukraine and Poland