Attacks, Vulnerabilities and Actors 8 January to 14 January 2024

For a detailed threat digest, download the pdf file here

Summary

HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of seven attacks were executed, two vulnerabilities were uncovered, and three active adversaries were identified. These findings underscore the persistent danger of cyberattacks.

Furthermore, HiveForce Labs revealed that there are two zero-day vulnerabilities in Ivanti Connect Secure and Ivanti Policy Secure gateways. These vulnerabilities pose a significant risk, as they enable unauthorized remote code execution. The entity identified as UTA0178, a Chinese nation-state-level actor, utilized these exploits to compromise systems.

Silver RAT, developed by the group Anonymous Arabic, showcases advanced features such as antivirus evasion and ransomware encryption. Sea Turtle, a Turkish APT, specializes in information theft and DNS hijacking, using a reverse TCP shell called SnappyTCP to compromise repositories holding valuable and sensitive data. These attacks are on the rise, posing a significant threat to users worldwide.

Subscribe to receive our weekly threat digests and newsletters directly in your inbox.