Threat Advisories:
Operation HanKook Phantom: APT37’s Stealthy Espionage Campaign Storm-0501’s Shift to Cloud-Native Ransomware Salt Typhoon Cyber Attacks Hit 200 Organizations in the United States CVE-2025-7775: Actively Exploited Critical Flaw in Citrix NetScaler ZipLine Campaign Spins Web Around U.S. Supply Chain Manufacturers with MixShell August 2025 Linux Patch Roundup New SHAMOS Stealer Exploits One-Line Commands on macOS QuirkyLoader: A Silent Enabler of Modern Malware Families CVE-2025-43300: Zero-Day in Apple Image I/O Exploited in Targeted Attacks Static Tundra Fuels Espionage Campaigns Through an Old Cisco Bug Crypto24 Ransomware Disrupts Businesses Using Custom EDR Bypass GodRAT Reloaded: Legacy Code, Modern Tactics Noodlophile Stealer Advances with Obfuscation, Social Media Deception PS1Bot: The Modular Malware Lurking Behind Malvertising Microsoft’s August 2025 Patch Tuesday Roundup Charon Ransomware Encrypts Files Belonging to Middle East Industries CVE-2025-25256: Fortinet Rushes to Patch High-Risk FortiSIEM Vulnerability Efimer Trojan: From Fake Lawsuits to Crypto Heists Zero-Day in WinRAR Actively Weaponized by Multiple Threat Groups DarkCloud Uses Fileless Techniques Turning into a Nightmare for Windows
🎧 Hive Force Labs: Critical Threats Affecting You This Week - 5 Minute Audio Intelligence Report
👥 Play Count: Loading...
Partner Program
Platform
Comprehensive Threat Exposure Management Platform
Uni5 Xposure PlatformUni5 Xposure leverages exposure assessment and adversarial exposure validation to deliver a unified view of your cyber risks and all actionable pathways to resolve them.
IntegrationsSync with an abundant number of out-of-the-box integrations.
HiveForce LabsStrategic intelligence and operational expertise to ensure comprehensive security readiness at all levels.
Solutions
By Use Case
Total Attack Surface Management
Multi-Environment Security Scanners
Complete Exposure Assessment
Comprehensive Security Intelligence
Vulnerability & Threat Prioritization
Adversarial Exposure Validation
By Role
CISO
Vulnerability Management
Security Operations
DevOps
Industry
Telecommunications
Healthcare
Financial Services
Government & Public Sector
Retail & E-Commerce
Educational Institutions
Resources
Advisories & Digests
Threat Advisories
Threat Digests
Content Library
learn
Blog
Case Studies
Whitepapers
Press Releases
connect
Webinars & Videos
Company
About Us
Careers
Our Leadership
Contact Us
Book a DemoThreat Digest - Subscribe
Platform
Platform
Comprehensive Threat Exposure Management Platform
Uni5 Xposure PlatformUni5 Xposure leverages exposure assessment and adversarial exposure validation to deliver a unified view of your cyber risks and all actionable pathways to resolve them.
IntegrationsSync with an abundant number of out-of-the-box integrations.
HiveForce LabsStrategic intelligence and operational expertise to ensure comprehensive security readiness at all levels.
Solutions
Solutions
By Use Case
Total Attack Surface Management
Multi-Environment Security Scanners
Complete Exposure Assessment
Comprehensive Security Intelligence
Vulnerability & Threat Prioritization
Adversarial Exposure Validation
By Role
CISO
Vulnerability Management
Security Operations
DevOps
Industry
Industry
Telecommunications
Healthcare
Financial Services
Government & Public Sector
Retail & E-Commerce
Educational Institutions
Resources
Resources
Advisories & Digests
Threat Advisories
Threat Digests
Content Library
learn
Blog
Case Studies
Whitepapers
Press Releases
connect
Webinars & Videos
Company
Company
About Us
Careers
Our Leadership
Contact Us
Book a DemoThreat Digest - Subscribe

Are you a victim of the Conti Ransomware?

Threat Level – Red | Vulnerability Report
Download PDF

For a detailed advisory, download the pdf file here.

Conti Ransomware targets enterprises who have not patched their systems by exploiting old vulnerabilities. Conti Ransomware steals sensitive information from businesses and demands a ransom in exchange. CISA has issued a warning about the rise in Conti ransomware attacks. To avoid becoming a victim of Conti ransomware, the Hive Pro Threat Research team suggested you patch these vulnerabilities.

The techniques used by the Conti includes:

T1078 – Valid Accounts T1133 – External Remote Services T1566.001 – Phishing: Spearphishing Attachment T1566.002 – Phishing: Spearphishing Link T1059.003 – Command and Scripting Interpreter: Windows Command Shell T1106 – Native API T1055.001 – Process Injection: Dynamic-link Library Injection T1027 – Obfuscated Files or Information T1140 – Deobfuscate/Decode Files or Information T1110 – Brute Force T1558.003 – Steal or Forge Kerberos Tickets: Kerberoasting T1016 – System Network Configuration Discovery T1049 – System Network Connections Discovery T1057 – Process Discovery T1083 – File and Directory Discovery T1135 – Network Share Discovery T1021.002 – Remote Services: SMB/Windows Admin Shares T1080 – Taint Shared Content T1486 – Data Encrypted for Impact T1489 – Service Stop T1490 – Inhibit System Recovery

Actor Details

Vulnerability Details

Indicators of Compromise (IoCs)

TypeValue
IPV4162.244.80[.]235
85.93.88[.]165
185.141.63[.]120
82.118.21[.]1

Patch Links

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-010

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527

https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-1472

References

https://us-cert.cisa.gov/ncas/alerts/aa21-265a

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox