GhostSec Pioneering the Hacktivist Front with GhostLocker
HiveForce Labs Summary: GhostSec, a hacktivist coalition stemming from the Anonymous group and part of ‘The Five Families,’ has introduced GhostLocker, an advanced Ransomware-as-a-Service (RaaS) framework. Threat Level – RED | Attack Report For a detailed threat advisory, download the pdf file here To receive real-time threat advisories, …
Four Threat Actors Capitalized on Zimbra Zero Day to Infiltrate Government Organizations
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A zero-day vulnerability identified as CVE-2023-37580 in Zimbra Collaboration email software has been exploited by four different groups in attacks. These attacks aimed to illicitly obtain email data, user credentials, and …
In-Depth Analysis of NoEscape Ransomware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The NoEscape ransomware, suspected to be a rebrand of Avaddon, targets enterprises globally through multi-extortion attacks. Operating as Ransomware-as-a-Service, it encrypts files, changes wallpapers, and demands ransom, emphasizing financial motives via …
VMware Unveils Critical Authentication Bypass Vulnerability in VCD Appliance
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary VMware has disclosed a critical authentication bypass vulnerability affecting Cloud Director appliance deployments. This vulnerability, identified as CVE-2023-34060, the flaw could be exploited by a malicious actor to circumvent authentication protections …
Microsoft’s November 2023 Patch Tuesday Addresses Five Zero-day Vulnerabilities
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary In the November Patch Tuesday release, Microsoft addressed a total of 63 CVEs, including three zero-day vulnerabilities. Within this range of vulnerabilities, the security update covered the typical spectrum of issues, including RCE flaws, concerns related to privilege escalation, vulnerable …
TA402’s Covert Operation Takes Aim at the Middle East
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary TA402 (aka Extreme Jackal) launched sophisticated phishing campaigns targeting government entities in the Middle East. The objective was to deploy a newly developed initial access downloader called IronWind, employing an economic-themed …
Hackers Employ Updated Ducktail to Target Indian Marketers
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The threat actors linked to the Ducktail stealer malware have been implicated in a new campaign that focused on marketing professionals in India. The primary goal of this campaign was to …
Attacks, Vulnerabilities and Actors 6 November to 12 November 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of twenty-five executed attacks, six instances of adversary activity, and four exploited vulnerabilities, highlighting the …
Multiple Critical Vulnerabilities in Juniper Exploited in the Wild
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Multiple vulnerabilities have been discovered in Juniper Networks Junos OS, with the potential for pre-auth Remote Code Execution when chained in Juniper devices. Juniper Networks has confirmed the successful exploitation of …
Lace Tempest Exploits Zero-Day in a Strategic Strike on SysAid
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Lace Tempest has been implicated in exploiting a zero-day vulnerability, identified as CVE-2023-47246. This exploitation allows for the execution of code within SysAid on-premise software, leading to an unauthorized breach of …
