Attacks, Vulnerabilities and Actors 30 October to 5 November 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of six executed attacks, three instances of adversary activity, and one exploited vulnerability, highlighting the …
Socks5Systemz Proxy Botnet Infects 10,000 Systems
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A sophisticated proxy botnet known as ‘Socks5Systemz’ has insidiously infiltrated over 10,000 computers by employing the ‘PrivateLoader’ and ‘Amadey’ malware loaders. The masterminds behind this botnet offer their services to subscribers …
MuddyWater Returns with a New Spear-Phishing Campaign
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary MuddyWater, the Iranian nation-state actor, has been identified in a new spearphishing campaign targeting two Israeli entities and deploying a legitimate remote administration tool known as N-able Advanced Monitoring Agent. This …
Ransomware Threats Exploit CVE-2023-46604 in Apache ActiveMQ Servers
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Ransomware groups and SparkRAT exploiting a critical vulnerability (CVE-2023-46604) in Apache ActiveMQ, despite a security update on October 27, 2023, affecting systems with outdated ActiveMQ versions. Promptly updating ActiveMQ versions is …
Scarred Manticore’s Middle Eastern Gambit
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Scarred Manticore, an actor associated with Iran’s Ministry of Intelligence and Security (MOIS), has been conducting a highly sophisticated cyber espionage campaign with a strong focus on the Middle East. This …
CISA Known Exploited Vulnerability Catalog October 2023
For a detailed CISA’s KEV Catalog, download the pdf file here Summary The Known Exploited Vulnerability (KEV) catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. It is recommended that all organizations review and monitor the KEV catalog, …
Atlassian’s Latest Critical Confluence Flaw Poses Risk of Data Loss
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A critical vulnerability identified in Atlassian as CVE-2023-22518 which pertains to be an improper authorization issue in Confluence Data Center and Server. If successfully exploited by an unauthenticated attacker, it could …
Hackers Utilize MSIX App Packages to Disseminate GHOSTPULSE Malware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new cyber attack campaign has emerged, involving the use of fake MSIX Windows app packages masquerading as legitimate applications. These deceptive MSIX packages are employed to distribute a new malware …
From Bullets to Bytes The Hamas-Israel Conflict Goes Digital
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary In the midst of the ongoing Israeli-Hamas conflict, a group of pro-Hamas hacktivists has emerged, utilizing a sophisticated Linux-based wiper malware known as BiBi-Linux Wiper. In the broader context of the …