Unveiling Lu0Bot Malware A Node.js-Based Threat
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Lu0Bot Malware, a Node.js-based threat, surfaced in February 2021 as a secondary payload in GCleaner attacks. This malware acts as a bot, responding to C2 server commands and transmitting encrypted system …
Deciphering Mirai’s Next Chapter: the Strategies of the Latest Players
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The realm of cybersecurity witnessed the rise of formidable botnet variants stemming from the notorious Mirai source code. Prominent among them are hailBot, kiraiBot, and catDDoS, showcasing heightened activity and a …
China’s Cyber Espionage Targets Semiconductor Giants in East Asia
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary In recent cyber espionage activities, threat actors affiliated with the People’s Republic of China (PRC) have targeted semiconductor companies operating in Mandarin/Chinese-speaking regions of East Asia. These attacks involve the use …
Attacks, Vulnerabilities and Actors 2 October to 8 October 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of seven executed attacks, zero instances of adversary activity, and eight zero-day vulnerabilities, highlighting the …
LostTrust Ransomware Unmasking the Gang Behind the Threat
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary LostTrust ransomware, emerged in September 2023, is a multi-extortion threat related to SFile and Mindware, employing techniques reminiscent of MetaEncryptor, encrypting files, and demanding ransoms. It presents a serious cybersecurity concern …
MOVEit Vulnerabilities Expose Organizations to Cyberattacks
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Critical SQL Injection vulnerabilities in Progress Software’s MOVEit Transfer product, exploited by Clop ransomware gang since May 2023, led to unauthorized access and data breaches, affecting numerous organizations worldwide. Millions of …
QakBot Resurges Latest Strikes with Ransom Knight and Remcos RAT
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The QakBot malware has been associated with a persistent phishing campaign since the beginning of August 2023, leading to the deployment of both the Ransom Knight ransomware and the Remcos RAT. …
Unveiling Operation Jacana: Targeting the Guyana Government with DinodasRAT
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A cyber espionage campaign named Operation Jacana was identified in February 2023, targeting a government entity in Guyana. This campaign began with a spear-phishing attack and resulted in the deployment of …
Cracking ShellTorch Vulnerabilities Exposing TorchServe to RCE
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A trio of security vulnerabilities, dubbed ‘ShellTorch,’ in the open-source machine-learning model TorchServe, a tool for serving and scaling PyTorch models, could be chained to achieve remote code execution on affected …
BunnyLoader: The New Malware-as-a-Service Threat
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary BunnyLoader is a Malware-as-a-Service threat, boasting advanced features like anti-sandbox techniques, keylogging, stealing data, cryptocurrency wallets, and remote command execution, posing risks to infected systems. To receive real-time threat advisories, please …