ZenRAT Targeting Windows Users Through Fake Bitwarden Installs
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary ZenRAT is a new malware distributed through fake Bitwarden password manager installers, primarily targeting Windows users. It operates as a modular remote access trojan (RAT) with information-stealing capabilities. To receive real-time …
TAG-74’s Multi-Year Campaign Targets South Korean Organizations
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary TAG-74 is a state-sponsored cyber-espionage group that has been attributed to Chinese military intelligence. This threat actor has been involved in a multi-year campaign primarily targeting organizations in South Korea, with …
Deadglyph Malware Emerges as a Game Changer for Stealth Falcon
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The cyber espionage group Stealth Falcon commenced covert operations and employed advanced backdoor malware called “Deadglyph” primarily to infiltrate Middle Eastern government entities. To receive real-time threat advisories, please follow HiveForce …
Critical Security Vulnerabilities Discovered in Atlassian Products
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Atlassian have revealed the existence of several security vulnerabilities, namely CVE-2022-25647, CVE-2023-22512, CVE-2023-22513, and CVE-2023-28709, which affect their products. These vulnerabilities have the potential to be exploited, leading to denial-of-service (DoS) …
New Variant of RedLine Stealer Uses Batch Script to Evade Detection
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new variant of RedLine Stealer that is being distributed as a batch script file. This new variant of RedLine Stealer is more sophisticated than previous versions and uses a number …
Attacks, Vulnerabilities and Actors 18 September to 24 September 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of eight executed attacks, five instance of adversary activity, and eleven vulnerabilities including two zero-day …
Apple Addresses Zero-Day Flaws Exploited in the Wild
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Apple addressed three zero-day vulnerabilities used in an iPhone exploit chain to deliver the Predator spyware. The vulnerabilities involved were CVE-2023-41991, CVE-2023-41992, and CVE-2023-41993. These vulnerabilities enabled attackers to bypass certificate …
Sandman APT Strikes the Telecom Sector with the LuaDream Backdoor
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Sandman APT, an espionage group of unknown origins that surfaced mysteriously in August, is orchestrating a sophisticated campaign aimed squarely at telecommunications providers spanning the Middle East, Western Europe, and the South …
Critical Security Vulnerabilities Uncovered in Nagios XI
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Several security vulnerabilities have been identified in Nagios XI, a network monitoring software, which could potentially lead to privilege escalation and information disclosure. These vulnerabilities are tracked as CVE-2023-40931, CVE-2023-40932, CVE-2023-40933, …
Snatch Ransomware: Evolving Threat and Defense Strategies
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Snatch ransomware is a ransomware-as-a-service (RaaS) variant that was first discovered in 2018. It is known for its ability to reboot devices into Safe Mode, where many security protections are disabled, …