Akira Ransomware Exploits Cisco Zero-Day Vulnerability
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The zero-day vulnerability, identified as CVE-2023-20269, is a concerning security issue that impacts the remote access VPN feature of Cisco ASA (Adaptive Security Appliance) and FTD (Firepower Threat Defense). This remotely …
Nation-State Actors Infiltrate U.S. by Exploiting Zoho and Fortinet Flaws
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Multiple nation-state entities infiltrated a prominent U.S. aeronautics organization by capitalizing on vulnerabilities within Fortinet FortiOS SSL-VPN and Zoho ManageEngine ServiceDesk Plus, subsequently acquiring unauthorized entry and establishing persistence on compromised …
Critical Remote Code Execution Vulnerabilities Discovered in ASUS Routers
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Three critical-severity remote code execution vulnerabilities have been identified in ASUS routers. These vulnerabilities have the potential to allow threat actors to take control of these devices if the required security …
Chinese ‘Smishing Triad’ Group Targeting US Citizens
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Smishing Triad is a Chinese-speaking cyber-criminal group that has been conducting a large-scale smishing campaign targeting US citizens and other countries. Smishing is a form of phishing that uses text messages …
Agent Tesla’s New Variant Spreads Through Crafted Excel Files
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A phishing campaign has surfaced, disseminating a new iteration of the Agent Tesla malware through a meticulously crafted Microsoft Excel document. This document exploits a longstanding memory corruption vulnerability within Microsoft …
DuckTail Targets the Digital Marketers with Malicious Operations
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary DuckTail refers to an operation organized by several threat actors based in Vietnam. These threat actors not only employ common techniques but also share a common objective: to gain unauthorized access …
DreamBus Botnet Exploiting A Critical Vulnerability in Apache RocketMQ
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A critical vulnerability (CVE-2023-33246) in Apache RocketMQ servers enables remote code execution, leading to a surge in attacks, including the deployment of the DreamBus malware. Timely system updates are crucial to …
Attacks, Vulnerabilities and Actors 28 August to 3 September 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of six attacks executed, one vulnerability, and two different adversaries highlights the ever-present …
CISA Known Exploited Vulnerability Catalog August 2023
For a detailed CISA’s KEV Catalog, download the pdf file here Summary The Known Exploited Vulnerability (KEV) catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. To be included in the catalog, a vulnerability must meet three criteria: …