New Yashma Ransomware Variant Mimics WannaCry in New Attack
HiveForce Labs Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A Vietnamese-origin threat actor employs a Yashma ransomware variant since June 2023, using unique GitHub-based ransom note delivery and mimicking WannaCry. This operation demonstrates the accelerated diversification of ransomware attacks due …
TargetCompany Ransomware’s FUD Obfuscation Maneuvers
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The TargetCompany ransomware employs a combination of its proprietary variant and the BatCloak obfuscator engine, acclaimed for its full undetectability (FUD) capabilities. Accompanying this fusion is the Remcos RAT, which operates …
Hive Pro Achieves ISO/IEC 27001: 2022 Certification
Hive Pro has achieved ISO 27001: 2022 Certification, Demonstrating A Continuous Commitment to Excellence in Information Security August 8th, 2023 – HERNDON, VA: Hive Pro, a pioneer in the Threat Exposure Management market, is thrilled to announce that they have successfully attained ISO 27001:2022 certification. …
STRRAT a Java-Powered Versatile Remote Access Trojan
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary STRRAT, a Java-based RAT, excels in utilizing a wide array of capabilities. Its latest version, STRRAT 1.6, is notable for employing diverse infection paths and conducting startup host queries to understand …
Attacks, Vulnerabilities and Actors 31 July to 6 August 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of one executed attack, one instance of adversary activity, and thirteen vulnerabilities, including five zero-day …
2022 Most Consistently Exploited Vulnerabilities
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary This advisory presents comprehensive information regarding the CVEs consistently and frequently targeted by malicious cyber adversaries throughout the year 2022 across multiple vendors, encompassing Fortinet, Microsoft, Zoho ManageEngine, Atlassian, Apache, VMware, …
New Rilide Stealer Version Evades Chrome Manifest V3 Protections
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new version of the Rilide Stealer malware, evading Chrome’s security measures to target Chromium-based browsers in campaigns that exploit user trust through fake plugins and games, posing a significant threat …
New APT 29 Campaign Targets Organizations through Microsoft Teams
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary APT 29, a Russia-based threat actor, employs targeted social engineering via Microsoft Teams to steal credentials, leveraging compromised domains and convincing users to enter authentication codes, furthering their espionage objectives. To …
STARK#MULE Targets South Korea with US Military-themed Baits
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The STARK#MULE cyber attack campaign is ongoing, with a focus on targeting Korean-speaking individuals. It employs U.S. Military-themed document baits to deceive its targets, leading them into unwittingly running malware, thus …
Ivanti Addressed Second Zero-Day Flaw Exploited by Attackers
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The zero-day vulnerability (CVE-2023-35081) in Ivanti EPMM enables admin-authenticated attackers to write arbitrary files, risking unauthorized access, OS command execution, and malicious web shell deployment. Urgent patching is crucial to prevent …
