CISA Known Exploited Vulnerability Catalog July 2023
For a detailed CISA’s KEV Catalog, download the pdf file here Summary The Known Exploited Vulnerability (KEV) catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. To be included in the catalog, a vulnerability must meet three criteria: …
Attacks, Vulnerabilities and Actors 24 July to 30 July 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, We identified a total of six executed attacks, one adversary activities, and five zero-day vulnerabilities including widely exploited vulnerabilities in …
Zimbra Fixes A Zero-Day Vulnerability Exploited in Attacks
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The vulnerability (CVE-2023-37580) in Zimbra Collaboration Suite (ZCS) version 8.8.15 is a Cross-Site Scripting (XSS) flaw in the Zimbra Classic Web Client interface. Its impact is severe as it can compromise …
Unmasking Decoy Dog Malware Toolkit Hiding in DNS Traffic
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Decoy Dog, a sophisticated malware toolkit uses DNS for C2 communication, evading detection with its wildcard-type behavior and encryption methods. Its origin remains mysterious, and the malware’s capabilities surpass traditional RATs …
Fenix Botnet Preys on Mexico and Chile
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Fenix Botnet targets tax-paying individuals in Mexico and Chile, aiming to infiltrate specific networks and pilfer valuable data. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Ivanti Addressed A Critical Zero-Day Flaw in EPMM Software
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The vulnerability in Ivanti Endpoint Manager Mobile allows unauthorized remote access to personal information and enables limited server changes, posing significant security risks to affected organizations. To receive real-time threat advisories, …
Realst Infostealer Hides Behind Phony Blockchain Games
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Multiple counterfeit blockchain games are being exploited to infiltrate both Windows and macOS systems with a sophisticated infostealer developed in Rust, known as realst. This malicious software demonstrates the capability to …
Atera Addressed Two Zero-Day Vulnerabilities Exploiting MSI Files
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Windows Installers for the Atera remote monitoring and management software contain two zero-day vulnerabilities that could serve as a starting point for launching privilege escalation attacks. To receive real-time threat advisories, …
Apple Tackles Zero-Day Flaws Impacting iPhones and Macs
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Apple has addressed zero-day vulnerability exploited in targeted attacks on iPhones, Macs, and iPads. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …