Attacks, Vulnerabilities and Actors 17 July to 23 July 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of eleven attacks executed, nine vulnerabilities, and three different adversaries highlights the ever-present …
Storm-0558 Chinese Threat Actor Targets Email Accounts
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Storm-0558, a China-based threat actor with espionage objectives, has been targeting email data from approximately 25 organizations using tactics like credential harvesting, OAuth token, and phishing campaigns. To receive real-time threat …
Citrix Netscaler ADC and Gateway Vulnerabilities Exploited in the Wild
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Citrix has released a zero-day critical patch for a remote code execution vulnerability in Netscaler ADC and Netscaler Gateway that has been exploited, along with two other vulnerabilities. Urgent updates are …
FIN8 Strikes with Noberus Ransomware via Altered Sardonic Backdoor
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The financially motivated threat actor FIN8 has been detected employing a revised variant of the backdoor known as Sardonic to deliver the Noberus ransomware. To receive real-time threat advisories, please follow …
Hackers Target WooCommerce Payments Plugin to Hijack Websites
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Cybercriminals are orchestrating a widespread campaign to exploit a pivotal WooCommerce Payments plugin, thereby acquiring the privileges of various users, including those with administrator status, on susceptible WordPress installations. To receive …
Active Exploitation of Adobe ColdFusion Critical Vulnerabilities
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Hackers are actively exploiting vulnerabilities in Adobe ColdFusion, specifically CVE-2023-29298 and CVE-2023-38203. These vulnerabilities allow attackers to bypass authentication, execute remote code, and gain unauthorized access to vulnerable servers. To receive …
Attacks, Vulnerabilities and Actors 10 July to 16 July 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of six attacks executed, total six zero-day vulnerabilities out of which Five vulnerabilities …
LokiBot Data Exfiltrating Trojan Targets Windows Systems
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary LokiBot, an infamous data-exfiltrating Trojan, has maintained a prominent presence since 2015. This pernicious malware predominantly sets its sights on Windows systems, diligently striving to acquire confidential data from compromised machines. …
CustomerLoader Disseminating Diverse Malware Payloads
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A covert .NET loader, known as CustomerLoader, was specifically designed to facilitate the retrieval, deciphering, and activation of subsequent payloads. Throughout the early days of June 2023, various malicious entities actively …