TA445 Targeting Government and Military Sectors in Ukraine and Poland
HiveForce Labs Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary TA455 conducts ongoing campaigns targeting government entities, military organizations, and civilians in Ukraine and Poland to steal information and establish remote access, using multi-stage infection chains and payloads like AgentTesla RAT, …
Storm-0978 actively exploited the Office zero-day
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Storm-0978 is a Russian cybercriminal group that specializes in executing sophisticated phishing campaigns. Storm-0978 was found to be engaged in a new wave of attacks, leveraging the Zero-day flaw (CVE-2023-36884) to distribute the RomCom backdoor. To receive …
New Python-Based Fileless Malware Named ‘PyLoose’ Targeting Cloud Environments
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new fileless attack called PyLoose targets cloud workloads by loading an XMRig Miner directly into memory using Python code and the memfd technique. This evasive attack highlights the need for …
Microsoft’s July 2023 Patch Tuesday Addresses 5 Zero-day Vulnerabilities
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Microsoft’s July 2023 Patch Tuesday includes security updates for 130 flaws, including five actively exploited zero-day vulnerabilities, nine are rated as ‘Critical’, and 37 remote code execution vulnerabilities. One of the …
Exploit found in the wild for Critical VMware Aria Operations Bug
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary An exploit has surfaced for CVE-2023-20864, a highly significant security vulnerability within the VMware Aria Operations for Logs analysis tool utilized in cloud management. This exploit empowers malicious actors to execute …
The Unrelenting Nature of TOITOIN Malware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The TOITOIN malware campaign, targeting businesses in the LATAM region, employs sophisticated techniques and multi-stage infection chains with numerous malware samples disguised as compressed ZIP archives hosted on Amazon EC2. To …
Hive Pro Secures Second Round of Seed Funding to Expand Headquarters and Enhance Hive Pro Threat Exposure Management Platform
July 12, 2023 – HERNDON, VA: Hive Pro, a pioneer in the Threat Exposure Management market, announced today that they have closed $4 million in their seed funding round from private investors. The successful completion of Hive Pro’s second round of seed funding will support …
Apple Addresses A Zero-Day Vulnerability Which Is Actively Exploited in Wild
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The zero-day vulnerability (CVE-2023-37450) discovered in multiple Apple products is being actively exploited in the wild, specifically when processing web content. This vulnerability can potentially result in arbitrary code execution. To …
Attacks, Vulnerabilities and Actors 3 July to 9 July 2023
For a detailed threat digest, download the pdf file here Summary HiveForceLabs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of eight attacks executed, a zero-day vulnerability in the WordPress Plugin, and three different …
Unveiling New Big Head Ransomware Variants and Their Stealthy Tactics
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The emergence of Big Head ransomware and its variants suggests a shared source, distributed through deceptive Windows update and Word installer disguises. The threat actor engages via email and Telegram, showcasing …
