CISA Known Exploited Vulnerability Catalog June 2023
For a detailed CISA’s KEV Catalog, download the pdf file here Summary The Known Exploited Vulnerability (KEV) catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. To be included in the catalog, a vulnerability must meet three criteria: …
Andariel Group unleashes New EarlyRAT malware
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Andariel is a sub-group of Lazarus and is remarkably stealthy in its operation. Recently they have developed new malware called EarlyRAT. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
APT28 Leveraged Three Roundcube Exploits in Espionage Campaign
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary APT28 conducted a sophisticated campaign targeting prominent organizations in Ukraine. The campaign involved spear-phishing emails, and these attachments exploited vulnerabilities in the Roundcube webmail platform. To receive real-time threat advisories, please …
RedEyes Exploiting Ably Platform Using FadeStealer and Wiretapping Capabilities
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary RedEyes, a state-sponsored APT group, is targeting individuals through spear phishing emails and employing an Infostealer with wiretapping capabilities, utilizing the Ably platform for command and control. To receive real-time threat …
Mirai Botnet Exploits Multiple Flaws in the Latest Campaign
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new variant of the Mirai botnet is actively exploiting vulnerabilities in various devices, aiming to create botnets and launch DDoS attacks. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Flea APT Targets Foreign Ministries with New Backdoor.Graphican
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Flea (APT15) targeted foreign ministries with their new backdoor, Backdoor.Graphican, leveraging Microsoft Graph API and OneDrive for C&C communication. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Tsunami Botnet Preying on Insufficiently Shielded Linux SSH Servers
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary An ongoing hacking campaign has been targeting inadequately secured Linux SSH servers. The objective of this campaign is to deploy the Tsunami DDoS botnet. To receive real-time threat advisories, please follow …
Condi Malware Strikes TP-Link Routers for DDoS Rampage
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Condi, a recently discovered malware, utilizes a security vulnerability within TP-Link Archer Wi-Fi routers to ensnare these devices into a botnet specifically designed for launching distributed denial-of-service (DDoS) attacks. To receive …
New Chromeloader Shampoo Campaign Infecting Chrome and Stealing Data
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The current ChromeLoader Shampoo campaign, where users unknowingly download and execute VBScript files from malicious websites. These files trigger a series of PowerShell scripts, leading to the installation of a malicious …
State-Sponsored Hackers Target Middle Eastern and African Governments
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Persistent cyber-espionage attacks, targeting governmental entities in the Middle East and Africa, have been unleashed by a group known as CL-STA-0043. This group has employed unprecedented methods to infiltrate networks. To …