The Rising Diicot Threat Group with Diverse Attack Capabilities
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A Romanian threat group “Diicot” has been actively employing SSH bruteforcing and deploying malware loaders to compromise systems for the purpose of cryptocurrency mining. The campaign involves exploiting OpenWRT systems and …
STORM-1359 DDoS triggered outage of Microsoft Services
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The STORM-1359 group a.k.a Anonymous Sudan recently targeted Microsoft services with a DDoS attack, resulting in the disruption of multiple services. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Actors, Threats and Vulnerabilities 12 June to 18 June 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of seven attacks executed, taking advantage of twenty different vulnerabilities in various systems, …
Mystic Stealer Malware Targeting Browsers, Wallets, and Messaging Platforms
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Mystic Stealer is an advanced information stealer malware known for its low detection rate, code manipulation techniques and is stealing sensitive data from browsers, wallets & messaging platforms, posing significant risks …
Cybercriminals Exploit Old Telerik Bug for Data Theft
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary APT actors and financially motivated cybercriminals were observed exploiting old Telerik vulnerabilities in an attack targeting a US government agency. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
ChamelGang Strikes Again With ChamelDoH Malware XDNS-over-HTTPS
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The Chinese threat group ChamelGang has developed the Linux malware ChamelDoH, which uses DNS-over-HTTPS for encrypted communication with attackers. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Unveiling Cadet Blizzard APT’s Wiper Attacks Targeting Ukraine
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Cadet Blizzard, a Russian GRU-sponsored threat group, conducted major cyber operations using WhisperGate, a customized wiper malware, to demonstrate their destructive capabilities through targeted attacks on Ukrainian government organizations. To receive …
LockBit Ransomware Evolving Tactics and Pervasive Impact in 2023
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary LockBit ransomware is a highly impactful Ransomware-as-a-Service (RaaS) variant that targets critical sectors globally. Since 2020, victims in the US alone have paid around $91 million in ransom payments. LockBit continues …
Chinese Espionage Hackers Exploit ESXi Zero-Day
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Chinese-sponsored hacking group, UNC3886, has been actively exploiting the CVE-2023-20867 vulnerability and using advanced backdoors such as VirtualPita and VirtualPie to carry out malicious activities across organizations in the US …
Microsoft’s June 2023 Patch Tuesday Addresses 78 Vulnerabilities
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Microsoft’s June 2023 Patch Tuesday addressed 78 flaws, including 38 remote code execution vulnerabilities. Notable fixes included SharePoint and Exchange Server vulnerabilities, while no zero-day exploits were patched. To receive real-time …