North Korean-Backed Group’s Sparks X_Trader Supply Chain Attack
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The X_Trader software supply chain attack affected at least a number of critical infrastructure entities in the United States and Europe. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
New PingPull Malware Variant Targets Linux Systems
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The PingPull malware variant that targets Linux systems is linked to Alloy Taurus, and it communicates with a domain over HTTPS to receive encrypted commands for executing specific functions. To receive …
Charming Kitten Hackers Utilize New Tactics with BellaCiao Malware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Iranian APT group, Charming Kitten, is using a new, sophisticated malware called BellaCiao to target specific victims in multiple regions, employing unique communication tactics with its command-and-control infrastructure. To receive real-time …
Daggerfly APT Deploys MgBot to Target African Telecoms Organization
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Daggerfly advanced persistent threat group has been observed using previously unseen plugins from the MgBot malware framework in a recent campaign. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Malevolent EvilExtractor Stealer Attacks Strike Europe and US
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary EvilExtractor is a new type of malware that extracts sensitive data from Windows systems. It’s a data theft tool gaining notoriety due to increased attacks in Europe and the US. To …
New Wave of QBot Attacks Detected via Malicious PDF Attachments
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new wave of QBot banking Trojan attacks was identified in April 2023, utilizing malicious PDF attachments in emails written in various languages. To receive real-time threat advisories, please follow HiveForce …
LockBit Ransomware Targets MacOS
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary LockBit ransomware has been discovered on VirusTotal compiled for Apple’s macOS arm64 architecture, raising concerns about the ransomware threat on Mac devices. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
FIN7 & Wizard Spider team up to disseminate Domino malware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary FIN7 threat actors and Wizard Spider collaborate to distribute ‘Domino’ malware family in recent attacks. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
New Zaraza Bot Malware Steals Login Credentials from 38 Web Browsers via Telegram
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new credential-stealing malware named Zaraza bot uses Telegram as its command and control, targeting 38 web browsers and exfiltrating sensitive data for potential identity theft and financial fraud. To receive …
APT36 targets Indian educational institutions with Crimson RAT
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary APT36 is targeting educational institutions and students in the Indian subcontinent by distributing malicious documents to stage the Crimson RAT. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …