Kadavro Vector Ransomware spread as a fake Tor browser installer
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Kadavro Vector is a NoCry ransomware variant that encrypts files and demands Monero (XMR) cryptocurrency for decryption. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Actors, Threats and Vulnerabilities 10 April to 16 April 2023
For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, they identified a total of nine attacks that were executed. These …
Google Chrome Emergency Update Fixes Zero-Day Exploit in the Wild
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A potential vulnerability in Google Chrome versions before 112.0.5615.121, identified as CVE-2023-2033, involves Type confusion in V8, which could allow a remote attacker to potentially exploit heap corruption by using a …
Rilide Stealer Extension Targets Chromium-Based Browsers
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Rilide Stealer Extension is a sophisticated malware that disguises itself as a benign Google Drive extension and targets Chromium-based browsers. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
The Bitter Group Targets Chinese Agencies with CHM Malware via Email Attachments
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Bitter group targets South Asian government agencies with Office documents and has recently distributed CHM malware to specific Chinese organizations via email attachments. To receive real-time threat advisories, please follow …
Fortinet Addresses Security Flaws Across Multiple Products
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Fortinet releases security updates for multiple products, including a significant FortiPresence vulnerability patch. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Malware Attack Targets Windows Users with Spoofed Energoatom Document
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The malware comes in the form of a spoofed document from Energoatom and is believed to be part of a larger campaign against Ukraine’s energy sector, which has been under constant …
Trigona Ransomware Targets Improperly Managed MS-SQL Servers
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Trigona ransomware is installed on vulnerable MS-SQL servers that are not properly managed, allowing attackers to execute malicious commands and encrypt files without distinguishing file extensions. To receive real-time threat advisories, …
Nation-State Actors MERCURY and Partner DEV-1084 Carry Out Destructive Attack
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary MERCURY, a nation-state actor linked to the Iranian government, worked with another actor, DEV-1084, to carry out a destructive attack. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Microsoft Addresses Zero-Day and Wormable Vulnerabilities
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Microsoft’s April 2023 Patch Tuesday and security updates address one actively exploited the zero-day vulnerability and a total of 97 flaws, consisting of 7 critical and 90 important vulnerabilities. To receive …