Cybercrime group exploits zero-day on Windows servers to deploy Nokoyawa ransomware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Nokoyawa ransomware is a new threat that exploits the CVE-2023-28252 vulnerability to infiltrate and encrypt victims’ files, demanding a ransom for their release. To receive real-time threat advisories, please follow HiveForce …
Desert Falcon Strikes with an Upgraded Arsenal
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Desert Falcons, a cyber-espionage group, has been seen deploying upgraded variants of its malware toolset in strikes against Palestine and Middle Eastern entities. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
New Cylance Ransomware Targets Linux and Windows Operating Systems
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Cylance ransomware is a new malware that is capable of adjusting to customized encryption tactics and can accept different command-line parameters. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Apple Addresses Zero-Day Vulnerabilities in macOS and Safari
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Apple addressed vulnerabilities in macOS Ventura and Safari for macOS Big Sur/Monterey, which could potentially enable attackers to execute arbitrary code with kernel privileges or through processing maliciously crafted web content. …
Actors, Threats and Vulnerabilities 3 April to 9 April 2023
For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, they identified a total of five attacks that were executed. Additionally, …
80K QNAP Devices Vulnerable to Cyberattack
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Multiple QNAP operating systems have been impacted by two vulnerabilities that could potentially allow remote authenticated users to access secret values. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
UNC4466 Attack Campaign Targets Veritas Backup Exec and Deploys ALPHV Ransomware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary UNC4466 conducted an attack campaign in late 2022, gaining initial access to an internet-exposed Windows server running Veritas Backup Exec and deploying the ALPHV ransomware, with over 8,500 potentially vulnerable IP …
Money Message Ransomware Strikes with Million-Dollar Demands
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary ‘Money Message’ is a new ransomware group that targets victims all over the world, demanding million-dollar ransoms to avoid data leaks and deliver a decryptor. To receive real-time threat advisories, please follow …
Multiple Command Injection Vulnerabilities Found in Cisco EPNM, ISE, and Prime Infrastructure
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary An attacker with authenticated, local access can exploit these vulnerabilities to escape the restricted shell and gain root privileges on the operating system. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Botnets Actively Exploited Realtek and Cacti Flaws
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Attacks surged exploiting Cacti and Realtek vulnerabilities, resulting in the spread of ShellBot and Moobot malware. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …