A New Rorschach Ransomware Threat Employing Hybrid-Cryptography
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Rorschach is a new and highly effective ransomware that uses a hybrid-cryptography scheme and fast thread scheduling via I/O completion ports. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Winter Vivern APT targets EU with Zimbra flaw
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Winter Vivern abuses CVE-2022-27926 to attack public Zimbra webmail portals of government entities. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Unraveling North Korea’s Cyber Espionage Group APT43 Targeting Geopolitical Interests
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary APT43 is a cyber espionage group that serves North Korean regime interests by targeting government organizations, academics, and think tanks focused on Korean peninsula geopolitical issues, mainly in South Korea and the …
A Modular AlienFox Toolkit Used in Cloud-Based Email and Web Hosting Service Attacks
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary AlienFox is a toolkit used by attackers to target email and web hosting services, particularly cloud-based and software-as-a-service (SaaS) email hosting services. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Actors, Threats and Vulnerabilities 27 March to 2 April 2023
For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, they identified a total of Nine attacks that were executed. Additionally, …
CISA Known Exploited Vulnerability Catalog March 2023
For a detailed CISA’s KEV Catalog, download the pdf file here Summary For a detailed CISA’s KEV Catalog, download the pdf file here The Known Exploited Vulnerability (KEV) catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. To be …
SmoothOperator Campaign Trojanizes 3CXDesktopApp
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The 3CX desktop app trojanized via a multi-stage supply attack chain in the SmoothOperator campaign. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Creal Stealer Preys on Cryptocurrency Users
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A phishing site that is impersonating a cryptocurrency mining platform is disseminating the New Creal Stealer. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
New DBatLoader Malware Campaign Targets European Countries
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new malware campaign using DBatLoader to target European businesses through phishing emails. The attackers use obfuscation techniques and various file formats to distribute the malware, including Remcos RAT and Formbook. To …