Donot APT Group Targets Government and Military Orgs in South Asia
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The Donot group, also known as APT-Q-38, is a state-sponsored threat actor believed to operate out of a South Asian country. They primarily engage in network espionage activities targeting government agencies, military …
Actors, Threats and Vulnerabilities 20 March to 26 March 2023
For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, they identified a total of 19 attacks that were executed. These …
Chinese Cyber Espionage Targets Middle Eastern Telecoms
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Chinese cyber espionage actors, Gallium and APT41, linked to Operation Soft Cell campaign, are targeting Middle Eastern telecommunications sector. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Bitter APT Group Targets Chinese Energy Sector with New phishing Campaign
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary A new cyber espionage campaign targeting the energy sector in China by the South Asian threat group Bitter APT. The campaign involves the use of social engineering tactics through phishing emails that …
Unveiling ChinaZ DDoS Threat Landscape
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary ChinaZ, a Chinese threat group, is infamous for using DDoS botnets to attack Windows and Linux systems. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
New Dark Power Nim-based Ransomware Targeted Attacks Globally
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary New Dark Power ransomware gang uses Nim programming language to create malware that encrypts specific services and processes, excludes crucial system files, clears logs, and generates a ransom note in every folder. …
Cinoshi A Novel Malware-as-a-Service Platform
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Cinoshi is a new MaaS platform with a toolkit including a stealer, botnet, clipper, and crypto-miner. Offering free stealer and web panel is rare. To receive real-time threat advisories, please follow HiveForce …
A Financially Motivated Threat Group UNC961 Targeting North American Organizations
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary UNC961 is a financially motivated cyber threat group that targets organizations in North America, with a focus on exploiting vulnerable Internet-facing servers during periods of vulnerability and exploit code disclosure. To receive …
New Variant of BlackGuard Stealer Malware Steals Sensitive Information and Crypto Wallets
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new variant of the BlackGuard stealer malware that propagates through removable media and hijacks crypto wallets. It can steal sensitive information from various applications and supports stealing popular crypto assets. To …
Rising Trend of macOS Malware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary ALC is a scareware, pretending to be ransomware, as it doesn’t carry out any file encryption on the victim’s device. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …