Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary ALC is a scareware, pretending to be ransomware, as it doesn’t carry out any file encryption on the victim’s device. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Apache has released a security notice for a deserialization vulnerability (CVE-2023-23638) in Apache Dubbo that allows remote attackers to execute arbitrary code on the target system. To receive real-time threat advisories, please …

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Mispadu has been linked to various spam campaigns, and it is capable of stealing both monetary and credential information while acting as a backdoor through keystroke and screenshot capture. To receive real-time …

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary ShellBot malware infects mismanaged Linux SSH servers and uses IRC protocol for C&C. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary New Bad magic APT was discovered using a new backdoor called PowerMagic and a malicious framework called CommonMagic to target organizations in the administrative, agriculture, and transportation sectors for espionage purposes. To …

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary UNC3886 is a cyber espionage Chinese group that targets technologies without EDR solutions and exploits zero-day vulnerabilities to steal user credentials and maintain access. To receive real-time threat advisories, please follow HiveForce …

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The Winter Vivern Advanced Persistent Threat (APT) is a relatively underreported group that operates with pro-Russian objectives and targets government agencies. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A fake Italian Revenue Agency email campaign tricks victims into downloading a malicious attachment that installs Gozi, a binary that bypasses Italy’s geofencing and creates a loader process on the victim’s computer.  …

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary HinataBot is a newly discovered Go-based botnet that spreads through old vulnerabilities and weak credentials. It carries out DDoS flooding attacks and has a connection with the Mirai malware family. To receive …