Actors, Threats and Vulnerabilities 27 February to 5 March 2023
For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here HiveForce Labs discovered six actors that have been active in the past week. TA866, APT-C-61, and DEV-0569 are cybercrime groups that focus on Financial gain. The …
Unveiling the Malicious Tactics of LokiBot Malware
Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary LokiBot is a constantly evolving information-stealing malware that creates a backdoor on infected machines to collect sensitive data, and it uses ISO files and API …
Two New Vulnerabilities Discovered in TPM 2.0 Library
Threat Level Vulnerability Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary The Trusted Platform Module (TPM) 2.0 specification, a hardware-based technology used to provide tamper-resistant secure cryptographic functions, is affected by two buffer overflow vulnerabilities. These …
CISA Known Exploited Vulnerability Catalog February 2023
For a detailed CISA’s KEV Catalog, download the pdf file here Summary For a detailed CISA’s KEV Catalog, download the pdf file here The Known Exploited Vulnerability (KEV) catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. To be …
Royal Ransomware Targets Organizations with Custom Encryption and Double Extortion Tactics
Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary Since September 2022, threat actors have been attacking both US and international organizations using a version of ransomware called Royal. This ransomware is unique because …
New MQsTTang Backdoor from Mustang Panda Targets Political and Governmental Organizations
Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary A new custom backdoor called MQsTTang, which they attribute to the Mustang Panda APT group. This backdoor is part of an ongoing campaign that began …
Snip3 Crypter an Advanced RAT Loader Targeting Multiple Industries
Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary A multi-stage remote access trojan (RAT) loader called Snip3 crypter was recently discovered deploying RAT families, including QuasarRAT and DcRAT, to target victims across multiple …
A New APT named APT-C-61 Targets South Asia
Threat Level Actor Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary APT-C-61, also known as Tengyun Snake, is an advanced persistent threat (APT) group that has been active since at least January 2020 in South Asia. …
Iron Tiger APT Group Updates SysUpdate Malware to Target Linux Platforms
Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary The Iron Tiger aka APT27 group updated their custom malware, SysUpdate, to target Linux platforms and evade security solutions. They specifically targeted a vulnerability in …
ParallaxRAT targets cryptocurrency organizations through phishing emails
Threat Level Attack Report Follow Hive Pro for a detailed threat advisory, download the pdf file here from HiveForce Labs. Summary ParallaxRAT is a remote access Trojan (RAT) that has been distributed through phishing emails since December 2019. Recently, ParallaxRAT has been targeting cryptocurrency organizations. The …