Attacks, Vulnerabilities and Actors 8 January to 14 January 2024
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of seven attacks were executed, two vulnerabilities were uncovered, and three active adversaries were identified. …
Medusa Ransomware Unleashed A Growing Cybersecurity Menace
Summary: Medusa ransomware, a potent threat since late 2022, employs a multi-extortion approach via its Medusa Blog, disclosing victim data and pressuring non-compliant organizations. Operating as a ransomware-as-a-service, Medusa’s global impact underscores the need for proactive cybersecurity measures to counter its evolving tactics. Threat Level …
Maliciously Crafted Cracked Software Propagates Lumma Stealer via YouTube
Summary: In an attempt to deceive users into downloading the information-stealing virus Lumma, threat actors are exploiting YouTube videos featuring content related to cracked software. These videos typically include content related to the use of cracked software, accompanied by identical installation instructions. Furthermore, Lumma Stealer …
FBot’s Arsenal against the SaaS Giants
Summary: FBot, a Python-based exploit tool, has systematically targeted critical infrastructures, spanning from web servers and cloud services to content management systems (CMS) and major Software as a Service (SaaS) platforms. Its primary objective is to infiltrate these services, acquiring credentials to subsequently monetize unauthorized …
Microsoft’s January 2024 Patch Tuesday Addresses 49 Vulnerabilities
Summary: Microsoft’s January 2024 Patch Tuesday addressed 49 vulnerabilities, including two critical ones, covering various products. Notably, a high-risk Kerberos security flaw (CVE-2024-20674) and a network-adjacent Hyper-V vulnerability (CVE-2024-20700) were patched, urging prompt updates to mitigate potential risks. Threat Level – Red | Vulnerability Report …
Unveiling the Sea Turtle Cyber Espionage Campaign
Summary: Sea Turtle, a Turkey-based Advanced Persistent Threat (APT) actor, has been active since 2017. The group has primarily targeted European and Middle Eastern organizations, focusing on information theft and DNS hijacking to compromise repositories with valuable and sensitive data. In a recent 2023 campaign, …
Anonymous Arabic Hacktivist Group Orchestrating Silver RAT
Summary: Silver RAT, a Windows-based RAT written in C# and developed by a group known as “Anonymous Arabic,” exhibits advanced capabilities, including antivirus evasion and ransomware encryption. Despite facing bans, the threat actor’s dynamic activities persist, featuring the sharing of cracked versions and hints of …