Red Eyes Exploits Hangul EPS Vulnerability and Steganography to Spread Malware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Red Eyes group used an old vulnerability in Hangul word processor to spread malicious code via steganography, stealing personal PC information and mobile phone data, and executing C&C commands using …
Microsoft tackles three actively exploited zero-day vulnerabilities and several other bugs
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary In February 2023’s Patch Tuesday, Microsoft released a patch that addressed 75 vulnerabilities, including three zero days. The patch addressed 12 Elevation of Privilege vulnerabilities, 2 Security Feature Bypass vulnerabilities, 36 …
Emerging MortalKombat Ransomware and Laplas Clipper Malware Targeting Cryptocurrency
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary An unidentified actor using the MortalKombat ransomware and a GO variant of the Laplas Clipper malware to steal cryptocurrency from victims. This campaign aims to steal or demand ransom payments in …
New China-based Group Expands Operations to Compromise Diplomatic Targets in South America
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The China-based cyber espionage group DEV-0147 has expanded its data exfiltration operations to include diplomatic targets in South America, in addition to targeting government agencies and think tanks in Asia and …
Revealing the Tonto Team’s Latest Hacks and Menaces
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The Tonto Team, a Chinese hacking group, has been linked to attacks on various Asian and Eastern European organizations. In June 2022, an advanced persistent threat (APT) attempted to hack a …
Apple Addressed A Zero-day Vulnerability With An Emergency Security Update
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Apple has released an emergency security update to fix a zero-day vulnerability, CVE-2023-23529, that could be used to hack iPhones, iPads, and Macs. The vulnerability was found in WebKit and could …
Russian Hacker Group Disrupts Relief Efforts for Turkey-Syria Earthquake with DDoS Attacks
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Killnet, a Russian hacker group, disrupted relief efforts for the Turkey-Syria earthquake by carrying out DDoS attacks, taking down the websites of NATO Special Operations Headquarters and Strategic Airlift Capability. …
Actors, Threats and Vulnerabilities 6 February to 12 February 2023
For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here Hive Pro identified three active actors over the past week. The first, OilRig, is a well-known threat actor known for its information theft and espionage activities. …
Russia-linked Nodaria group employs Graphiron information stealer
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A cyber espionage group linked to Russia, known as Nodaria, has been spotted deploying a newly created information-stealing malware named Graphiron in attacks aimed at Ukraine. The malware, coded in Go, …
Clop Ransomware Group Claims Responsibility for GoAnywhere MFT Attacks
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Clop ransomware group claims responsibility for recent cyber attacks that exploited a zero-day vulnerability in the GoAnywhere MFT secure file transfer tool. The vulnerability, now known as CVE-2023-0669, allows attackers …