Terrapin Attack Downgrading the Fortresses of SSH
Summary: The Terrapin attack, a cryptographic exploit targeting the widely adopted SSH protocol, poses a threat to the security of over 15 million servers dispersed across the Internet. This vulnerability enables attackers to compromise the security of established connections by truncating the extension negotiation message. …
Google’s Battle Against Zero-Day Vulnerability Continues
Summary: Google has recently implemented a security enhancement to address a high-severity zero-day vulnerability, identified as CVE-2023-7024, that can lead to program crashes or enable arbitrary code execution. Threat Level – Red | Vulnerability Report For a detailed threat advisory, download the pdf file here To …
Mallox Ransomware A Resurgent Threat Exploiting MS-SQL Flaws
Summary: Mallox is a resilient Ransomware-as-a-Service (RaaS) threat, utilizing tactics like exploiting MS-SQL vulnerabilities and employing brute force attacks. Operating with a prolonged presence, Mallox’s recent variant, “Mallox.Resurrection,” exhibits consistent functionalities, emphasizing the importance of cybersecurity basics for defense. Threat Level – Red | Attack …
Novel Go-Based Malware Unleashes Coordinated Strikes on macOS and Windows
Summary: A recently identified threat known as JaskaGO has surfaced as a new cross-platform information stealer malware. This malware is designed to target and compromise systems running both Windows and Apple macOS operating systems. Threat Level – Red | Attack Report For a detailed threat …
PikaBot Malware Unleashes Threat via Malvertising
Summary: PikaBot, a recently identified malware family, has become a prominent threat in malvertising campaigns, particularly through search engine ads. Associated with the TA577 threat actor and linked to ransomware distribution, PikaBot employs advanced tactics, such as decoy websites and fingerprinting, highlighting the evolving landscape …
The Kuiper Ransomware Surge and Its Dark Origins
Summary: In a predominantly Russian Dark Web forum, a sophisticated ransomware-as-a-service (RaaS) project named “KUIPER” was introduced. The Kuiper ransomware, developed in Golang, is compatible with Windows, Linux, and OSX systems, and is associated with a suspected intrusion at a government financial department in Africa. …
OilRig Group Unleashes Three New Malware Strains
Summary: The Iranian state-sponsored threat actor, commonly referred to as OilRig, implemented three distinct downloader malware variants throughout the year 2022. The primary objective was to sustain persistent access to targeted organizations located in Israel. OilRig demonstrated active development and deployment of a series of …
Play Ransomware A Global Threat Impacting Businesses
Summary: The Play ransomware group, active since June 2022, employs a double-extortion model, impacting businesses globally. Utilizing legitimate tools for malicious activities, the group has affected approximately 300 entities. Threat Level – Red | Attack Report For a detailed threat advisory, download the pdf file here …
Attacks, Vulnerabilities and Actors 11 December to 17 December 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of eleven executed attacks, six instances of adversary activity, and five exploited vulnerability, highlighting the …
Gaza Cybergang’s Pierogi++ Upgrade Takes Center Stage
Summary: The Gaza Cybergang, a sophisticated threat actor, has recently intensified its attacks by deploying an advanced version of the Pierogi backdoor malware. This group focuses its cyber operations primarily on Palestinian entities and Israel, with a historical record of targeting entities across the Middle …