CISA Known Exploited Vulnerability Catalog March 2024
Summary The Known Exploited Vulnerability (KEV) catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. It is recommended that all organizations review and monitor the KEV catalog, prioritize remediation of listed vulnerabilities, and reduce the likelihood of …
Stealer Malwares Delivered Through Malicious Ads and Bogus Websites
Summary: Two distinct stealer malware programs, including Atomic Stealer, are being distributed to Apple macOS users through deceptive advertisements and counterfeit websites. These recent attacks have successfully infected victims’ macOS devices with infostealers. Threat Level – Red | Attack Report For a detailed threat advisory, download …
Attacks, Vulnerabilities and Actors 25 to 31 March 2024
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of twelve attacks were executed, ten vulnerabilities were uncovered, and two active adversaries were identified. …
XZ Utils Backdoored, A Supply Chain Nightmare
Summary: Multiple Linux distributions face a potential supply chain threat due to the introduction of malicious code into a widely-used library. A backdoor was discovered within the XZ Utils library, inserted roughly a month ago. This compromise allows attackers to manipulate and intercept data exchanged …