GhostSec and Stormous Join Forces for a Ransomware Blitz
Summary: The GhostSec and Stormous ransomware factions have launched a sophisticated campaign. Introducing the GhostLocker 2.0 ransomware and the STMX_GhostLocker ransomware-as-a-service (RaaS) initiative, these groups employ double extortion tactics, posing a significant threat to businesses primarily in the Middle East. Threat Level – Red | Attack Report …
WogRAT Backdoor Poses Risk to Windows and Linux Users
Summary: WogRAT, a backdoor malware targeting both Windows and Linux, spreads through aNotepad, an online notepad service. It disguises itself as system tools to trick users into downloading it, mainly targeting users in Asia. Users are cautioned to download software from official sources and update …
Apple Rolls Out Critical Updates to Address Zero-Day Flaws
Summary: Apple has addressed two zero-day vulnerabilities in iOS, namely CVE-2024-23225 and CVE-2024-23296. These vulnerabilities were exploited in attacks targeting Mobile devices, providing attackers with arbitrary kernel read and write privileges, enabling them to bypass kernel memory protections. Threat Level – Red | Vulnerability Report …
CHAVECLOAK Banking Trojan Sneaks into Brazil’s Financial Hub
Summary: The CHAVECLOAK banking trojan is purposefully crafted to target the banking credentials of individuals in Brazil, highlighting the ongoing focus of cyber criminals on the nation’s financial sector. Threat Level – Amber | Attack Report For a detailed threat advisory, download the pdf file here …
TA577 Targeting Windows NTLM Hashes in Global Campaigns
Summary: TA577, a significant cyber threat group, has shifted tactics to steal NTLM authentication data, utilizing thread hijacking and customized HTML attachments. Organizations should block outbound SMB to thwart exploitation and remain vigilant against evolving attack methods. Threat Level – Red | Attack Report For a detailed …
Critical Vulnerabilities Discovered in TeamCity, Enable Server Takeover
Summary: Two vulnerabilities in the JetBrains TeamCity On-Premises software have been discovered (CVE-2024-27198 and CVE-2024-27199). Threat actors may attempt to take advantage of these vulnerabilities in order to breach and gain control of the impacted systems leading to system compromise. Threat Level – Red | Vulnerability Report …
Attacks, Vulnerabilities and Actors 26 February to 3 March 2024
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of eight attacks were executed, twelve vulnerabilities were uncovered, and six active adversaries were identified. …
New Linux Variant of Bifrost RAT Utilizes Deceptive Domain for Evasion
Summary: A new Linux variant of the Bifrost RAT evades detection using a deceptive VMware domain, aiming to compromise systems. This persistent threat spreads through malicious emails and sites, harvesting sensitive data and now includes an ARM version, emphasizing the need for vigilant countermeasures to safeguard against …
CISA Known Exploited Vulnerability Catalog February 2024
For a detailed CISA’s KEV Catalog, download the pdf file here Summary The Known Exploited Vulnerability (KEV) catalog, maintained by CISA, is the authoritative source of vulnerabilities that have been exploited in the wild. It is recommended that all organizations review and monitor the KEV catalog, …