New Backdoor Masquerading as a Software Update Agent, Targets macOS
Hive Pro Summary: Apple macOS users are currently being targeted by a newly discovered Rust-based backdoor known as RustDoor. This backdoor masquerades as an update for Microsoft Visual Studio and is designed to target both Intel and Arm architectures. RustDoor is equipped with various commands, enabling it …
The Zardoor Backdoor’s Silent Takeover of Saudi Charities
Summary: An espionage operation, designed to distribute a backdoor called Zardoor, was uncovered with evidence suggesting it dates back to March 2021. In May 2023, this meticulously orchestrated campaign specifically targeted non-profit organizations in Saudi Arabia. Threat Level – Amber | Attack Report For a …
Attacks, Vulnerabilities and Actors 5 to 11 February 2024
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of five attacks were executed, six vulnerabilities were uncovered, and two active adversaries were identified. …
Coyote: A Sophisticated Banking Trojan Targeting Financial Information
Summary: A new banking trojan called Coyote is currently targeting more than 60 banking institutions, primarily in Brazil. The malware distributes itself using the Squirrel installer and executes its infection process using Node.js and Nim, a relatively new multi-platform programming language. Threat Level – Amber …
Critical Vulnerability in FortiOS SSL VPN Exploited in the Wild
Summary: A critical Out-of-Bounds Write vulnerability (CVE-2024-21762) in Fortinet FortiOS SSL-VPN is actively exploited, enabling remote unauthenticated attacker to execute arbitrary code or command via specially crafted HTTP requests. Threat Level – Red | Vulnerability Report For a detailed threat advisory, download the pdf file here …
Albabat Ransomware Infiltrates via Counter-Strike Cheat Utility
Summary: Albabat ransomware, made its debut in November 2023, emerging as a financially motivated threat crafted in Rust. This ransomware has targeted both corporate entities and individual consumers across diverse geographical regions. Threat Level – Red | Attack Report For a detailed threat advisory, download the pdf file …
Ivanti Addresses Yet Another VPN Flaw Within a Month
Summary: Ivanti has addressed a newly discovered vulnerability impacting ZTA, Policy, and Connect Secure gateways. Tracked as CVE-2024-22024, this vulnerability stems from a weakness in the SAML component of the gateways related to XXE (XML eXternal Entities), enabling remote attackers to access restricted resources. Threat …
Zero-Day Authentication Bypass Exploit in Apache OFBiz
Summary: CVE-2023-51467 is a critical authentication bypass vulnerability in Apache OFBiz. Exploitation of this vulnerability could result in bypass authentication to achieve a simple Server-Side Request Forgery (SSRF) or arbitrary code execution. Users are advised to update to Apache OFBiz version 18.12.11 to mitigate potential …
Kimsuky Group’s Intriguing Exploits with AppleSeed Malware
Summary: The Kimsuky group has been actively utilizing weaponized LNK files to deploy the AppleSeed malware. While the group typically relies on spear-phishing attacks for initial access, their recent campaigns have prominently featured the use of shortcut-type malware in LNK file format. AppleSeed variant named …
