Spacecolon Toolset Fuels Surge in Scarab Ransomware Attacks
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary CosmicBeetle, an active cyber threat group, has been utilizing a malicious toolset called Spacecolon in an ongoing campaign. This toolset is used to distribute variants of the Scarab ransomware by targeting vulnerable web …
WinRAR Zero-Day Exploit Targeting Traders Since April
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The zero-day vulnerability (CVE-2023-38831) in WinRAR, allowing hackers to install malware through manipulated archives, exposing users to hidden malicious scripts and potential cyberattacks. To receive real-time threat advisories, please follow HiveForce …
Carderbee APT Strikes Hong Kong with Supply Chain Attack
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Carderbee advanced persistent threat (APT) group executed a supply chain attack by exploiting the legitimate Cobra DocGuard software. Their objective was to deploy the PlugX backdoor onto targeted organizations primarily situated in …
New Wave of Akira Ransomware Expands Arsenal with Cisco VPN Flaws
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Akira ransomware group targets Cisco VPN to breach corporate networks and leverages tools like RustDesk for stealthy access. Avast’s decryptor is ineffective against the group’s updated ransomware versions. To receive …
Data Center Vulnerabilities a Ticking Time Bomb for Cloud Services
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Several flaws in critical data center infrastructure management systems and power distribution units pose a significant risk to cloud-based services. CyberPower’s PowerPanel Enterprise has four vulnerabilities, and Dataprobe’s iBoot PDU has five. When …
Ivanti Addressed A New Zero-Day Flaw in Ivanti Sentry
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The zero-day vulnerability (CVE-2023-38035) in Ivanti Sentry (versions 9.18 and earlier) allows unauthenticated access to sensitive APIs via port 8443, posing a risk of configuration manipulation and system compromise. Apply specific …
Attacks, Vulnerabilities and Actors 14 August to 20 August 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of eight executed attacks, one instance of adversary activity, and four zero-day vulnerabilities. All of …
Cuba Ransomware Targets U.S. with Veeam Exploit
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Cuba ransomware has targeted attacks on critical infrastructure organizations in the United States and IT enterprises across Latin America. In order to acquire credentials, it employs a blend of old …
Decoding Bronze Starlight’s Strategy in the Gambling Sector
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A cyberattack campaign stemming from China is currently focusing its efforts on the Southeast Asian gambling industry, with the objective of deploying Cobalt Strike beacons on compromised systems. To receive real-time …
LOLKEK Ransomware Evolving New Tactics to Evade Detection
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary LOLKEK ransomware is still being actively developed and uses new tactics to evade detection, including obfuscation, legitimate tools, and network shares. It encrypts all drives, including network shares, and demands 0.1 …