MULTI#STORM Campaign Sets Sights on India and U.S. with RAT
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The MULTI#STORM phishing campaign employs JavaScript files to disseminate RATs throughout compromised systems. This intricate attack utilizes a multi-stage procedure that commences when the victim engages with a phishing email. The …
Millions of Github Repository susceptible to Repojacking
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Millions of GitHub repositories may be vulnerable to Repojacking, which could lead to large-scale supply chain attacks. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Fortinet Addressed Critical RCE FortiNAC Vulnerability
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Fortinet has released patches for critical and medium vulnerabilities in its FortiNAC network access control solution, addressing issues related to remote code execution and command injection. To receive real-time threat advisories, …
Attacks, Vulnerabilities and Actors 19 June to 25 June 2023
For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, the fact that there were a total of twelve attacks executed, taking advantage of seventeen different vulnerabilities in various systems, …
New Tomiris APT Group Targets Governments
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Tomiris is a Russian-speaking advanced persistent threat (APT) group that has been active since at least 2021 and is known for its use of sophisticated tactics and tools, including zero-day exploits …
Critical PaperCut Security Vulnerabilities Actively Exploited in the Wild
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Attackers are leveraging severe vulnerabilities in PaperCut MF/NG software to install Atera remote management software, posing a significant risk due to proof-of-concept exploits being available online. To receive real-time threat advisories, …
Actors, Threats and Vulnerabilities 17 to 23 April 2023
For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, they identified a total of ten attacks that were executed. Additionally, …
APT28’s SNMP Attack on Cisco Routers
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary APT28 used SNMP access to exploit Cisco routers and gain network access, utilizing weak SNMP community strings and exploiting a vulnerability to deploy Jaguar Tooth. To receive real-time threat advisories, please follow …
A New CrossLock Ransomware Threat with Cross-Platform Capabilities and Double Extortion Techniques
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary CrossLock ransomware, implemented in Go programming language, uses double extortion technique to encrypt and exfiltrate data, posing a significant threat to businesses and organizations. To receive real-time threat advisories, please follow …