September 12, 2023

Attacks, Vulnerabilities and Actors 4 September to 10 September 2023

For a detailed threat digest, download the pdf file here

Summary

HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of ten executed attacks, one instance of adversary activity, and six vulnerabilities including two zero-day vulnerabilities highlighting the ever-present danger of cyber attacks.

Furthermore, HiveForce Labs uncovered a modular Linux-based botnet ‘DreamBus’ exploiting a critical remote code execution vulnerability in RocketMQ servers, tracked as CVE-2023-33246, to infect devices.

Meanwhile, Smishing Triad, a China-based threat actor, has been conducting a large-scale smishing campaign targeting US citizens and other countries, impersonating various postal and delivery services, such as USPS, Royal Mail, PostNord, and others, to steal payment data and other sensitive information. These observed attacks have been on the rise, posing a significant threat to users worldwide.

Simply Subscribe to receive our weekly threat digests and newsletters directly in your inbox.

Related Events

Dive into our library of resources for expert insights, guides, and in-depth analysis on maximizing Uni5 Xposure’s capabilities

Book a demo and find out more about how Hive Pro can double your operational efficiency

Book a Demo