Airline industry affected by supply-chain attack allegedly done by Chinese espionage group APT-41
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. A supply chain attack was carried out on the airline industry, which started with SITA being compromised, allegedly done by Chinese espionage group APT-41. SITA is responsible for providing software solutions to 90% of …
PuzzleMaker using Chrome zero-day exploit to get into your Windows PC
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. A chain of zero-day vulnerabilities is being used by a new threat actor, PuzzleMaker. PuzzleMaker uses a chrome V8 type confusion vulnerability (CVE-2021-21224), which allows the attacker to execute an arbitrary code via a …
IBM products susceptible to multiple Vulnerabilities
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Multiple easily exploitable vulnerabilities have been found in IBM jazz foundation and IBM engineering products. An official fix to all the vulnerabilities have been made available by IBM Vulnerability Details References https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilites-affect-ibm-jazz-foundation-and-ibm-engineering-products-4/ …
The famous WordPress Plugin, Fancy Product Designer affected by a zero-day
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Hackers are actively exploiting a zero-day vulnerability on the famous Fancy Product Designer, a WordPress plugin, since May 16, 2021. This plugin has been installed on over 17,000 sites. Hive Pro Threat Research Team …
AnyDesk Installer Targeted by Malvertising Campaign
THREAT LEVEL: Green. For a detailed advisory, download the pdf file here. A malvertising campaign, which was active since April 21, was established by hackers for a popular remote desktop application, AnyDesk. A fake app ad was pushed via Google ads when searching for “AnyDesk”. The …
Multiple vulnerabilities in Nagios IT Monitoring Software could be exploited for infrastructure hijacking
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Nagios fusion is an open-source IT monitoring application that could be exploited by a threat actor to hijack the complete infrastructure. 13 vulnerabilities have been reported in all its version up to 4.1.8. Vulnerability …
FragAttacks – Allowing adversaries to steal data by intercepting vulnerable network traffic from Wi-Fi devices
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Multiple vulnerabilities aka FragAttacks(fragmentation and aggregation attacks) have been found in Wi-Fi devices that makes most of the smartphones, servers, and operating systems susceptible to these. These vulnerabilities not only affect the latest …