Lazarus Group Uses ManageEngine Exploit to Unlock Path for QuiteRAT
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Lazarus Group, a threat actor associated with North Korea, has been detected utilizing a recently patched critical security vulnerability in Zoho ManageEngine ServiceDesk Plus. This vulnerability was exploited to deploy …
Spacecolon Toolset Fuels Surge in Scarab Ransomware Attacks
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary CosmicBeetle, an active cyber threat group, has been utilizing a malicious toolset called Spacecolon in an ongoing campaign. This toolset is used to distribute variants of the Scarab ransomware by targeting vulnerable web …
WinRAR Zero-Day Exploit Targeting Traders Since April
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The zero-day vulnerability (CVE-2023-38831) in WinRAR, allowing hackers to install malware through manipulated archives, exposing users to hidden malicious scripts and potential cyberattacks. To receive real-time threat advisories, please follow HiveForce …
Carderbee APT Strikes Hong Kong with Supply Chain Attack
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Carderbee advanced persistent threat (APT) group executed a supply chain attack by exploiting the legitimate Cobra DocGuard software. Their objective was to deploy the PlugX backdoor onto targeted organizations primarily situated in …
New Wave of Akira Ransomware Expands Arsenal with Cisco VPN Flaws
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Akira ransomware group targets Cisco VPN to breach corporate networks and leverages tools like RustDesk for stealthy access. Avast’s decryptor is ineffective against the group’s updated ransomware versions. To receive …
Data Center Vulnerabilities a Ticking Time Bomb for Cloud Services
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Several flaws in critical data center infrastructure management systems and power distribution units pose a significant risk to cloud-based services. CyberPower’s PowerPanel Enterprise has four vulnerabilities, and Dataprobe’s iBoot PDU has five. When …
Ivanti Addressed A New Zero-Day Flaw in Ivanti Sentry
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The zero-day vulnerability (CVE-2023-38035) in Ivanti Sentry (versions 9.18 and earlier) allows unauthenticated access to sensitive APIs via port 8443, posing a risk of configuration manipulation and system compromise. Apply specific …
Cuba Ransomware Targets U.S. with Veeam Exploit
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Cuba ransomware has targeted attacks on critical infrastructure organizations in the United States and IT enterprises across Latin America. In order to acquire credentials, it employs a blend of old …
Decoding Bronze Starlight’s Strategy in the Gambling Sector
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A cyberattack campaign stemming from China is currently focusing its efforts on the Southeast Asian gambling industry, with the objective of deploying Cobalt Strike beacons on compromised systems. To receive real-time …
AdLoad Malware Persists on Mac Systems with New Proxy Payload
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary AdLoad malware persists on Mac systems with a new proxy application payload, converting infected devices into a proxy botnet. This scheme, involving thousands of IP addresses, points to a monetization strategy …