Fenix Botnet Preys on Mexico and Chile
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Fenix Botnet targets tax-paying individuals in Mexico and Chile, aiming to infiltrate specific networks and pilfer valuable data. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Ivanti Addressed A Critical Zero-Day Flaw in EPMM Software
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The vulnerability in Ivanti Endpoint Manager Mobile allows unauthorized remote access to personal information and enables limited server changes, posing significant security risks to affected organizations. To receive real-time threat advisories, …
Realst Infostealer Hides Behind Phony Blockchain Games
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Multiple counterfeit blockchain games are being exploited to infiltrate both Windows and macOS systems with a sophisticated infostealer developed in Rust, known as realst. This malicious software demonstrates the capability to …
Atera Addressed Two Zero-Day Vulnerabilities Exploiting MSI Files
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Windows Installers for the Atera remote monitoring and management software contain two zero-day vulnerabilities that could serve as a starting point for launching privilege escalation attacks. To receive real-time threat advisories, …
Apple Tackles Zero-Day Flaws Impacting iPhones and Macs
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Apple has addressed zero-day vulnerability exploited in targeted attacks on iPhones, Macs, and iPads. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Storm-0558 Chinese Threat Actor Targets Email Accounts
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Storm-0558, a China-based threat actor with espionage objectives, has been targeting email data from approximately 25 organizations using tactics like credential harvesting, OAuth token, and phishing campaigns. To receive real-time threat …
Turla Updates KAZUAR Backdoor to Target Ukraine’s Defense Sector
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Turla’s Kazuar variant remains a persistent threat, accompanied by a new .NET-based backdoor, DeliveryCheck, attributed to Russian actor Turla. The attacks target Ukraine’s defense sector, utilizing tactics like PowerShell DSC and …
Kanti Ransomware Strikes Cryptocurrency Users
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Kanti is a novel strain of ransomware that has been specifically designed to target cryptocurrency users. This sophisticated ransomware is cunningly crafted to infiltrate systems and encrypt files, particularly those related …
A Deep Dive into Space Pirates’ Unconventional Cyber Arsenal
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Space Pirates have been a persistent digital threat since 2017, relentlessly targeting over 16 organizations in Russia and one in Serbia. Despite retaining its core methods, this infamous group continuously evolves, …
A New Cross-Platform ‘P2PInfect’ Worm Threatening Cloud Environments
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary P2PInfect, a new cross-platform worm written in Rust, targets vulnerable Redis instances in cloud environments via the CVE-2022-0543 vulnerability, potentially posing a significant threat to over 307,000 systems. To receive real-time …