Exploit found in the wild for Critical VMware Aria Operations Bug
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary An exploit has surfaced for CVE-2023-20864, a highly significant security vulnerability within the VMware Aria Operations for Logs analysis tool utilized in cloud management. This exploit empowers malicious actors to execute …
The Unrelenting Nature of TOITOIN Malware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The TOITOIN malware campaign, targeting businesses in the LATAM region, employs sophisticated techniques and multi-stage infection chains with numerous malware samples disguised as compressed ZIP archives hosted on Amazon EC2. To …
Apple Addresses A Zero-Day Vulnerability Which Is Actively Exploited in Wild
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The zero-day vulnerability (CVE-2023-37450) discovered in multiple Apple products is being actively exploited in the wild, specifically when processing web content. This vulnerability can potentially result in arbitrary code execution. To …
Unveiling New Big Head Ransomware Variants and Their Stealthy Tactics
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The emergence of Big Head ransomware and its variants suggests a shared source, distributed through deceptive Windows update and Word installer disguises. The threat actor engages via email and Telegram, showcasing …
Charming Kitten’s Latest Malware Arsenal and Targeting Strategies
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Charming Kitten, an adaptable threat actor, has shifted to new malware tactics and targets by employing LNK infection chains and utilizing cloud hosting providers. This evolution in their approach poses a …
Crysis Threat Actors Unleash Venus Ransomware via RDP
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The threat actors behind the Crysis ransomware are currently utilizing the Venus ransomware as a component of their attack strategy, with a primary focus on targeting vulnerable systems through active Remote …
Surge in 8Base Ransomware Group Activity
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary 8Base Ransomware group define themselves as “honest and simple pentesters”, have spiked their activities recently and was observed to be within the top 2 performing ransom groups. To receive real-time threat …
New Variant of RUSTBUCKET Malware Targeting Cryptocurrency Providers
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary RUSTBUCKET malware family is actively developing, adding persistence capabilities, while the REF9135 operation by the DPRK targets cryptocurrency service providers. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
European Ministries Fall Victim to Chinese Hacker’s SmugX Campaign
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A Chinese nation-state group has been persistently conducting a campaign targeting Foreign Affairs ministries and embassies in Europe. They employ HTML smuggling techniques to distribute a new variant of the PlugX …
Vulnerability in WordPress Plugin threatens Website takeover
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary WordPress Ultimate Member Plugin, with over 200K installations helps in streamlining user registration and login processes. It has been found vulnerable to unauthenticated privilege escalation, posing a potential risk of website takeover …