Lockbit Ransomware strikes, demands $70-million Ransom
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Lockbit sub-group, National Hazard Agency, claims of data exfiltration from TSMC systems, allegedly deployed Ransomware and demands 70-million-dollar ransom. TSMC has clarified that their system is unaffected, and an TSMC IT …
Andariel Group unleashes New EarlyRAT malware
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Andariel is a sub-group of Lazarus and is remarkably stealthy in its operation. Recently they have developed new malware called EarlyRAT. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
PindOS malware deploying Bumblebee and IcedID
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary PindOS, new JavaScript dropper has been spotted in the wild. It is specifically engineered to deliver next-stage payloads and is currently deploying infamous malwares like deploying Bumblebee and IcedID. To receive …
JokerSpy macOS Backdoor Attacks Japanese Cryptocurrency Exchange
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary An unknown cryptocurrency exchange in Japan became the target of a precise attack employing an intricate Apple macOS backdoor called JokerSpy. References to JokerSpy can be traced back to as early …
MULTI#STORM Campaign Sets Sights on India and U.S. with RAT
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The MULTI#STORM phishing campaign employs JavaScript files to disseminate RATs throughout compromised systems. This intricate attack utilizes a multi-stage procedure that commences when the victim engages with a phishing email. The …
Millions of Github Repository susceptible to Repojacking
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Millions of GitHub repositories may be vulnerable to Repojacking, which could lead to large-scale supply chain attacks. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Fortinet Addressed Critical RCE FortiNAC Vulnerability
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Fortinet has released patches for critical and medium vulnerabilities in its FortiNAC network access control solution, addressing issues related to remote code execution and command injection. To receive real-time threat advisories, …
APT28 Leveraged Three Roundcube Exploits in Espionage Campaign
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary APT28 conducted a sophisticated campaign targeting prominent organizations in Ukraine. The campaign involved spear-phishing emails, and these attachments exploited vulnerabilities in the Roundcube webmail platform. To receive real-time threat advisories, please …
RedEyes Exploiting Ably Platform Using FadeStealer and Wiretapping Capabilities
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary RedEyes, a state-sponsored APT group, is targeting individuals through spear phishing emails and employing an Infostealer with wiretapping capabilities, utilizing the Ably platform for command and control. To receive real-time threat …
Mirai Botnet Exploits Multiple Flaws in the Latest Campaign
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new variant of the Mirai botnet is actively exploiting vulnerabilities in various devices, aiming to create botnets and launch DDoS attacks. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …