Unveiling the Minas Miner’s Deceptive Tactics
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Minas is a multi-stage cryptocurrency miner with a concealed presence. It evades detection through encryption, randomization, and persistence techniques, showcasing determined network compromise. To receive real-time threat advisories, please follow HiveForce …
MEME#4CHAN The Unconventional Phishing Campaign Spreading XWorm
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A persistent cyber threat known as MEME#4CHAN has emerged, characterized by an intricate phishing campaign. This cluster of malicious activity employs a distinctive attack chain methodology, successfully infiltrating targeted systems and …
8220 Gang Exploiting Vulnerabilities in Cloud Environments for Cryptocurrency Mining
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The 8220 Gang is a cyber threat group that targets cloud and container environments, exploiting vulnerabilities in applications like Oracle WebLogic, Apache Log4j, and Atlassian Confluence. To receive real-time threat advisories, …
Rancoz Ransomware Employs Advanced Techniques to Encrypt Victims’ Files
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Rancoz ransomware demonstrates the growing danger of tailored ransomware strains, leveraging advanced encryption techniques. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Water Orthrus Targets Chinese Users with CopperStealth and CopperPhish
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Water Orthrus has recently launched two new campaigns, CopperStealth and CopperPhish, where CopperStealth employs rootkit techniques, while CopperPhish globally distributes a phishing kit through PPI networks. To receive real-time threat advisories, …
RA Group’s Custom Ransomware Hits US & South Korea
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The emergence of the RA ransomware group highlights the utilization of the recently leaked Babuk ransomware source code as they employ it to develop their variant of the malware. To receive …
Lancefly APT Group Deploys Custom Backdoor ‘Merdoor’ in Targeted Attacks
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The Lancefly APT group targets South and Southeast Asia using the Merdoor backdoor and an updated ZXShell rootkit. Their attack chain involves credential theft, lateral movement, file staging, and encryption, and …
XSS Vulnerability in Popular WordPress Plugin Affects 2 Million Sites
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary A Cross-Site scripting vulnerability has been discovered in an Advanced Custom Fields plugin for WordPress which has put 2 Million websites at risk. To receive real-time threat advisories, please follow HiveForce …
Greatness a Growing Threat to Microsoft 365 Users
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Phishing-as-a-Service (PaaS) platform named ‘Greatness’ has experienced a surge in its operations, which target organizations utilizing Microsoft 365 in the United States, United Kingdom, Australia, South Africa, and Canada. To …
New Variant of BPFDoor Linux Malware Features Enhanced Encryption and Stealthy Communication
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new variant of the Linux malware BPFDoor has been discovered, featuring more robust encryption and reverse shell communication. It uses the BPF to bypass firewall restrictions, allowing threat actors to …