CACTUS Ransomware Emerges as New Threat Targeting Large Enterprises
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary CACTUS is a new strain of ransomware that targets large commercial entities using a variety of tools and tactics to distribute the ransomware binary and maintain persistence within the environment while …
New DownEx Malware Campaign Targets Foreign Government Institutions in Central Asia
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The DownEx malware was discovered in a cyberattack on government institutions in Kazakhstan and Afghanistan in 2022, likely with state sponsorship. The attackers used spear-phishing emails to infiltrate systems with a …
Uncovering the Latest Tactics of the SideWinder APT
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary SideWinder APT group uses advanced tactics like spear-phishing, DLL side-loading & more. A new server-side polymorphism technique, highlighting the need for multi-layered security measures. To receive real-time threat advisories, please follow …
DarkWatchMan RAT Targets Russians
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary DarkWatchMan is a Remote Access Trojan (RAT) distributed via a phishing website imitating a renowned Russian website. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Snake a Stealthy Cyber-Espionage Malware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Snake is a powerful cyber-espionage malware developed by FSB & linked to Turla hackers. Boasts high stealth, rigorous engineering & global reach. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Microsoft’s May 2023 update addresses two Zero-Day Vulnerabilities
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Microsoft released a security update in May 2023 to address 40 CVEs, including two zero-day vulnerabilities that have already been exploited in the wild. To receive real-time threat advisories, please follow …
New AndoryuBot Malware Exploits Ruckus Wireless Flaw for DDoS Attacks
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary AndoryuBot targets critical Ruckus Wireless Admin panel vulnerability to infect Wi-Fi access points for use in DDoS attacks, malware supports 12 DDoS attack modes and is marketed through YouTube videos. To …
Kimsuky APT Group Employs ReconShark
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Kimsuky, a North Korean APT group, is using a new malware tool called ReconShark to conduct global cyberattacks. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
A New Akira Ransomware Targets Multiple Industries and Demands Millions in Extortion
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Akira ransomware is a new threat targeting corporate networks and has already attacked several companies in various industries, stealing their data and demanding ransom from $200,000 to millions of dollars. To …
Dragon Breath APT Evolves with Double DLL Sideloading
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Dragon Breath APT targets the gambling industry using the double-clean-app technique & DLL sideloading. Chinese-speaking Windows users are being targeted. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …