New Version of ViperSoftX Malware Targets Password Managers and Cryptocurrency Wallets
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary ViperSoftX is an information-stealing malware primarily targeting cryptocurrencies, using sophisticated encryption techniques and monthly changes in command-and-control servers to evade detection. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
New macOS malware RustBucket attributed to North Korean group BlueNoroff
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary RustBucket, attributed to BlueNoroff, is split into two stages, with the second stage application appearing as a legitimate PDF viewer but becoming malicious when a specific PDF is loaded. To receive …
North Korean-Backed Group’s Sparks X_Trader Supply Chain Attack
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The X_Trader software supply chain attack affected at least a number of critical infrastructure entities in the United States and Europe. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
New PingPull Malware Variant Targets Linux Systems
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The PingPull malware variant that targets Linux systems is linked to Alloy Taurus, and it communicates with a domain over HTTPS to receive encrypted commands for executing specific functions. To receive …
Charming Kitten Hackers Utilize New Tactics with BellaCiao Malware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Iranian APT group, Charming Kitten, is using a new, sophisticated malware called BellaCiao to target specific victims in multiple regions, employing unique communication tactics with its command-and-control infrastructure. To receive real-time …
Daggerfly APT Deploys MgBot to Target African Telecoms Organization
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary The Daggerfly advanced persistent threat group has been observed using previously unseen plugins from the MgBot malware framework in a recent campaign. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Malevolent EvilExtractor Stealer Attacks Strike Europe and US
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary EvilExtractor is a new type of malware that extracts sensitive data from Windows systems. It’s a data theft tool gaining notoriety due to increased attacks in Europe and the US. To …
New Tomiris APT Group Targets Governments
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Tomiris is a Russian-speaking advanced persistent threat (APT) group that has been active since at least 2021 and is known for its use of sophisticated tactics and tools, including zero-day exploits …
Critical PaperCut Security Vulnerabilities Actively Exploited in the Wild
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Attackers are leveraging severe vulnerabilities in PaperCut MF/NG software to install Atera remote management software, posing a significant risk due to proof-of-concept exploits being available online. To receive real-time threat advisories, …
APT28’s SNMP Attack on Cisco Routers
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary APT28 used SNMP access to exploit Cisco routers and gain network access, utilizing weak SNMP community strings and exploiting a vulnerability to deploy Jaguar Tooth. To receive real-time threat advisories, please follow …