New DBatLoader Malware Campaign Targets European Countries
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new malware campaign using DBatLoader to target European businesses through phishing emails. The attackers use obfuscation techniques and various file formats to distribute the malware, including Remcos RAT and Formbook. To …
Donot APT Group Targets Government and Military Orgs in South Asia
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The Donot group, also known as APT-Q-38, is a state-sponsored threat actor believed to operate out of a South Asian country. They primarily engage in network espionage activities targeting government agencies, military …
Chinese Cyber Espionage Targets Middle Eastern Telecoms
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Chinese cyber espionage actors, Gallium and APT41, linked to Operation Soft Cell campaign, are targeting Middle Eastern telecommunications sector. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Bitter APT Group Targets Chinese Energy Sector with New phishing Campaign
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary A new cyber espionage campaign targeting the energy sector in China by the South Asian threat group Bitter APT. The campaign involves the use of social engineering tactics through phishing emails that …
Unveiling ChinaZ DDoS Threat Landscape
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary ChinaZ, a Chinese threat group, is infamous for using DDoS botnets to attack Windows and Linux systems. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
New Dark Power Nim-based Ransomware Targeted Attacks Globally
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary New Dark Power ransomware gang uses Nim programming language to create malware that encrypts specific services and processes, excludes crucial system files, clears logs, and generates a ransom note in every folder. …
Cinoshi A Novel Malware-as-a-Service Platform
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Cinoshi is a new MaaS platform with a toolkit including a stealer, botnet, clipper, and crypto-miner. Offering free stealer and web panel is rare. To receive real-time threat advisories, please follow HiveForce …
A Financially Motivated Threat Group UNC961 Targeting North American Organizations
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary UNC961 is a financially motivated cyber threat group that targets organizations in North America, with a focus on exploiting vulnerable Internet-facing servers during periods of vulnerability and exploit code disclosure. To receive …
New Variant of BlackGuard Stealer Malware Steals Sensitive Information and Crypto Wallets
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new variant of the BlackGuard stealer malware that propagates through removable media and hijacks crypto wallets. It can steal sensitive information from various applications and supports stealing popular crypto assets. To …
Rising Trend of macOS Malware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary ALC is a scareware, pretending to be ransomware, as it doesn’t carry out any file encryption on the victim’s device. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …