Attacks, Vulnerabilities and Actors 20 to 26 May 2024

For a detailed threat digest, download the pdf file here

Summary

HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of twelve attacks were executed, four vulnerabilities were uncovered, and three active adversaries were identified. These findings underscore the persistent danger of cyberattacks.

Furthermore, HiveForce Labs discovered that the ‘REF4578‘ campaign uses the GhostEngine payload to exploit driver vulnerabilities, disable security products, and install an XMRig miner. GhostEngine ensures the miner’s persistence and undetected operation by leveraging elevated privileges and disabling antivirus and endpoint protection tools.

The China-linked threat actor Sharp Dragon, previously known as Sharp Panda has expanded its cyber espionage campaign to target governmental organizations in Africa and the Caribbean. These attacks are on the rise, posing a significant threat to users worldwide.

Subscribe to receive our weekly threat digests and newsletters directly in your inbox.