February 6, 2024

Attacks, Vulnerabilities and Actors 29 January to 4 February 2024

For a detailed threat digest, download the pdf file here

Summary

HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of seven executed attacks, two instances of adversary activity, and six exploited vulnerabilities, highlighting the ever-present danger of cyberattacks.

Furthermore, HiveForce Labs uncovered Financial gain group UNC4990, targeting organizations in Italy by utilizing weaponized USB drives as an initial infection vector and deploying malwares EMPTYSPACE and  QUIETBOARD.

Meanwhile, a critical zero-day vulnerability (CVE-2024-21893), in Ivanti that enables remote attackers to conduct SSRF attacks by exploiting insufficient validation of user-provided information in the SAML component. Ivanti anticipates a significant surge in exploitation of the flaw in coming days.

Subscribe to receive our weekly threat digests and newsletters directly in your inbox.

Recent Resources

Dive into our library of resources for expert insights, guides, and in-depth analysis on maximizing Uni5 Xposure’s capabilities

Book a demo and find out more about how Hive Pro can double your operational efficiency

Book a Demo