Weekly Threat Digest: November 11 – November 17, 2024
For a detailed threat digest, download the pdf file here
Summary
HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, eight attacks were executed, nine vulnerabilities were uncovered, and two active adversaries were identified, underscoring the persistent danger of cyberattacks.
HiveForce Labs has revealed that WIRTE, a Middle Eastern advanced persistent threat (APT) group, is actively targeting entities across the Palestinian Authority, Jordan, Egypt, Iraq, and Saudi Arabia. The group has employed a diverse set of malicious tools and techniques, including custom loaders such as “IronWind” and the wiper malware “SameCoin,” to infiltrate and disrupt their targets.
Additionally, North Korean threat actors have introduced a new strategy to target macOS devices. They are leveraging trojanized Notepad apps and Minesweeper games, developed using Flutter and signed with a legitimate Apple developer ID, to compromise macOS systems. This marks a notable shift in their tactics. A newly identified phishing campaign is leveraging a variant of the Remcos RAT to target Microsoft Windows users. The attack begins with phishing emails that contain a malicious Excel document designed to exploit the CVE-2017-0199 vulnerability. These escalating threats pose a significant and immediate risk to users worldwide.
Subscribe to receive our weekly threat digests and newsletters directly in your inbox.