Weekly Threat Digest: November 04 – November 10, 2024
For a detailed threat digest, download the pdf file here
Summary
HiveForce Labs has recently made significant advancements in identifying cybersecurity threats. Over the past week, detected five attacks, reported five vulnerabilities, and identified one active adversary. These findings underscore the relentless and escalating danger of cyber intrusions.
Additionally, threat actors exploited the SharePoint Remote Code Execution flaw (CVE-2024-38094) to infiltrate corporate networks, deploying a Fast Reverse Proxy and custom webshell to maintain control over compromised systems.
Furthermore, this week, Iranian cyber group Emennet Pasargad, now operating as Aria Sepehr Ayandehsazan (ASA), conducts global hack-and-leak operations to destabilize and undermine trust in Israel’s information space. The CRON#TRAP phishing campaign uses QEMU to deploy a custom TinyCore Linux instance on Windows systems, employing virtualization to create stealthy, persistent backdoors. These rising threats pose significant and immediate dangers to users worldwide.
Subscribe to receive our weekly threat digests and newsletters directly in your inbox.