November 12, 2024

Weekly Threat Digest: November 04 – November 10, 2024

For a detailed threat digest, download the pdf file here


Summary

HiveForce Labs has recently made significant advancements in identifying cybersecurity threats. Over the past week, detected five attacks, reported five vulnerabilities, and identified one active adversary. These findings underscore the relentless and escalating danger of cyber intrusions.

Additionally, threat actors exploited the SharePoint Remote Code Execution flaw (CVE-2024-38094) to infiltrate corporate networks, deploying a Fast Reverse Proxy and custom webshell to maintain control over compromised systems.

Furthermore, this week, Iranian cyber group Emennet Pasargad, now operating as Aria Sepehr Ayandehsazan (ASA), conducts global hack-and-leak operations to destabilize and undermine trust in Israel’s information space. The CRON#TRAP phishing campaign uses QEMU to deploy a custom TinyCore Linux instance on Windows systems, employing virtualization to create stealthy, persistent backdoors. These rising threats pose significant and immediate dangers to users worldwide.

Subscribe to receive our weekly threat digests and newsletters directly in your inbox.

Recent Resources

Dive into our library of resources for expert insights, guides, and in-depth analysis on maximizing Uni5 Xposure’s capabilities

Book a demo and find out more about how Hive Pro can double your operational efficiency

Book a Demo