October 8, 2024

Weekly Threat Digest: September 30 – October 06, 2024

For a detailed threat digest, download the pdf file here


Summary

HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, four attacks were executed, sixteen exploited vulnerabilities were uncovered, and three active adversaries were identified. These findings highlight the growing and persistent risk posed by cyber intrusions.

A new cryptojacking operation is targeting Docker and Kubernetes environments, exploiting exposed Docker API endpoints without authentication to mine cryptocurrency. The Raptor Train botnet framework, operational since mid-2020, has evolved into a highly complex, multi-layered network primarily targeting SOHO networks and IoT devices. By June 2024, the botnet had expanded significantly, amassing a database of over 1.2 million compromised devices globally.

Additionally, SloppyLemming, a sophisticated threat actor likely originating from India, has been orchestrating an advanced cyberespionage campaign across South and East Asia. Concurrently, a recent spear-phishing campaign is targeting recruiters, leveraging a JavaScript-based backdoor known as More_eggs, disguised as fraudulent job applications. These escalating threats present an immediate and critical danger to global cybersecurity.

Subscribe to receive our weekly threat digests and newsletters directly in your inbox.

Recent Resources

Dive into our library of resources for expert insights, guides, and in-depth analysis on maximizing Uni5 Xposure’s capabilities

Book a demo and find out more about how Hive Pro can double your operational efficiency

Book a Demo