Actors, Threats and Vulnerabilities 29 May to 4 June 2023

For a detailed threat digest, download the pdf file here

Summary

HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, three attacks were executed, taking advantage of two different vulnerabilities in various systems, and involving one adversary highlighting the ever-present danger of cyber-attacks.

Interestingly, these two vulnerabilities are part of the known exploited vulnerability catalog by CISA.

Moreover, HiveForce Labs also found that Blacktail was exploiting vulnerabilities like PaperCut NG, exfiltrating data, and distributing ransomware.

Furthermore, we identified a new remote access trojan (RAT) named GobRAT has emerged and is currently spreading among Linux routers in Japan. It primarily targets routers with vulnerable web interfaces, allowing unauthorized access and potential control by malicious actors.

Meanwhile, an unidentified threat actor recently deployed a botnet program, Horabot, to target Spanish-speaking users in the Americas. All these attacks were observed to be on the rise, posing a significant threat to users all over the world.

For a detailed threat digest, download the pdf file here