Actors, Threats and Vulnerabilities 13 March to 19 March 2023
HiveForce Labs For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here Over the past week, Hive Pro detected the presence of five active threat actors. The first of these is Dark Pink APT, a notorious group with …
HookSpoofer A Novel Infostealer with Advanced Capabilities
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary North Korea-linked hacking group Reaper has recently been observed engaging in surveillance of North Korean defectors. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Reaper, North Korean hacking group, targets defectors
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary North Korea-linked hacking group Reaper has recently been observed engaging in surveillance of North Korean defectors. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
DotRunpeX Novel Injector Delivers Multiple Malware Strains
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary DotRunpeX malware attack vectors have been linked to dozens of campaigns. The DotRunpeX is a second-stage infection used to deploy a variety of malware families, most notably stealers, RATs, loaders, and downloaders. …
Outlook Vulnerability Exploited by Russian Hackers Since April 2022
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A vulnerability in Microsoft Outlook allowed an unknown Russian threat actor to gain access to a victim’s NTLM hash through a specially crafted email. To receive real-time threat advisories, please follow HiveForce …
BianLian ransomware ramps up data-leak extortion and improves operational security
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary BianLian ransomware group is ramping up data-leak extortion to extract payments, using similar tactics & a custom backdoor, and bringing 30 new C2 servers online monthly. To receive real-time threat advisories, please …
New YoroTrooper Threat Actor Targeting Government and Energy Organizations
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary A new threat actor named “YoroTrooper,” has been conducting espionage campaigns since at least June 2022. The group’s main motivation appears to be espionage, and they register malicious domains or typo-squatted domains …
APT 29 Launches Malevolent Campaign Targeting Governments
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary APT 29 has launched a novel campaign targeting Western countries. This latest operation involves the use of a malevolent dropper called ROOTSAW. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Malware Impersonating Websites Spread via Google Ads
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Multiple Malware were found on newly registered websites impersonating various applications, likely originating from malicious Google Search Ads. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …
Adobe Addressed a Zero-day Vulnerability in ColdFusion 2021 and 2018
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Adobe has recently released security updates for ColdFusion 2021 and 2018 versions, addressing critical and important vulnerabilities that could potentially result in arbitrary code execution and memory leaks, including a zero-day vulnerability. …