UNC2682 behind the Zero-day Exploit on SonicWall
HiveForce Labs THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. UNC2682 is using 3 formerly unknown vulnerabilities of the SonicWall Email services to get authenticated access(CVE-2021-20021), read files (CVE-2021-20022), and modify file(CVE-2021-20023). A Behinder Webshell is planted in the already existing Tomcat Java …
Zero-Day Vulnerability in Pulse Secure VPN
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Zero-day vulnerability of authentication bypass (CVE-2021-22893) has been disclosed in Pulse Secure VPN. This Vulnerability is exploited in the wild by multiple threat actors in combination with the already existing vulnerabilities (CVE-2019-11510, CVE-2020-8243 …
US government is being targeted by the Russian SVR aka APT29
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Russian SVR is following their predictable trend of exploiting publicly known vulnerabilities against US government to get authenticated access of critical infrastructures. They are targeting COVID-19 research facilities by exploiting VMware Zero-Day vulnerability and …
100M+ Devices affected by NAME:WRECK vulnerability
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. Nine Vulnerabilities affecting common TCP/IP stacks which includes FreeBSD, Nucleus NET, Ipnet & NetX can cause Denial of Service (DOS) or Remote Code Execution (RCE). These vulnerabilities are related to Domain Name System …
Old FortiNet Vulnerabilities exploited by State Sponsored Actors
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) has released a joint advisory warning stating that ATP actors are gaining access to the FortiNet VPN servers through …
F5 zero day vulnerabilities being targeted by several threat actors
THREAT LEVEL: RED Seven zero day vulnerabilities have been discovered in F5 products BIG-IP, BIG-IQ and BIG-IP Advanced WAF/ASM. The exploits of these vulnerabilities are currently unavailable according to the F5 group and Cyber Center. However, Hive Pro Threat Research team has observed several threat …
60,000+ organizations susceptible to Microsoft Exchange Server Zero Day Vulnerability
THREAT LEVEL: RED At least 60,000 companies have been affected by the recent sophisticated attacks on Microsoft Exchange Server that have been carried out by threat actors affecting small and medium sized companies. The actor group has been breaking into the company’s computer networks through the …
Multiple Zero Day Vulnerabilities in Accelion FTA server exploited for data exfiltration and extortion
THREAT LEVEL: RED Multiple Zero Day Vulnerabilities have been discovered in Accellion’s legacy File Transfer Appliance (FTA) targeted by threat actors for data exfiltration, extortion, and ransomware. Accellion patched the vulnerabilities and continues its mitigations efforts. The company “strongly recommends that FTA customers migrate to Kiteworks” …
