HiveForce Lab Google addressed an array of bugs with Chrome 108
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Google Chrome’s latest stable channel update for Windows, Mac, and Linux fixes several vulnerabilities. There are eight high-severity security flaws and 14 medium-severity flaws. The most significant of these flaws is …
Chinese cyber espionage hackers target Southeast Asian firms
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary UNC4191, a threat actor with a suspected China affiliation, has been linked to a series of espionage assaults primarily in Southeast Asia that use USB sticks as an initial infection vector. …
How ScarCruft APT group enhances its toolkit with a powerful Dolphin backdoor
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary ScarCurft aka Reaper, APT 37, Ricochet Chollima is North Korean espionage group, active since 2012. ScarCruft has targeted South Korea Newspaper with a watering hole attack in the last year. In …
Adversaries strike critical Windows IKE flaw in the “Bleed You” campaign
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary An active “Bleed You” campaign is leveraging a critical RCE (CVE-2022-34721) vulnerability in Windows Internet Key Exchange (IKE) Protocol Extensions to assist subsequent malware and ransomware assaults and lateral network movement. …
A new strain of Punisher ransomware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new variant of the Punisher ransomware is spreading via phishing website that delivers ransomware disguised as a COVID tracking application. Punisher Encryptor is a .NET binary that runs on Windows …
Actively Exploited Zero-Day Bug in Chrome
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary CVE-2022-4135 is a high-severity heap buffer overflow issue that affects the GPU component. The fault is caused by a boundary error in the GPU while processing untrusted HTML input. An attacker …
A new RansomExx ransomware strain revised in Rust
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary RansomExx is a ransomware variant that operates on a ransomware-as-a-service (RaaS) model and has been active since it first appeared in 2018 as Defray777. The latest version, dubbed RansomExx2 by threat …
Black Basta Ransomware Invades US Firms with Qakbot Malware
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary In this latest spear-phishing campaign, the Black Basta ransomware gang employed QakBot malware, aka QBot or Pinkslipbot, to acquire an initial point of entry and migrate laterally through an organization’s network …