Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A recently discovered malware campaign has been identified, utilizing the Satacom downloader as a conduit to distribute covert malware designed to illicitly extract cryptocurrency using a deceitful extension tailored for browsers …

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary These three vulnerabilities in VMware Aria Operations could allow attackers to remotely execute code, access sensitive information, and potentially disrupt network operations, posing significant risks to organizations. To receive real-time threat advisories, …

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Google tackles Chrome’s zero-day (CVE-2023-3079) vulnerability, which is related to a weakness in the Chrome V8 JavaScript engine. It poses a significant threat by allowing attackers to execute arbitrary code on …

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary MediaArena is a deceptive software that hijacks browsers, redirects searches, and collects user data for malicious activities, emphasizing the importance of removal and caution. To receive real-time threat advisories, please follow …

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Volt Typhoon, a state-sponsored threat group from China, employs stealthy techniques, exploits vulnerabilities, and focuses on espionage in cyber operations targeting critical infrastructure organizations in the United States. To receive real-time …

Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The MOVEit Transfer vulnerability is that it allows for unauthorized access to the database, potential manipulation or deletion of its contents, and exploitation of affected systems. To receive real-time threat advisories, …

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary  A new botnet program called “Horabot” is being used by a threat actor to deploy a banking trojan and spam tool, targeting Spanish-speaking users in the Americas. To receive real-time threat …

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary GobRAT, a new RAT, is infecting Linux routers in Japan through vulnerable web interfaces, granting attackers remote control and the ability to execute commands. To receive real-time threat advisories, please follow …

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Buhti ransomware, linked to Blacktail threat actors, employs leaked code of LockBit and Babuk variants. By exploiting vulnerabilities like PaperCut NG, they exfiltrate data and distribute ransomware. The addition of a …

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A high-severity attack targeted a UAE government agency, utilizing a custom PowerShell backdoor named PowerExchange and web shells on Microsoft Exchange servers. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …