Satacom Malware Campaign Unleashed Crypto-stealing Extension
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A recently discovered malware campaign has been identified, utilizing the Satacom downloader as a conduit to distribute covert malware designed to illicitly extract cryptocurrency using a deceitful extension tailored for browsers …
Critical Vulnerabilities in VMware Aria Operations Addressed and Secured
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary These three vulnerabilities in VMware Aria Operations could allow attackers to remotely execute code, access sensitive information, and potentially disrupt network operations, posing significant risks to organizations. To receive real-time threat advisories, …
Google Addresses High-Stakes Chrome Zero-Day Vulnerability
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary Google tackles Chrome’s zero-day (CVE-2023-3079) vulnerability, which is related to a weakness in the Chrome V8 JavaScript engine. It poses a significant threat by allowing attackers to execute arbitrary code on …
MediaArena: A Deceptive Browser Hijacker Exploiting User Data and Security Threats
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary MediaArena is a deceptive software that hijacks browsers, redirects searches, and collects user data for malicious activities, emphasizing the importance of removal and caution. To receive real-time threat advisories, please follow …
Volt Typhoon Chinese Espionage Group Targets U.S. Government
Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Volt Typhoon, a state-sponsored threat group from China, employs stealthy techniques, exploits vulnerabilities, and focuses on espionage in cyber operations targeting critical infrastructure organizations in the United States. To receive real-time …
The Exploitation of Critical Zero-Day Vulnerability Found in MOVEit Transfer
Threat Level Vulnerability Report For a detailed threat advisory, download the pdf file here Summary The MOVEit Transfer vulnerability is that it allows for unauthorized access to the database, potential manipulation or deletion of its contents, and exploitation of affected systems. To receive real-time threat advisories, …
A New Horabot Botnet Threat Targeting Spanish-Speaking Users in the Americas
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new botnet program called “Horabot” is being used by a threat actor to deploy a banking trojan and spam tool, targeting Spanish-speaking users in the Americas. To receive real-time threat …
A New RAT Named GobRAT Targeting Linux Routers in Japan
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary GobRAT, a new RAT, is infecting Linux routers in Japan through vulnerable web interfaces, granting attackers remote control and the ability to execute commands. To receive real-time threat advisories, please follow …
Buhti Ransomware Operation Repurposes Leaked Encryptors
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Buhti ransomware, linked to Blacktail threat actors, employs leaked code of LockBit and Babuk variants. By exploiting vulnerabilities like PaperCut NG, they exfiltrate data and distribute ransomware. The addition of a …
PowerExchange Backdoor and Web Shells Breach at UAE Government Agency
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A high-severity attack targeted a UAE government agency, utilizing a custom PowerShell backdoor named PowerExchange and web shells on Microsoft Exchange servers. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn. …