Attacks, Vulnerabilities and Actors 1 to 7 April 2024

For a detailed threat digest, download the pdf file here

Summary

HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of seven attacks were executed, two vulnerabilities were uncovered, and two active adversaries were identified. These findings underscore the persistent danger of cyberattacks.

Furthermore, HiveForce Labs discovered that Multiple Linux distributions face a potential supply chain threat due to the introduction of malicious code into a widely-used XZ Utils library across most distributions. This flaw (CVE-2024-3094) allows attackers to manipulate and intercept data exchanged by software routines that rely on XZ Utils as a dependency.

Earth Freybug, a cyberthreat group, employs diverse tools for espionage and financial gain since 2012. Their recent attack involves UNAPIMON malware, evading detection by hijacking legitimate processes and unhooking critical APIs. These attacks are on the rise, posing a significant threat to users worldwide.

Subscribe to receive our weekly threat digests and newsletters directly in your inbox.