Attacks, Vulnerabilities and Actors 15 to 21 April 2024

For a detailed threat digest, download the pdf file here

Summary

HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of nine attacks were executed, three vulnerabilities were uncovered, and four active adversaries were identified. These findings underscore the persistent danger of cyberattacks.

Furthermore, HiveForce Labs discovered that UTA0218 threat actors are exploiting CVE-2024-3400. CVE-2024-3400 is a critical vulnerability in Palo Alto Networks PAN-OS software’s GlobalProtect feature, allowing unauthenticated attackers to execute code with root privileges, potentially leading to full device control.

FIN7 has been orchestrating a spear-phishing campaign targeting the U.S. automotive sector. Their method involved enticing victims with a complimentary IP scanning tool, which was a conduit for installing the notorious Carbanak backdoor. These attacks are on the rise, posing a significant threat to users worldwide.

Subscribe to receive our weekly threat digests and newsletters directly in your inbox.