Attacks, Vulnerabilities and Actors 22 to 28 April 2024

For a detailed threat digest, download the pdf file here

Summary

HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of eight attacks were executed, five vulnerabilities were uncovered, and five active adversaries were identified. These findings underscore the persistent danger of cyberattacks.

Furthermore, HiveForce Labs discovered that APT28 threat actors are exploiting CVE-2022-38028 a critical vulnerability in Microsoft Windows Print Spooler, allowing unauthenticated attackers to deploy GooseEgg Malware and move laterally within the network.

STORM-1849 has been orchestrating a campaign named ArcaneDoor targeting the Government, Critical Infrastructure, Telecommunication, Energy sectors worldwide. Their method involved  targeting perimeter devices leveraging two zero-days CVE-2024-20353 and CVE-2024-20359 found within Cisco ASA and FTD firewalls. These attacks are on the rise, posing a significant threat to users worldwide.

Subscribe to receive our weekly threat digests and newsletters directly in your inbox.