Attacks, Vulnerabilities and Actors 26 February to 3 March 2024

For a detailed threat digest, download the pdf file here

Summary

HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of eight attacks were executed, twelve vulnerabilities were uncovered, and six active adversaries were identified. These findings underscore the persistent danger of cyberattacks.

Furthermore, HiveForce Labs revealed three zero-day vulnerabilities in Ivanti. Cyber threat actors, tagged as UTA0178, have been exploiting these vulnerabilities to bypass authentication and execute arbitrary commands with elevated privileges. The hacking group UNC1549, potentially connected to Tortoiseshell (aka Imperial Kitten), has deployed distinct backdoors known as MiniBike and MiniBus. Their primary focus lies in targeting defense-related entities in the Middle East.

Despite a recent takedown named Operation Cronos, by global law enforcement, LockBit ransomware remains a significant threat. It reemerged within four days, and its affiliates were found exploiting vulnerabilities in ScreenConnect. These attacks are on the rise, posing a significant threat to users worldwide.

Subscribe to receive our weekly threat digests and newsletters directly in your inbox.