Attacks, Vulnerabilities and Actors 29 April to 5 May 2024

For a detailed threat digest, download the pdf file here

Summary

HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of three attacks were executed, three vulnerabilities were uncovered, and two active adversaries were identified. These findings underscore the persistent danger of cyberattacks.

Furthermore, HiveForce Labs discovered that the newly emerged Goldoon botnet exploits a decade-old vulnerability (CVE-2015-2051) in D-Link systems, enabling remote attackers to execute arbitrary commands and gain control over compromised devices. This allows extraction of system information and communication with a central server, enabling further attacks like DDoS assaults.

APT28 threat actors exploited compromised EdgeRouters to conduct covert cyber operations, repurposing Ubiquiti routers for various malicious activities. These attacks are on the rise, posing a significant threat to users worldwide.

Subscribe to receive our weekly threat digests and newsletters directly in your inbox.