Attacks, Vulnerabilities and Actors 29 January to 4 February 2024

February 6, 2024

For a detailed threat digest, download the pdf file here

Summary

HiveForce Labs has recently made several significant discoveries related to cybersecurity threats. Over the past week, we identified a total of seven executed attacks, two instances of adversary activity, and six exploited vulnerabilities, highlighting the ever-present danger of cyberattacks.

Furthermore, HiveForce Labs uncovered Financial gain group UNC4990, targeting organizations in Italy by utilizing weaponized USB drives as an initial infection vector and deploying malwares EMPTYSPACE and QUIETBOARD.

Meanwhile, a critical zero-day vulnerability (CVE-2024-21893), in Ivanti that enables remote attackers to conduct SSRF attacks by exploiting insufficient validation of user-provided information in the SAML component. Ivanti anticipates a significant surge in exploitation of the flaw in coming days.

Subscribe to receive our weekly threat digests and newsletters directly in your inbox.

Leaky Vessels in Cloud Environments Shake Docker and Beyond

Summary of Vulnerabilities, Actors & Attacks: January 2024