Attacks, Vulnerabilities and Actors 8 to 14 April 2024

For a detailed threat digest, download the pdf file here

Summary

HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, HiveForce Labs discovered six executed attacks, uncovered five vulnerabilities, and identified four active adversaries. These findings underscore the persistent and escalating danger posed by cyberattacks.

Furthermore, HiveForce Labs discovered that cyber attackers have exploited a previously addressed critical vulnerability in Magento. They are specifically targeting e-commerce platforms to distribute a Stripe payment skimmer. Latrodectus, a newly emerged malware believed to be an evolution of the IcedID loader, was initially observed in the hands of TA577, followed by TA578.

Moreover, Microsoft’s April 2024 Patch Tuesday addresses two zero-day vulnerabilities. Lazy Koala orchestrated a string of successful attacks, primarily targeting government entities across multiple countries in Eastern Europe and Central Asia. These attacks are on the rise, posing a significant and immediate threat to users worldwide.

Subscribe to receive our weekly threat digests and newsletters directly in your inbox.