CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
99.5%
For a detailed threat digest, download the pdf file here
HiveForce Labs recently made several significant discoveries in the realm of cybersecurity threats. In the past week alone, a total of ten attacks were executed, nine vulnerabilities were uncovered, and three active adversaries were identified. These findings underscore the persistent danger of cyberattacks.
Furthermore, HiveForce Labs uncovered that the China-linked cyber espionage group UNC3886 has been employing various techniques to evade detection and maintain access to compromised systems. Their attacks focus on entities in North America, Southeast Asia, Oceania, and other regions, including industries like government, telecommunications, technology, aerospace, defense, and energy.
Furthermore, threat actors are currently exploiting a critical path-traversal vulnerability, CVE-2024-28995, within SolarWinds Serv-U. Using publicly available proof-of-concept (PoC) exploits, attackers leverage this vulnerability to gain unauthorized access, allowing them to read sensitive files on the target server without requiring authentication. These rising attacks present a significant and immediate threat to users globally.
**Subscribe**to receive our weekly threat digests and newsletters directly in your inbox.
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
AI Score
Confidence
Low
EPSS
Percentile
99.5%