IBM X-Force has been monitoring the evolution of Russian threat actor Hive0051’s malware capabilities for the past 18 months, noting significant advances. Key improvements include a multi-channel approach to DNS fluxing, obfuscated multi-stage scripts, and fileless PowerShell versions of Gamma malware. Hive0051’s escalating activity, including an increase in active infections and unique malicious domains, signifies an elevation of resources and ongoing operations.
CISA Releases Security Advisory on 13 Industrial Control System Threats
The Cybersecurity and Infrastructure Security Agency (CISA) issued thirteen advisories to address vulnerabilities in industrial control systems (ICS), mainly in various Siemens systems and products
