Tag : 2024-05-04

13 attack reports | 13 vulnerabilities

Attack Reports

Title Published Tags Description Number of indicators
Dissecting REMCOS RAT: An in-depth analysis of a widespread 2024 malware, Part Four May 9, 2024, 3:14 p.m. This comprehensive analysis provides a thorough examination of the REMCOS Remote Access Trojan (RAT), a prominent malware threat … 34
Surge of JavaScript Malware in sites with vulnerable versions of LiteSpeed Cache Plugin May 9, 2024, 3:08 p.m. A recent surge of malicious JavaScript code has been observed targeting websites using vulnerable versions of the LiteSpeed Cache… 6
Tracking the Surge in Non-PE Cyber Threats May 9, 2024, 3:04 p.m. This intelligence report details a sophisticated infection chain that culminates in the deployment of AsyncRAT, a potent malware … 13
APT28 campaign against Polish government institutions May 8, 2024, 3:37 p.m. The CERT Polska team is investigating a large-scale malware campaign carried out by the Russian intelligence group APT28, which h… 74
Guntior - the story of an advanced bootkit that doesn't rely on Windows disk drivers May 8, 2024, 1:32 p.m. Amid the rise of bootkits at the time, a dropper was captured in-the-wild and posted on a malware tracker. The malware was called… 6
Code Emulation and Cybercrime Infrastructure Discovery May 8, 2024, 11:18 a.m. This report details the analysis of a malspam campaign utilizing the Matanbuchus loader, which involved decrypting strings within… 76
Stealer Distributed via Crafted Minecraft Source Pack May 8, 2024, 11:09 a.m. This report details the operation of the zEus stealer malware, which is distributed through a crafted Minecraft source pack. The … 23
Case of Malware Distribution Linking to Illegal Gambling Website Targeting Korean Web Server May 8, 2024, 11:05 a.m. This report examines a malware strain distributed to web servers in South Korea that redirects users to an illegal gambling site.… 8
RemcosRAT Distributed Using Steganography May 8, 2024, 11:03 a.m. Security researchers have discovered a campaign distributing RemcosRAT through a sophisticated infection chain involving steganog… 4
HijackLoader Updates May 7, 2024, 8:36 a.m. HijackLoader, also known as IDAT Loader, is a modular malware loader capable of executing multiple payloads. It utilizes a variet… 11
LNK File Disguised as Certificate Distributing RokRAT Malware May 7, 2024, 8:32 a.m. This analysis delves into the continuous distribution of malicious shortcut files (*.LNK) targeting South Korean users, particula… 4
New Pakistan-based Cyber Espionage Group’s Year-Long Campaign Targeting Indian Defense Forces with Android Malware May 6, 2024, 8:47 a.m. CYFIRMA researchers identified an Android malware campaign, active for over a year, targeting Indian defense personnel by an unid… 3
Smart-sex-toy users targeted by clicker trojan May 6, 2024, 8:45 a.m. Virus analysts at Doctor Web uncovered an Android application containing a clicker trojan that silently opens advertising sites a… 13

Vulnerabilities

CVE CVSS Published Product impacted Tags
CVE-2024-3240 8.8 May 4, 2024, 4:15 a.m. LOGO-VULNERABLEConvertPlug plugin for WordPress
CVE-2024-3868 5.4 May 4, 2024, 3:15 a.m. LOGO-VULNERABLEFolders Pro plugin for WordPress
CVE-2024-3237 5.4 May 4, 2024, 4:15 a.m. LOGO-VULNERABLEConvertPlug plugin for WordPress
CVE-2023-7065 5.4 May 4, 2024, 8:15 a.m. LOGO-VULNERABLEStop Spammers Security | Block Spam Users, Comments, Forms plugin for WordPress
CVE-2023-27283 5.3 May 4, 2024, 2:16 p.m. LOGO-VULNERABLEIBM Aspera Orchestrator
CVE-2024-1050 4.3 May 4, 2024, 8:15 a.m. LOGO-VULNERABLEWordPress Import and export users and customers plugin
CVE-2024-34460 None May 4, 2024, 5:15 a.m. LOGO-VULNERABLEZenario
CVE-2024-34461 None May 4, 2024, 5:15 a.m. LOGO-VULNERABLEZenario
CVE-2024-34462 None May 4, 2024, 7:15 p.m. LOGO-VULNERABLEAlinto SOGo
CVE-2024-34467 None May 4, 2024, 8:15 p.m. LOGO-VULNERABLEThinkPHP
CVE-2024-34468 None May 4, 2024, 8:15 p.m. LOGO-VULNERABLERukovoditel
CVE-2024-34469 None May 4, 2024, 8:15 p.m. LOGO-VULNERABLERukovoditel
CVE-2023-52729 None May 4, 2024, 10:15 p.m. LOGO-VULNERABLESimpleNetwork