Tag: 2024-05-23

5 Attack Reports | 119 Vulnerabilities

Attack reports

Deep Dive Into Unfading Sea Haze: A New Threat Actor in the South China Sea

An investigation by Bitdefender Labs uncovered a previously unidentified cyber threat actor called Unfading Sea Haze. This group has systematically targeted high-level organizations across countries in the South China Sea region. The extensive analysis spanned several years, revealing their evolvin…

unfading sea haze

translucentgh0st

Published: May 24, 2024

Downloadable IOCs: 47

Operation Specter: An Active Cyberespionage Campaign Leverages Rare Tool Set to Target Governmental Entities in the Middle East, Africa and Asia

An analysis reveals long-term espionage operations by a Chinese advanced persistent threat (APT) group against at least seven governmental entities across the Middle East, Africa and Asia since late 2022. The threat actor attempts to obtain sensitive and classified information about diplomatic and …

email-exfiltration

Published: May 23, 2024

Linked vulnerabilities : CVE-2021-34473, CVE-2021-26855

Downloadable IOCs: 28

New ransomware group abusing BitLocker

The report examines an incident where threat actors leveraged Microsoft's BitLocker encryption utility to deploy unauthorized file encryption on targeted systems. The adversaries employed a sophisticated VBScript that resized disk partitions, modified registry entries, enabled BitLocker with random…

trojan-ransom.vbs.bitlock.gen

trojan.vbs.sagent.gen

trojan.win32.generic

Published: May 23, 2024

Linked vulnerabilities : CVE-2024-30051 (CVSS 7.8)

Downloadable IOCs: 6

Sharp Dragon Expands Towards Africa and The Caribbean

Check Point Research has observed a significant shift in the activities and lures of Sharp Dragon, a Chinese threat actor, now targeting governmental organizations in Africa and the Caribbean. This expansion aligns with Sharp Dragon's known tactics of compromising email accounts to spread weaponize…

cobalt strike beacon

Published: May 23, 2024

Linked vulnerabilities : CVE-2023-0669

Downloadable IOCs: 38

New Hijack Loader Variant: Uses Process Hollowing, Has Enhanced Anti-Evasion Capabilities

Published: May 23, 2024

Downloadable IOCs: 9

Click here to see more Attack Reports

Vulnerabilities

CVE-2024-5168

Prodys Quantum Audio codec

Published: May 23, 2024

CVE-2024-5084

Hash Form - Drag & Drop Form Builder plugin for WordPress

Published: May 23, 2024

CVE-2024-5296

D-Link D-View

Published: May 23, 2024

CVE-2024-4662

Oxygen Builder plugin for WordPress

Published: May 23, 2024

CVE-2024-35186

Published: May 23, 2024

CVE-2024-4779

Unlimited Elements For Elementor plugin for WordPress

Published: May 23, 2024

CVE-2024-34060

IrisEVTXModule

Published: May 23, 2024

CVE-2024-5201

OpenText Dimensions RM

Published: May 23, 2024

CVE-2024-5246

NETGEAR ProSAFE Network Management System

Published: May 23, 2024

CVE-2024-5247

NETGEAR ProSAFE Network Management System

Published: May 23, 2024

CVE-2024-5291

D-Link DIR-2150 routers

Published: May 23, 2024

CVE-2024-5293

D-Link DIR-2640

Published: May 23, 2024

CVE-2024-5295

D-Link G416 Wireless Router

Published: May 23, 2024

CVE-2024-5297

D-Link D-View

Published: May 23, 2024

CVE-2024-5298

D-Link D-View

Published: May 23, 2024

CVE-2024-5299

D-Link D-View

Published: May 23, 2024

CVE-2024-4978

Justice AV Solutions Viewer Setup

Published: May 23, 2024

CVE-2024-26139

Published: May 23, 2024

CVE-2024-5085

Hash Form – Drag & Drop Form Builder plugin for WordPress

Published: May 23, 2024

CVE-2024-4835

Published: May 23, 2024

CVE-2024-4471

140+ Widgets | Best Addons For Elementor

Published: May 23, 2024

CVE-2024-30279

Acrobat Reader

Published: May 23, 2024

CVE-2024-30280

Acrobat Reader

Published: May 23, 2024

CVE-2024-5245

NETGEAR ProSAFE Network Management System

Published: May 23, 2024

CVE-2024-5202

OpenText Dimensions RM

Published: May 23, 2024

CVE-2024-35224

OpenProject

Published: May 23, 2024

CVE-2024-2038

Visual Website Collaboration, Feedback & Project Management - Atarim plugin for WordPress

Published: May 23, 2024

CVE-2024-5227

TP-Link Omada ER605 router

Published: May 23, 2024

CVE-2024-5228

TP-Link Omada ER605 Router

Published: May 23, 2024

CVE-2024-5242

TP-Link Omada ER605 router

Published: May 23, 2024

CVE-2024-5243

TP-Link Omada ER605 routers

Published: May 23, 2024

CVE-2024-5292

D-Link Network Assistant

Published: May 23, 2024

CVE-2024-4347

WP Fastest Cache plugin for WordPress

Published: May 23, 2024

CVE-2024-2874

GitLab CE/EE

Published: May 23, 2024

CVE-2024-5165

Eclipse Ditto

Published: May 23, 2024

CVE-2024-3201

WP DSGVO Tools (GDPR) plugin for WordPress

Published: May 23, 2024

CVE-2024-4486

Awesome Contact Form7 for Elementor plugin for WordPress

Published: May 23, 2024

CVE-2024-4783

jQuery T(-) Countdown Widget plugin for WordPress

Published: May 23, 2024

CVE-2024-4431

LA-Studio Element Kit for Elementor plugin for WordPress

Published: May 23, 2024

CVE-2024-5177

Hash Elements plugin for WordPress

Published: May 23, 2024

CVE-2024-3648

ShareThis Share Buttons plugin for WordPress

Published: May 23, 2024

CVE-2024-4043

WP Ultimate Post Grid plugin

Published: May 23, 2024

CVE-2024-4706

WordPress + Microsoft Office 365 / Azure AD | LOGIN plugin for WordPress

Published: May 23, 2024

CVE-2024-2861

ProfilePress plugin for WordPress

Published: May 23, 2024

CVE-2024-1814

Spectra - WordPress Gutenberg Blocks plugin

Published: May 23, 2024

CVE-2024-1815

Spectra - WordPress Gutenberg Blocks plugin

Published: May 23, 2024

CVE-2024-3997

Prime Slider - Addons For Elementor (Revolution of a slider, Hero Slider, Ecommerce Slider) plugin for WordPress

Published: May 23, 2024

CVE-2024-4378

Premium Addons for Elementor plugin for WordPress

Published: May 23, 2024

CVE-2024-4575

LayerSlider plugin for WordPress

Published: May 23, 2024

CVE-2024-4365

Advanced iFrame plugin for WordPress

Published: May 23, 2024

CVE-2024-5231

Campcodes Complete Web-Based School Management System

Published: May 23, 2024

CVE-2024-5232

Campcodes Complete Web-Based School Management System

Published: May 23, 2024

CVE-2024-5233

Campcodes Complete Web-Based School Management System

Published: May 23, 2024

CVE-2024-5234

Campcodes Complete Web-Based School Management System

Published: May 23, 2024

CVE-2024-5235

Campcodes Complete Web-Based School Management System

Published: May 23, 2024

CVE-2024-5236

Campcodes Complete Web-Based School Management System

Published: May 23, 2024

CVE-2024-5237

Campcodes Complete Web-Based School Management System

Published: May 23, 2024

CVE-2024-5238

Campcodes Complete Web-Based School Management System

Published: May 23, 2024

CVE-2024-5239

Campcodes Complete Web-Based School Management System

Published: May 23, 2024

CVE-2024-5240

Campcodes Complete Web-Based School Management System

Published: May 23, 2024

CVE-2024-5264

Thales Luna EFT

Published: May 23, 2024

CVE-2024-35222

Published: May 23, 2024

CVE-2023-7045

GitLab CE/EE

Published: May 23, 2024

CVE-2024-35197

Published: May 23, 2024

CVE-2024-1855

WPCafe - Restaurant Menu, Online Ordering for WooCommerce, Pickup / Delivery and Table Reservation plugin for WordPress

Published: May 23, 2024

CVE-2024-5230

EnvaySoft FleetCart

Published: May 23, 2024

CVE-2023-6325

RomethemeForm For Elementor plugin for WordPress

Published: May 23, 2024

CVE-2024-35223

Dapr

Published: May 23, 2024

CVE-2024-28188

Jupyter Scheduler

Published: May 23, 2024

CVE-2023-6844

WordPress iframe plugin

Published: May 23, 2024

CVE-2024-5244

TP-Link Omada ER605 routers

Published: May 23, 2024

CVE-2024-4895

wpDataTables - WordPress Data Table, Dynamic Tables & Table Charts Plugin

Published: May 23, 2024

CVE-2024-5241

Huashi Private Cloud CDN Live Streaming Acceleration Server

Published: May 23, 2024

CVE-2024-3065

PayPal Pay Now, Buy Now, Donation and Cart Buttons Shortcode plugin for WordPress

Published: May 23, 2024

CVE-2024-5258

Published: May 23, 2024

CVE-2024-3626

Email Subscribers by Icegram Express WordPress plugin

Published: May 23, 2024

CVE-2024-3711

Brizy - Page Builder plugin for WordPress

Published: May 23, 2024

CVE-2023-6502

GitLab CE/EE

Published: May 23, 2024

CVE-2024-1947

GitLab CE/EE

Published: May 23, 2024

CVE-2024-1803

EmbedPress - Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg & Elementor plugin for WordPress

Published: May 23, 2024

CVE-2024-5294

D-Link DIR-3040 router

Published: May 23, 2024

CVE-2024-32969

Published: May 23, 2024

CVE-2024-3708

Published: May 23, 2024

CVE-2024-2220

Button contact VR WordPress plugin

Published: May 23, 2024

CVE-2024-3594

IDonate WordPress plugin

Published: May 23, 2024

CVE-2024-3917

Pet Manager WordPress plugin

Published: May 23, 2024

CVE-2024-3918

Pet Manager WordPress plugin

Published: May 23, 2024

CVE-2024-3920

Flattr WordPress plugin

Published: May 23, 2024

CVE-2024-4388

Published: May 23, 2024

CVE-2024-4399

Published: May 23, 2024

CVE-2024-36011

Linux kernel

Published: May 23, 2024

CVE-2024-36012

Linux kernel

Published: May 23, 2024

CVE-2024-36013

Linux kernel

Published: May 23, 2024

CVE-2023-4859

Published: May 23, 2024

CVE-2024-2301

HP LaserJet Pro devices

Published: May 23, 2024

CVE-2024-34927

Campcodes Complete Web-Based School Management System

Published: May 23, 2024

CVE-2024-34928

Campcodes Complete Web-Based School Management System

Published: May 23, 2024

CVE-2024-34929

Campcodes Complete Web-Based School Management System

Published: May 23, 2024

CVE-2024-34930

Campcodes Complete Web-Based School Management System

Published: May 23, 2024

CVE-2024-34931

Campcodes Complete Web-Based School Management System

Published: May 23, 2024

CVE-2024-34932

Campcodes Complete Web-Based School Management System

Published: May 23, 2024

CVE-2024-34933

Campcodes Complete Web-Based School Management System

Published: May 23, 2024

CVE-2024-34934

Campcodes Complete Web-Based School Management System

Published: May 23, 2024

CVE-2024-34935

Campcodes Complete Web-Based School Management System

Published: May 23, 2024

CVE-2024-34936

Campcodes Complete Web-Based School Management System

Published: May 23, 2024

CVE-2024-35081

LuckyFrameWeb

Published: May 23, 2024

CVE-2024-35082

Published: May 23, 2024

CVE-2024-35083

Published: May 23, 2024

CVE-2024-35084

Published: May 23, 2024

CVE-2024-35085

Published: May 23, 2024

CVE-2024-35086

Published: May 23, 2024

CVE-2024-35090

Published: May 23, 2024

CVE-2024-35091

Published: May 23, 2024

CVE-2024-5143

Published: May 23, 2024

CVE-2024-31843

Italtel Embrace

Published: May 23, 2024

CVE-2024-35079

Published: May 23, 2024

CVE-2024-35080

Published: May 23, 2024

CVE-2024-35375

Published: May 23, 2024

CVE-2024-35570

Published: May 23, 2024

Click here to see more Vulnerabilities