Tag: 2024-05-24

9 Attack Reports | 133 Vulnerabilities

Attack reports

A Catalog of Hazardous AV Sites – A Tale of Malware Hosting

In mid-April 2024, Trellix Advanced Research Center team members observed multiple fake AV sites hosting highly sophisticated malicious files such as APK, EXE and Inno setup installer that includes Spy and Stealer capabilities.

Published: May 24, 2024

Downloadable IOCs: 30

UAC-0188: Targeted cyberattacks using SuperOps RMM (CERT-UA#9797)

The joint efforts of CSIRT-NBU and CERT-UA recorded and analyzed a cyber attack aimed at gaining unauthorized remote access to computers of Ukrainian organizations using a legitimate program for remote computer management SuperOps RMM.

Published: May 24, 2024

Downloadable IOCs: 28

Technical Deep Dive: Understanding the Anatomy of a Cyber Intrusion

This report details a sophisticated cyber intrusion targeting MITRE's research network (NERVE) through the exploitation of Ivanti Connect Secure zero-day vulnerabilities. The threat actor, suspected to be UNC5221, initiated the attack by gaining unauthorized access and subsequently deploying variou…

lateral movement

Published: May 24, 2024

Downloadable IOCs: 4

CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack

Rapid7 discovered that version 8.3.7 of the JAVS Viewer software from Justice AV Solutions contained a backdoor installer allowing attackers to gain remote control over affected systems. The malicious installer included a binary named fffmpeg.exe which executed obfuscated PowerShell scripts and fac…

credential harvesting

stealc infostealer

gatedoor/rustdoor

Published: May 24, 2024

Linked vulnerabilities : CVE-2024-4978 (CVSS 8.4)

Downloadable IOCs: 10

CatDDoS-Related Gangs Have Seen a Recent Surge in Activity

CatDDoS-related gangs remain active and have exploited over 80 vulnerabilities over the last three months, with the maximum number of targets exceeding 300+ per day.

Published: May 24, 2024

Downloadable IOCs: 63

Iluria Stealer; a Variant of Another Discord Stealer

Researchers uncover a new malware variant called Iluria Stealer, created by the developer behind Nikki Stealer, utilizing the alias 'Ykg.' Iluria Stealer is designed to steal Discord tokens, browser credentials, and payment information. It employs techniques like obfuscation, process injection, and…

epsilon stealer

Published: May 24, 2024

Downloadable IOCs: 5

Gootloader walkthrough

The analysis delves into the intricate workings of the Gootloader malware campaign. Through a meticulously crafted social engineering scheme involving SEO poisoning and fake forums, threat actors lure unsuspecting victims into downloading a malicious JavaScript file disguised as a legitimate resour…

social engineering

Published: May 24, 2024

Downloadable IOCs: 12

Deep Dive Into Unfading Sea Haze: A New Threat Actor in the South China Sea

An investigation by Bitdefender Labs uncovered a previously unidentified cyber threat actor called Unfading Sea Haze. This group has systematically targeted high-level organizations across countries in the South China Sea region. The extensive analysis spanned several years, revealing their evolvin…

unfading sea haze

translucentgh0st

Published: May 24, 2024

Downloadable IOCs: 47

Transparent Tribe Targets Indian Government, Defense, and Aerospace Sectors Leveraging Cross-Platform Programming Languages

BlackBerry discovered the Pakistani-based advanced persistent threat group Transparent Tribe (APT36) targeting the Indian government, defense, and aerospace sectors. The group employed cross-platform programming languages, open-source tools, and abused web services for command-and-control and exfil…

transparent tribe

Published: May 24, 2024

Downloadable IOCs: 97

Click here to see more Attack Reports

Vulnerabilities

CVE-2024-4544

Pie Register - Social Sites Login (Add on) plugin for WordPress

WordPress Pie Register - Social Sites Login (Add on) plugin

Published: May 24, 2024

CVE-2024-5314

Dolibarr ERP - CRM

Published: May 24, 2024

CVE-2024-5315

Dolibarr ERP - CRM

Published: May 24, 2024

CVE-2024-0867

Email Log plugin for WordPress

Published: May 24, 2024

CVE-2024-4455

YITH WooCommerce Ajax Search plugin for WordPress

YITH WooCommerce Ajax Search plugin

Published: May 24, 2024

CVE-2023-49572

VX Search Enterprise

Published: May 24, 2024

CVE-2023-49573

VX Search Enterprise

Published: May 24, 2024

CVE-2023-49574

VX Search Enterprise

Published: May 24, 2024

CVE-2023-49575

VX Search Enterprise

Published: May 24, 2024

CVE-2024-4037

WP Photo Album Plus plugin for WordPress

Published: May 24, 2024

CVE-2024-5205

Videojs HTML5 Player plugin for WordPress

Published: May 24, 2024

CVE-2024-2618

Elementor Header & Footer Builder plugin for WordPress

Published: May 24, 2024

CVE-2024-2784

The Plus Addons for Elementor plugin for WordPress

Published: May 24, 2024

CVE-2024-3557

WP Go Maps plugin for WordPress

WP Go Maps (formerly WP Google Maps) plugin for WordPress

Published: May 24, 2024

CVE-2024-1134

SEOPress - On-site SEO plugin for WordPress

SEOPress – On-site SEO plugin for WordPress

Published: May 24, 2024

CVE-2024-3718

The Plus Addons for Elementor plugin for WordPress

The Plus Addons for Elementor plugin

Published: May 24, 2024

CVE-2024-1332

Custom Fonts - Host Your Fonts Locally plugin for WordPress

Custom Fonts – Host Your Fonts Locally plugin for WordPress

Published: May 24, 2024

CVE-2024-4484

The Plus Addons for Elementor

The Plus Addons for Elementor plugin

Published: May 24, 2024

CVE-2024-4485

The Plus Addons for Elementor

The Plus Addons for Elementor plugin for WordPress

Published: May 24, 2024

CVE-2024-5060

LottieFiles – JSON Based Animation Lottie & Bodymovin for Elementor plugin for WordPress

Published: May 24, 2024

CVE-2024-4366

Spectra - WordPress Gutenberg Blocks Plugin

Spectra - WordPress Gutenberg Blocks plugin for WordPress

Published: May 24, 2024

CVE-2024-5312

PHP Server Monitor

Published: May 24, 2024

CVE-2023-47710

IBM Security Guardium

Published: May 24, 2024

CVE-2024-4409

WP-ViperGB plugin for WordPress

Published: May 24, 2024

CVE-2024-0893

Schema App Structured Data plugin for WordPress

Published: May 24, 2024

CVE-2024-1376

WordPress Event post plugin

Published: May 24, 2024

CVE-2024-5318

GitLab CE/EE

GitLab CE/EE

Published: May 24, 2024

CVE-2024-35232

github.com/huandu/facebook

Published: May 24, 2024

CVE-2023-1001

xuliangzhan vxe-table

Published: May 24, 2024

CVE-2023-1111

Published: May 24, 2024

CVE-2023-7259

zzdevelop lenosp

Published: May 24, 2024

CVE-2024-5310

Published: May 24, 2024

CVE-2024-36361

Pug

Published: May 24, 2024

CVE-2024-5142

M-Files Hubshare

Published: May 24, 2024

CVE-2024-35591

O2OA

Published: May 24, 2024

CVE-2024-35592

Published: May 24, 2024

CVE-2024-35593

Published: May 24, 2024

CVE-2024-35595

Xintongda OA

Published: May 24, 2024

CVE-2024-5273

Jenkins Report Info Plugin

Published: May 24, 2024

CVE-2021-47499

Linux kernel

Published: May 24, 2024

CVE-2021-47500

Linux kernel

Published: May 24, 2024

CVE-2021-47501

Linux kernel

Published: May 24, 2024

CVE-2021-47502

Linux kernel

Published: May 24, 2024

CVE-2021-47503

Linux kernel

Published: May 24, 2024

CVE-2021-47504

Linux kernel

Published: May 24, 2024

CVE-2021-47505

Linux kernel

Linux kernel

Published: May 24, 2024

CVE-2021-47506

Linux kernel

Published: May 24, 2024

CVE-2021-47507

Linux kernel

Published: May 24, 2024

CVE-2021-47508

Linux kernel

Published: May 24, 2024

CVE-2021-47509

Linux kernel

Linux Kernel

Published: May 24, 2024

CVE-2021-47510

Linux Kernel (BTRFS module)

Linux Kernel (BTRFS)

Published: May 24, 2024

CVE-2021-47511

Linux kernel

Linux Kernel

Published: May 24, 2024

CVE-2021-47512

Linux kernel

Published: May 24, 2024

CVE-2021-47513

Linux kernel

Published: May 24, 2024

CVE-2021-47514

Linux kernel

Published: May 24, 2024

CVE-2021-47515

Linux kernel

Published: May 24, 2024

CVE-2021-47516

Linux kernel

Published: May 24, 2024

CVE-2021-47517

Linux kernel

Published: May 24, 2024

CVE-2021-47518

Linux kernel

Published: May 24, 2024

CVE-2021-47519

Linux kernel

Published: May 24, 2024

CVE-2021-47520

Linux kernel

Published: May 24, 2024

CVE-2021-47521

Linux kernel

Linux Kernel

Published: May 24, 2024

CVE-2021-47522

Linux kernel

Published: May 24, 2024

CVE-2021-47523

Linux kernel

Linux Kernel

Published: May 24, 2024

CVE-2021-47524

Linux kernel

Linux Kernel

Published: May 24, 2024

CVE-2021-47525

Linux kernel

Published: May 24, 2024

CVE-2021-47526

Linux kernel

Published: May 24, 2024

CVE-2021-47527

Linux kernel

Linux Kernel

Published: May 24, 2024

CVE-2021-47528

Linux kernel

Published: May 24, 2024

CVE-2021-47529

Linux kernel

Published: May 24, 2024

CVE-2021-47530

Linux kernel

Linux Kernel

Published: May 24, 2024

CVE-2021-47531

Linux kernel

Linux Kernel

Published: May 24, 2024

CVE-2021-47532

Linux kernel

Linux Kernel

Published: May 24, 2024

CVE-2021-47533

Linux kernel

Published: May 24, 2024

CVE-2021-47534

Linux kernel

Published: May 24, 2024

CVE-2021-47535

Linux Kernel

Published: May 24, 2024

CVE-2021-47536

Linux kernel

Published: May 24, 2024

CVE-2021-47537

Linux kernel

Linux Kernel

Published: May 24, 2024

CVE-2021-47538

Linux kernel

Linux Kernel

Published: May 24, 2024

CVE-2021-47539

Linux kernel

Linux Kernel

Published: May 24, 2024

CVE-2021-47540

Linux Kernel

Published: May 24, 2024

CVE-2021-47541

Linux kernel

Published: May 24, 2024

CVE-2021-47542

Linux kernel

Linux Kernel

Published: May 24, 2024

CVE-2021-47543

Linux kernel

Linux Kernel

Published: May 24, 2024

CVE-2021-47544

Linux kernel

Published: May 24, 2024

CVE-2021-47545

Linux kernel

Published: May 24, 2024

CVE-2021-47546

Linux kernel

Linux Kernel

Published: May 24, 2024

CVE-2021-47547

Linux kernel

Published: May 24, 2024

CVE-2021-47548

Linux kernel

Published: May 24, 2024

CVE-2021-47549

Linux kernel

Linux Kernel

Published: May 24, 2024

CVE-2021-47550

Linux kernel

Published: May 24, 2024

CVE-2021-47551

Linux kernel

Published: May 24, 2024

CVE-2021-47552

Linux kernel

Linux Kernel

Published: May 24, 2024

CVE-2021-47553

Linux kernel

Linux Kernel

Published: May 24, 2024

CVE-2021-47554

Linux kernel

Linux Kernel

Published: May 24, 2024

CVE-2021-47555

Linux kernel

Published: May 24, 2024

CVE-2021-47556

Linux kernel

Published: May 24, 2024

CVE-2021-47557

Linux Kernel

Published: May 24, 2024

CVE-2021-47558

Linux kernel

Published: May 24, 2024

CVE-2021-47559

Linux kernel

Published: May 24, 2024

CVE-2021-47560

Linux kernel

Published: May 24, 2024

CVE-2021-47561

Linux kernel

Published: May 24, 2024

CVE-2021-47562

Linux kernel

Linux Kernel

Published: May 24, 2024

CVE-2021-47563

Linux Kernel

Published: May 24, 2024

CVE-2021-47564

Linux Kernel

Linux kernel

Published: May 24, 2024

CVE-2021-47565

Linux kernel

Linux Kernel

Published: May 24, 2024

CVE-2021-47566

Linux Kernel

Linux Kernel

Published: May 24, 2024

CVE-2021-47567

Linux kernel

Linux Kernel

Published: May 24, 2024

CVE-2021-47568

Linux kernel

Published: May 24, 2024

CVE-2021-47569

Linux kernel

Linux Kernel

Published: May 24, 2024

CVE-2021-47570

Linux kernel

Published: May 24, 2024

CVE-2021-47571

Linux kernel

Published: May 24, 2024

CVE-2021-47572

Linux Kernel

Published: May 24, 2024

CVE-2024-22588

Kwik

Published: May 24, 2024

CVE-2024-31510

Open Quantum Safe liboqs

Published: May 24, 2024

CVE-2024-33470

AVTECH Room Alert 4E

Published: May 24, 2024

CVE-2024-33809

PingCAP TiDB

Published: May 24, 2024

CVE-2024-35339

Tenda FH1206

Published: May 24, 2024

CVE-2024-35340

Tenda FH1206

Published: May 24, 2024

CVE-2024-35618

PingCAP TiDB

Published: May 24, 2024

CVE-2023-52880

Linux kernel

Published: May 24, 2024

CVE-2024-33427

Published: May 24, 2024

CVE-2024-34995

Published: May 24, 2024

CVE-2024-35395

TOTOLINK CP900L

TOTOLINK CP900L

Published: May 24, 2024

CVE-2024-35396

TOTOLINK CP900L

Published: May 24, 2024

CVE-2023-46442

Soot

Published: May 24, 2024

CVE-2024-36049

Aptos Wisal payroll accounting

Published: May 24, 2024

CVE-2024-35387

TOTOLINK LR350

Published: May 24, 2024

CVE-2024-33471

AVTECH Room Alert 4E

Published: May 24, 2024

CVE-2024-35388

TOTOLINK NR1800X

Published: May 24, 2024

CVE-2024-35373

Mocodo Online

Published: May 24, 2024

CVE-2024-35374

Mocodo Online

Published: May 24, 2024

CVE-2024-36079

Published: May 24, 2024

Click here to see more Vulnerabilities