Tag: 2024-05-28

7 Attack Reports | 132 Vulnerabilities

Attack reports

Threat actors ride the hype for newly released Arc browser

The release of the Arc browser for Windows sparked interest among cyber criminals who quickly launched a malvertising campaign impersonating the new software. The scheme uses Google search ads to lure potential victims with fake Arc installers. These installers employ various techniques, including …
malvertising
infostealer
2024-05-28
arc browser
Published: May 28, 2024
Downloadable IOCs: 9

Static Unpacking for the Widespread NSIS-based Malicious Packer

This article examines a malicious packer family based on the Nullsoft Scriptable Install System (NSIS) used by cybercriminals to protect various malware from detection. It describes the structure of packed samples, and presents an approach for creating a tool that automatically unpacks the encrypte…
2024-05-28
nsis
Published: May 28, 2024
Downloadable IOCs: 11

Phishing with Cloudflare Workers: Transparent Phishing and HTML Smuggling

Netskope Threat Labs has been tracking an increase in phishing campaigns hosted on Cloudflare Workers. The campaigns use techniques like HTML smuggling and transparent phishing to evade detections. The phishing pages target Microsoft and Google credentials. Netskope recommends inspecting web traffi…
phishing
credential theft
2024-05-28
html smuggling
cloudflare workers
Published: May 28, 2024
Downloadable IOCs: 134

Hellhounds: Operation Lahat

A group called Hellhounds has continued attacking Russian organizations into 2024 using various techniques to compromise infrastructure. Research shows malware toolkit development began in 2019. The group maintains presence inside critical organizations for years. Although based on open-source proj…
apt
russia
2024-05-28
operation lahat
Published: May 28, 2024
Downloadable IOCs: 73

Android Banking Malware Distributed via Google Play Store

Threat actors are distributing the Anatsa Android banking malware through the Google Play store by disguising it as legitimate applications like PDF readers and QR code scanners. Once installed, Anatsa downloads its payload and steals sensitive banking credentials through the use of overlays. Anats…
android
2024-05-28
banking trojan
anatsa
teabot
Published: May 28, 2024
Downloadable IOCs: 4

Technical Analysis of Anatsa Campaigns: An Android Banking Malware Active in the Google Play Store

Threat actors are distributing the Anatsa Android banking malware through the Google Play store by disguising it as legitimate applications like PDF readers and QR code scanners. Once installed, Anatsa downloads its payload and steals sensitive banking credentials through the use of overlays. Anats…
android
2024-05-28
banking trojan
anatsa
teabot
Published: May 28, 2024
Downloadable IOCs: 0

Files with TXZ extension used as malspam attachments

A recent report describes a malspam campaign distributing malware payloads in attachments with TXZ file extensions. The attachments were RAR archives with renamed extensions, likely attempting to exploit native TXZ support in Windows 11. Two campaigns distributed the payloads, one with GuLoader mal…
malspam
2024-05-28
formbook
guloader
Published: May 28, 2024
Downloadable IOCs: 2
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-21785

9.8
    AutomationDirect P3-550E
Published: May 28, 2024

CVE-2024-23601

9.8
    AutomationDirect P3-550E
Published: May 28, 2024

CVE-2024-24962

9.8
    AutomationDirect P3-550E
Published: May 28, 2024

CVE-2024-24963

9.8
    AutomationDirect P3-550E
Published: May 28, 2024

CVE-2024-22187

9.1
    AutomationDirect P3-550E
Published: May 28, 2024

CVE-2024-23947

8.8
    libigl
Published: May 28, 2024

CVE-2024-23948

8.8
    libigl
Published: May 28, 2024

CVE-2024-23949

8.8
    libigl
Published: May 28, 2024

CVE-2024-23950

8.8
    libigl
Published: May 28, 2024

CVE-2024-23951

8.8
    libigl
Published: May 28, 2024

CVE-2024-26024

8.4
    Substation Server
Published: May 28, 2024

CVE-2024-29072

8.2
    Foxit Reader
Published: May 28, 2024

CVE-2024-24946

8.2
    AutomationDirect P3-550E
Published: May 28, 2024

CVE-2024-24947

8.2
    AutomationDirect P3-550E
Published: May 28, 2024

CVE-2024-24954

8.2
    AutomationDirect P3-550E
Published: May 28, 2024

CVE-2024-24955

8.2
    AutomationDirect P3-550E
Published: May 28, 2024

CVE-2024-24956

8.2
    AutomationDirect P3-550E
Published: May 28, 2024

CVE-2024-24957

8.2
    AutomationDirect P3-550E
Published: May 28, 2024

CVE-2024-24958

8.2
    AutomationDirect P3-550E
Published: May 28, 2024

CVE-2024-24959

8.2
    AutomationDirect P3-550E
Published: May 28, 2024

CVE-2024-36110

8.2
    ansibleguy-webui
Published: May 28, 2024

CVE-2023-49600

8.1
    libigl
Published: May 28, 2024

CVE-2023-52547

7.8
    Huawei Matebook D16
    Huawei Matebook D16
Published: May 28, 2024

CVE-2023-52548

7.8
    Huawei Matebook D16
    Huawei Matebook D16
Published: May 28, 2024

CVE-2023-52710

7.8
    Huawei Matebook D16
    Huawei Matebook D16
Published: May 28, 2024

CVE-2023-52711

7.8
    AMD PSP firmware
    AMD Platform Security Processor (PSP) Firmware
Published: May 28, 2024

CVE-2023-52712

7.8
    UNKNOWN
    AMD Platform Security Processor (PSP)
Published: May 28, 2024

CVE-2023-35949

7.8
    libigl
Published: May 28, 2024

CVE-2023-35950

7.8
    libigl
Published: May 28, 2024

CVE-2023-35951

7.8
    libigl
Published: May 28, 2024

CVE-2023-35952

7.8
    libigl
Published: May 28, 2024

CVE-2023-35953

7.8
    libigl
Published: May 28, 2024

CVE-2024-22181

7.8
    libigl
Published: May 28, 2024

CVE-2024-24684

7.8
    libigl
Published: May 28, 2024

CVE-2024-24685

7.8
    libigl
Published: May 28, 2024

CVE-2024-24686

7.8
    libigl
Published: May 28, 2024

CVE-2024-3969

7.8
    OpenText iManager
Published: May 28, 2024

CVE-2024-36109

7.6
    CoCalc
Published: May 28, 2024

CVE-2024-3657

7.5
    389 Directory Server
    389-ds-base
Published: May 28, 2024

CVE-2024-23315

7.5
    AutomationDirect P3-550E
Published: May 28, 2024

CVE-2024-24851

7.5
    AutomationDirect P3-550E
Published: May 28, 2024

CVE-2024-24919

7.5
    Check Point Security Gateway
    Remote Access VPN
    Mobile Access Software Blades
Published: May 28, 2024

CVE-2024-35226

7.3
    Smarty
Published: May 28, 2024

CVE-2022-48681

7.2
    Huawei smart speakers
Published: May 28, 2024

CVE-2024-5413

7.1
    PhpMyBackupPro
Published: May 28, 2024

CVE-2024-5414

7.1
    PhpMyBackupPro
Published: May 28, 2024

CVE-2024-5415

7.1
    PhpMyBackupPro
Published: May 28, 2024

CVE-2024-23579

6.5
    HCL DRYiCE Optibot Reset Station
Published: May 28, 2024

CVE-2024-23580

6.5
    HCL DRYiCE Optibot Reset Station
Published: May 28, 2024

CVE-2024-2451

6.4
    TeamViewer Client (Full & Host)
    TeamViewer Client
Published: May 28, 2024

CVE-2024-2199

5.7
    389-ds-base ldap server
Published: May 28, 2024

CVE-2024-4429

5.4
    OpenText iManager
Published: May 28, 2024

CVE-2024-35240

5.4
    Umbraco Commerce
Published: May 28, 2024

CVE-2024-36107

5.3
    MinIO
Published: May 28, 2024

CVE-2024-28793

4.9
    IBM Engineering Workflow Management
Published: May 28, 2024

CVE-2023-37411

4.8
    IBM Aspera Faspex
Published: May 28, 2024

CVE-2024-24583

4.3
    libigl
Published: May 28, 2024

CVE-2024-24584

4.3
    libigl
Published: May 28, 2024

CVE-2024-5428

4.3
    SourceCodester Simple Online Bidding System
Published: May 28, 2024

CVE-2024-35239

2.7
    Umbraco Commerce
Published: May 28, 2024

CVE-2024-28880

None
    MosP kintai kanri
Published: May 28, 2024

CVE-2024-29078

None
    MosP kintai kanri
    MosP kintai kanri
Published: May 28, 2024

CVE-2024-28886

None
    UTAU
Published: May 28, 2024

CVE-2024-32944

None
    UTAU
Published: May 28, 2024

CVE-2024-5410

None
    IAP-420
Published: May 28, 2024

CVE-2024-5411

None
    IAP-420
Published: May 28, 2024

CVE-2024-35397

None
    TOTOLINK CP900L
Published: May 28, 2024

CVE-2024-35398

None
    TOTOLINK CP900L
Published: May 28, 2024

CVE-2024-35399

None
    TOTOLINK CP900L
Published: May 28, 2024

CVE-2024-35400

None
    TOTOLINK CP900L
Published: May 28, 2024

CVE-2024-5274

None
    Google Chrome
    chrome
Published: May 28, 2024

CVE-2024-22590

None
    Kwik
Published: May 28, 2024

CVE-2024-30212

None
    UNKNOWN
Published: May 28, 2024

CVE-2024-33799

None
    Complete Web-Based School Management System
    campcodes Complete Web-Based School Management System
Published: May 28, 2024

CVE-2024-33800

None
    campcodes Complete Web-Based School Management System
Published: May 28, 2024

CVE-2024-33801

None
    Complete Web-Based School Management System
Published: May 28, 2024

CVE-2024-33802

None
    Complete Web-Based School Management System
    campcodes Complete Web-Based School Management System
Published: May 28, 2024

CVE-2024-33803

None
    Complete Web-Based School Management System
    campcodes Complete Web-Based School Management System
Published: May 28, 2024

CVE-2024-33804

None
    Complete Web-Based School Management System
    campcodes Complete Web-Based School Management System
Published: May 28, 2024

CVE-2024-33805

None
    Complete Web-Based School Management System
    campcodes Complete Web-Based School Management System
Published: May 28, 2024

CVE-2024-33806

None
    campcodes Complete Web-Based School Management System
Published: May 28, 2024

CVE-2024-33807

None
    Complete Web-Based School Management System
    campcodes Complete Web-Based School Management System
Published: May 28, 2024

CVE-2024-33808

None
    campcodes Complete Web-Based School Management System
Published: May 28, 2024

CVE-2024-33849

None
    CI-Out-of-Office Manager
Published: May 28, 2024

CVE-2024-35324

None
    UNKNOWN
    Douchat
Published: May 28, 2024

CVE-2024-35621

None
    Formwork
Published: May 28, 2024

CVE-2024-36472

None
    GNOME Shell
Published: May 28, 2024

CVE-2024-30164

None
    Amazon AWS Client VPN
Published: May 28, 2024

CVE-2024-30165

None
    Amazon AWS Client VPN
Published: May 28, 2024

CVE-2024-34852

None
    F-logic DataCube3
Published: May 28, 2024

CVE-2024-34854

None
    F-logic DataCube3
Published: May 28, 2024

CVE-2024-35341

None
    Anpviz IPC Cameras
Published: May 28, 2024

CVE-2024-35342

None
    Anpviz IP Cameras
Published: May 28, 2024

CVE-2024-35343

None
    Certain Anpviz IP Cameras
Published: May 28, 2024

CVE-2024-35344

None
    Anpviz IPC-D250 IP camera
    Anpviz IPC-D260 IP camera
    Anpviz IPC-B850 IP camera
    Anpviz IPC-D850 IP camera
    Anpviz IPC-D350 IP camera
    Anpviz IPC-D3150 IP camera
    Anpviz IPC-D4250 IP camera
    Anpviz IPC-D380 IP camera
    Anpviz IPC-D880 IP camera
    Anpviz IPC-D280 IP camera
    Anpviz IPC-D3180 IP camera
    Anpviz MC800N IP camera
    Anpviz YM500L IP camera
    Anpviz YM800N_N2 IP camera
    Anpviz YMF50B IP camera
    Anpviz YM800SV2 IP camera
    Anpviz YM500L8 IP camera
    Anpviz YM200E10 IP camera
Published: May 28, 2024

CVE-2024-35401

None
    TOTOLINK CP900L
Published: May 28, 2024

CVE-2024-35403

None
    TOTOLINK CP900L
Published: May 28, 2024

CVE-2024-35563

None
    CDG-Server
Published: May 28, 2024

CVE-2024-33402

None
    Complete Web-Based School Management System
Published: May 28, 2024

CVE-2023-30305

None
    Linksys E5600 Router
Published: May 28, 2024

CVE-2023-30311

None
    H3C Magic R365 Router
    H3C Magic R100 Router
Published: May 28, 2024

CVE-2023-43842

None
    Aten PE6208
Published: May 28, 2024

CVE-2023-43843

None
    Aten PE6208
Published: May 28, 2024

CVE-2023-43844

None
    Aten PE6208
Published: May 28, 2024

CVE-2023-43845

None
    Aten PE6208
Published: May 28, 2024

CVE-2023-43846

None
    Aten PE6208
Published: May 28, 2024

CVE-2023-43847

None
    Aten PE6208
Published: May 28, 2024

CVE-2023-43848

None
    Aten PE6208
Published: May 28, 2024

CVE-2023-43849

None
    Aten PE6208
Published: May 28, 2024

CVE-2023-43850

None
    Aten PE6208
Published: May 28, 2024

CVE-2024-33450

None
    Finereport
Published: May 28, 2024

CVE-2024-5433

None
    Campbell Scientific CSI Web Server
Published: May 28, 2024

CVE-2024-5434

None
    Campbell Scientific CSI Web Server
Published: May 28, 2024

CVE-2022-45171

None
    LIVEBOX Collaboration vDesk
Published: May 28, 2024

CVE-2023-30306

None
    Mercury x30g Router
    Mercury YR1800XG Router
Published: May 28, 2024

CVE-2023-30307

None
    TP-LINK TL-R473GP-AC
    TP-LINK XDR6020
    TP-LINK TL-R479GP-AC
    TP-LINK TL-R4239G
    TP-LINK TL-WAR1200L
    TP-LINK TL-R476G
Published: May 28, 2024

CVE-2023-30308

None
    Ruijie EG210G-P
    Ruijie EG105G-V2
    Ruijie NBR
    Ruijie EG105G routers
Published: May 28, 2024

CVE-2023-30309

None
    D-Link DI-7003GV2 routers
Published: May 28, 2024

CVE-2023-30310

None
    Comfast CF-616AC router
Published: May 28, 2024

CVE-2023-30313

None
    Wavlink QUANTUM D2G routers
Published: May 28, 2024

CVE-2023-46694

None
    Vtenext
Published: May 28, 2024

CVE-2024-28060

None
    Apiris Kafeo
Published: May 28, 2024

CVE-2024-28061

None
    Apiris Kafeo
Published: May 28, 2024

CVE-2024-35510

None
    DedeCMS
Published: May 28, 2024

CVE-2024-35581

None
    Sourcecodester Laboratory Management System
Published: May 28, 2024

CVE-2024-35582

None
    Sourcecodester Laboratory Management System
Published: May 28, 2024

CVE-2024-35583

None
    Sourcecodester Laboratory Management System
Published: May 28, 2024

CVE-2024-22641

None
    TCPDF
Published: May 28, 2024

CVE-2024-35511

None
    phpgurukul Men Salon Management System
Published: May 28, 2024

CVE-2024-35548

None
    Mybatis plus
Published: May 28, 2024

CVE-2023-30312

None
    OpenWrt
Published: May 28, 2024

CVE-2023-30314

None
    360 Router Series
Published: May 28, 2024
Click here to see more Vulnerabilities