Tag: 2024-05-30

10 Attack Reports | 177 Vulnerabilities

Attack reports

Operation Endgame: Up In Smoke

A detailed technical analysis of Smoke malware loader, also known as SmokeLoader or Dofoil, which has been operational since 2011. Smoke is primarily used to deliver second-stage malware payloads like trojans, ransomware, and information stealers, and can also deploy custom plugins for various mali…
smokeloader
2024-05-30
operation endgame
Published: May 30, 2024
Downloadable IOCs: 12

Analysis of APT Attack Cases Using Dora RAT Against Companies

This analysis discusses an APT campaign by the Andariel threat group targeting Korean companies and educational institutions. The campaign employed various malware strains, including Nestdoor backdoor, Dora RAT, keyloggers, infostealers, and proxy tools. The attackers exploited vulnerabilities, suc…
infostealer
dora rat
nestdoor
2024-05-30
Published: May 30, 2024
Linked vulnerabilities : CVE-2021-44228
Downloadable IOCs: 7

Unmasking AsukaStealer: The $80 Malware Threatening Digital Security

AsukaStealer, a malware offered for $80 on a Russian cybercrime forum, is designed to infiltrate popular browsers and extract sensitive data like credentials, cookies, and extension data. It also targets cryptocurrency wallets, messaging platforms, and gaming software. The malware employs customiza…
infostealer
2024-05-30
asukastealer
Published: May 30, 2024
Downloadable IOCs: 4

The stealthy trilogy of PurpleInk, InkBox and InkLoader

A new data theft campaign, attributed to an advanced persistent threat actor dubbed 'LilacSquid', has been active since at least 2021. The campaign targets diverse victims across various sectors in the United States, Europe, and Asia. It employs MeshAgent, an open-source remote management tool, and…
2024-05-30
purpleink
inkloader
Published: May 30, 2024
Downloadable IOCs: 4

XWorm v5.6 Malware Being Distributed via Webhards

Researchers discovered a campaign distributing the XWorm v5.6 malware disguised as adult games through Korean file-sharing platforms called webhards. The malware employs tactics like downloading encrypted components from command-and-control servers, injecting itself into legitimate processes, and c…
xworm
2024-05-30
Published: May 30, 2024
Downloadable IOCs: 3

Malware campaign attempts abuse of defender binaries

The report details a ransomware campaign that modifies legitimate security software files from vendors like Sophos, AVG, BitDefender, Emsisoft, and Microsoft by overwriting their entry-point code and inserting decrypted payloads as resources. This allows the malicious files to masquerade as trusted…
shellcode
2024-05-30
edr
Published: May 30, 2024
Downloadable IOCs: 470

LightSpy: Implant for macOS

A technical analysis reveals details about LightSpy, a sophisticated surveillance framework that targeted macOS devices using publicly available exploits. The report provides insights into the threat actor's tactics, including exploiting vulnerabilities to deliver implants, exfiltrating private dat…
lightspy
exploit
macos
2024-05-30
Published: May 30, 2024
Linked vulnerabilities : CVE-2018-4404, CVE-2018-4233
Downloadable IOCs: 43

'Reptile Recon': Discovering CryptoChameleon fast flux IOFAs. Hundreds of domains, IPs, and ASNs discovered

A report detailing the analysis of the CryptoChameleon phishing kit, which is used to harvest sensitive information from employees and customers across various platforms. Silent Push Threat Analysts conducted research that revealed a large number of fast flux Indicators of Future Attack (IOFAs) tar…
phishing
2024-05-30
cryptochameleon
phishing kit
Published: May 30, 2024
Downloadable IOCs: 30

Distribution of Malware Under the Guise of MS Office Cracked Versions (XMRig, OrcusRAT, etc.)

The report analyzes a campaign where threat actors distribute various malware strains like RATs, coinminers, and loaders disguised as cracked versions of popular software. South Korean systems are heavily targeted, with malware persisting via scheduled tasks and evading security products. Detailed …
loader
evasion
xmrig
purecrypter
cryptominer
3proxy
antiav
orcusrat
2024-05-30
Published: May 30, 2024
Downloadable IOCs: 11

Decoding Water Sigbin's Latest Obfuscation Tricks

The China-based threat group Water Sigbin, known for deploying cryptocurrency-mining malware, exhibited new techniques to evade detection. It exploited CVE-2017-3506 and CVE-2023-21839 to deploy a PowerShell script executing a miner. The script utilized complex encoding, environment variables to hi…
powershell
2024-05-30
exploits
CVE-2023-21839
cryptocoin miner
CVE-2017-3506
Published: May 30, 2024
Linked vulnerabilities : CVE-2023-21839, CVE-2017-3506
Downloadable IOCs: 9
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-5514

9.8
    MinMax CMS
Published: May 30, 2024

CVE-2024-3584

9.8
    qdrant/qdrant
Published: May 30, 2024

CVE-2024-3300

9.0
    DELMIA Apriso
    DELMIA Apriso
Published: May 30, 2024

CVE-2024-5326

8.8
    Post Grid Gutenberg Blocks and WordPress Blog Plugin - PostX plugin for WordPress
    Post Grid Gutenberg Blocks and WordPress Blog Plugin - PostX plugin
Published: May 30, 2024

CVE-2024-3301

8.5
    DELMIA Apriso
    DELMIA Apriso
Published: May 30, 2024

CVE-2024-34171

7.8
    Fuji Electric Monitouch V-SFT
Published: May 30, 2024

CVE-2024-5271

7.8
    Fuji Electric Monitouch V-SFT
Published: May 30, 2024

CVE-2024-5517

7.3
    Online Blood Bank Management System
    itsourcecode Online Blood Bank Management System
Published: May 30, 2024

CVE-2024-5519

7.3
    ItsourceCode Learning Management System Project In PHP
Published: May 30, 2024

CVE-2024-5207

7.2
    POST SMTP WordPress Plugin
    POST SMTP
Published: May 30, 2024

CVE-2024-4218

6.5
    AffiEasy plugin for WordPress
Published: May 30, 2024

CVE-2024-35189

6.5
    Fides
Published: May 30, 2024

CVE-2024-3726

6.4
    Login Logout Register Menu plugin for WordPress
Published: May 30, 2024

CVE-2024-2253

6.4
    Testimonial Carousel For Elementor plugin for WordPress
    Testimonial Carousel For Elementor plugin
Published: May 30, 2024

CVE-2024-3063

6.4
    WPB Elementor Addons plugin
    WPB Elementor Addons plugin for WordPress
Published: May 30, 2024

CVE-2024-5223

6.4
    Post Grid Gutenberg Blocks and WordPress Blog Plugin - PostX
    Post Grid Gutenberg Blocks and WordPress Blog Plugin - PostX plugin
Published: May 30, 2024

CVE-2024-4356

6.4
    List categories plugin for WordPress
Published: May 30, 2024

CVE-2024-5341

6.4
    The Plus Addons for Elementor Page Builder plugin
    The Plus Addons for Elementor Page Builder plugin for WordPress
Published: May 30, 2024

CVE-2024-5073

6.4
    Essential Addons for Elementor
Published: May 30, 2024

CVE-2024-5327

6.4
    PowerPack Addons for Elementor (Free Widgets, Extensions and Templates) plugin for WordPress
    PowerPack Addons for Elementor plugin
Published: May 30, 2024

CVE-2024-4422

6.4
    Comparison Slider plugin for WordPress
Published: May 30, 2024

CVE-2024-4668

6.4
    Gum Elementor Addon plugin for WordPress
Published: May 30, 2024

CVE-2024-3583

6.4
    Simple Like Page Plugin for WordPress
    Simple Like Page Plugin plugin for WordPress
Published: May 30, 2024

CVE-2024-5520

6.4
    Alkacon OpenCMS
Published: May 30, 2024

CVE-2024-5521

6.4
    Alkacon OpenCMS
    Alkacon's OpenCMS
Published: May 30, 2024

CVE-2024-5515

6.3
    SourceCodester Stock Management System
Published: May 30, 2024

CVE-2024-5516

6.3
    Online Blood Bank Management System
    itsourcecode Online Blood Bank Management System
Published: May 30, 2024

CVE-2024-5518

6.3
    Online Discussion Forum
Published: May 30, 2024

CVE-2024-1298

6.0
    EDK2
Published: May 30, 2024

CVE-2024-35228

5.5
    Wagtail
Published: May 30, 2024

CVE-2024-3190

5.4
    Unlimited Elements For Elementor plugin
Published: May 30, 2024

CVE-2024-3269

5.4
    WordPress Download Monitor plugin
Published: May 30, 2024

CVE-2024-2089

5.4
    Remote Content Shortcode plugin for WordPress
Published: May 30, 2024

CVE-2022-43575

5.4
    IBM Aspera Console
Published: May 30, 2024

CVE-2024-3277

5.0
    Yumpu ePaper publishing plugin for WordPress
Published: May 30, 2024

CVE-2022-43384

4.6
    IBM Aspera Console
Published: May 30, 2024

CVE-2024-3946

4.4
    WP To Do plugin for WordPress
Published: May 30, 2024

CVE-2024-2657

4.4
    Font Farsi plugin for WordPress
Published: May 30, 2024

CVE-2024-3924

4.4
    huggingface/text-generation-inference
    huggingface/text-generation-inference repository
Published: May 30, 2024

CVE-2024-3943

4.3
    WP To Do plugin for WordPress
Published: May 30, 2024

CVE-2024-3945

4.3
    WP To Do plugin for WordPress
Published: May 30, 2024

CVE-2024-3947

4.3
    WP To Do plugin for WordPress
Published: May 30, 2024

CVE-2024-4355

4.3
    Block Bad Bots and Stop Bad Bots Crawlers and Spiders and Anti Spam Protection plugin for WordPress
Published: May 30, 2024

CVE-2024-4426

4.3
    Comparison Slider plugin for WordPress
Published: May 30, 2024

CVE-2024-4427

4.3
    Comparison Slider plugin for WordPress
Published: May 30, 2024

CVE-2024-32877

4.2
    Yii 2
Published: May 30, 2024

CVE-2022-43841

4.0
    IBM Aspera Console
Published: May 30, 2024

CVE-2024-4330

4.0
    UNKNOWN
    parisneo/lollms-webui
Published: May 30, 2024

CVE-2024-36118

3.5
    MeterSphere
Published: May 30, 2024

CVE-2024-36119

1.8
    Statamic
Published: May 30, 2024

CVE-2024-36267

None
    Redmine DMSF Plugin
Published: May 30, 2024

CVE-2024-1100

None
    Vadi Corporate Information Systems DIGIKENT GIS
Published: May 30, 2024

CVE-2024-36017

None
    Linux kernel
Published: May 30, 2024

CVE-2024-35504

None
    FineSoft
Published: May 30, 2024

CVE-2024-36018

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36019

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36020

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36021

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36022

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36023

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36024

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36025

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36026

None
    Linux kernel
Published: May 30, 2024

CVE-2023-52882

None
    Linux Kernel
Published: May 30, 2024

CVE-2024-32029

None
    UNKNOWN
Published: May 30, 2024

CVE-2024-35345

None
    Diño Physics School Assistant
Published: May 30, 2024

CVE-2024-35354

None
    Diño Physics School Assistant
Published: May 30, 2024

CVE-2024-35355

None
    Diño Physics School Assistant
Published: May 30, 2024

CVE-2024-35356

None
    Diño Physics School Assistant
Published: May 30, 2024

CVE-2024-35357

None
    Diño Physics School Assistant
Published: May 30, 2024

CVE-2024-35358

None
    Diño Physics School Assistant
Published: May 30, 2024

CVE-2024-35430

None
    ZKTeco ZKBio CVSecurity
Published: May 30, 2024

CVE-2024-35432

None
    ZKTeco ZKBio CVSecurity
    ZKBio CVSecurity
Published: May 30, 2024

CVE-2024-36027

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36028

None
    Linux Kernel
    Linux kernel
Published: May 30, 2024

CVE-2024-36029

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36030

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36031

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36032

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36033

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36880

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36881

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36882

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36883

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36884

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36885

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36886

None
    Linux kernel
    Linux kernel
Published: May 30, 2024

CVE-2024-36887

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36888

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36889

None
    Linux Kernel
Published: May 30, 2024

CVE-2024-36890

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36891

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36892

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36893

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36894

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36895

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36896

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36897

None
    Linux Kernel
Published: May 30, 2024

CVE-2024-36898

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36899

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36900

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36901

None
    Linux Kernel
Published: May 30, 2024

CVE-2024-36902

None
    Linux Kernel
Published: May 30, 2024

CVE-2024-36903

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36904

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36905

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36906

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36907

None
    Linux Kernel
Published: May 30, 2024

CVE-2024-36908

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36909

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36910

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36911

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36912

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36913

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36914

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36915

None
    Linux Kernel
Published: May 30, 2024

CVE-2024-36916

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36917

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36918

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36919

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36920

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36921

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36922

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36923

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36924

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36925

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36926

None
    Linux kernel
    Linux kernel
Published: May 30, 2024

CVE-2024-36927

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36928

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36929

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36930

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36931

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36932

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36933

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36934

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36935

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36936

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36937

None
    Linux Kernel
Published: May 30, 2024

CVE-2024-36938

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36939

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36940

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36941

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36942

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36943

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36944

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36945

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36946

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36947

None
    Linux Kernel
Published: May 30, 2024

CVE-2024-36948

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36949

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36950

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36951

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36952

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36953

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36954

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36955

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36956

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36957

None
    Linux kernel
Published: May 30, 2024

CVE-2024-36958

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-36959

None
    Linux kernel
    Linux Kernel
Published: May 30, 2024

CVE-2024-35349

None
    Diño Physics School Assistant
Published: May 30, 2024

CVE-2024-35350

None
    Diño Physics School Assistant
Published: May 30, 2024

CVE-2024-35351

None
    Diño Physics School Assistant
Published: May 30, 2024

CVE-2024-35352

None
    Diño Physics School Assistant
Published: May 30, 2024

CVE-2024-35353

None
    Diño Physics School Assistant
Published: May 30, 2024

CVE-2024-35359

None
    Diño Physics School Assistant
Published: May 30, 2024

CVE-2024-35428

None
    ZKTeco ZKBio CVSecurity
Published: May 30, 2024

CVE-2024-35429

None
    ZKTeco ZKBio CVSecurity
Published: May 30, 2024

CVE-2024-35431

None
    ZKTeco ZKBio CVSecurity
    ZKBio CVSecurity
Published: May 30, 2024

CVE-2024-5537

None
    UNKNOWN
Published: May 30, 2024

CVE-2024-2420

None
    LenelS2 NetBox
Published: May 30, 2024

CVE-2024-2421

None
    LenelS2 NetBox
Published: May 30, 2024

CVE-2024-2422

None
    LenelS2 NetBox access control and event monitoring system
Published: May 30, 2024

CVE-2024-35433

None
    ZKTeco ZKBio CVSecurity
Published: May 30, 2024

CVE-2024-35468

None
    SourceCodester Human Resource Management System
Published: May 30, 2024

CVE-2024-35469

None
    SourceCodester Human Resource Management System
Published: May 30, 2024

CVE-2024-4842

None
    UNKNOWN
Published: May 30, 2024
Click here to see more Vulnerabilities