Tag: 2024-06-07

5 Attack Reports | 76 Vulnerabilities

Attack reports

Lost in the Fog: A New Ransomware Threat

Arctic Wolf Labs began monitoring the deployment of a new ransomware variant called Fog in early May 2024. The ransomware attacks targeted organizations in the education and recreation sectors within the United States. Evidence suggests threat actors gained initial access through compromised VPN cr…
ransomware
encryption
lateral movement
credential
2024-06-07
backup deletion
foggyweb
Published: June 7, 2024
Linked vulnerabilities : CVE-2024-4358 (CVSS 9.8), CVE-2024-1800
Downloadable IOCs: 5

Malicious Campaign Analysis: JScript RAT and CobaltStrike

This report examines a recent malicious campaign involving a JScript-based Remote Access Trojan (RAT) and its connections to the CobaltStrike penetration testing tool. The attack commences with an obfuscated JScript loader distributed through suspected phishing campaigns. Upon execution, it contact…
obfuscation
rat
encryption
cobaltstrike
2024-06-07
jscript
jscript rat
Published: June 7, 2024
Downloadable IOCs: 4

Targets Ukraine's Defense Forces using SPECTR malware alongside legitimate SyncThing

The report describes a cyber attack campaign by the UAC-0020 (Vermin) threat group targeting Ukraine's Defense Forces. The attackers utilized the SPECTR malware in tandem with the legitimate SyncThing software to exfiltrate sensitive data. The malicious payload was delivered via a password-protecte…
ukraine
exfiltration
defense
2024-06-07
spectr
syncthing
Published: June 7, 2024
Downloadable IOCs: 33

Howling at the Inbox: Sticky Werewolf's Latest Malicious Aviation Attacks

Morphisec Labs has been monitoring increased activity associated with Sticky Werewolf, a suspected geopolitical or hacktivist group. While their origin remains unclear, recent techniques suggest espionage and data exfiltration intent. Sticky Werewolf has targeted the aviation industry, employing ph…
phishing
rhadamanthys stealer
2024-06-07
netwire
rats
webdav
metastealer
ozone rat
lnks
aviation
darktrack
Published: June 7, 2024
Downloadable IOCs: 14

Commando Cat: A Novel Cryptojacking Attack Abusing Docker Remote API Servers

This report details a cryptojacking campaign exploiting exposed Docker remote API servers. Threat actors employ the cmd.cat/chattr Docker image for initial access, utilizing techniques like chroot and volume binding to break out of the container and access host systems. They deploy cryptocurrency m…
malware
cryptocurrency
cloud
2024-06-07
cryptojacking
docker
containers
ziggystartux
Published: June 7, 2024
Downloadable IOCs: 7
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-3592

9.9
    Quiz And Survey Master - Best Quiz, Exam and Survey Plugin for WordPress
Published: June 7, 2024

CVE-2024-32503

8.4
    Samsung Mobile Processor and Wearable Processor Exynos 850
    Samsung Mobile Processor and Wearable Processor Exynos 1080
    Samsung Mobile Processor and Wearable Processor Exynos 2100
    Samsung Mobile Processor and Wearable Processor Exynos 1280
    Samsung Mobile Processor and Wearable Processor Exynos 1380
    Samsung Mobile Processor and Wearable Processor Exynos 1330
    Samsung Mobile Processor and Wearable Processor Exynos W920
    Samsung Mobile Processor and Wearable Processor Exynos W930
    Samsung Mobile Processor
Published: June 7, 2024

CVE-2024-31959

8.4
    Samsung Mobile Processor Exynos 2200
    Samsung Mobile Processor Exynos 1480
    Samsung Mobile Processor Exynos 2400
Published: June 7, 2024

CVE-2024-32502

8.4
    Samsung Mobile Processor and Wearable Processor Exynos
    Samsung Mobile Processor and Wearable Processor
Published: June 7, 2024

CVE-2023-32475

7.6
    Dell BIOS
Published: June 7, 2024

CVE-2024-4887

7.5
    Qi Addons For Elementor plugin for WordPress
Published: June 7, 2024

CVE-2024-5637

7.5
    Market Exporter plugin for WordPress
Published: June 7, 2024

CVE-2024-5599

7.5
    FileOrganizer – Manage WordPress and Website Files plugin
Published: June 7, 2024

CVE-2024-5732

7.3
    Clash
Published: June 7, 2024

CVE-2024-5733

7.3
    itsourcecode Online Discussion Forum
Published: June 7, 2024

CVE-2024-4902

7.2
    Tutor LMS plugin for WordPress
Published: June 7, 2024

CVE-2024-5542

7.2
    Master Addons
Published: June 7, 2024

CVE-2024-5481

6.8
    Photo Gallery by 10Web - Mobile-Friendly Image Gallery plugin for WordPress
Published: June 7, 2024

CVE-2024-31958

6.8
    Samsung Mobile Processor Exynos 2200
    Samsung Mobile Processor Exynos 1480
    Samsung Mobile Processor Exynos 2400
Published: June 7, 2024

CVE-2022-4968

6.5
    Netplan
Published: June 7, 2024

CVE-2024-5382

6.5
    Master Addons for Elementor plugin
Published: June 7, 2024

CVE-2024-1768

6.4
    Clever Fox plugin for WordPress
Published: June 7, 2024

CVE-2024-1988

6.4
    Post Grid, Form Maker, Popup Maker, WooCommerce Blocks, Post Blocks, Post Carousel - Combo Blocks plugin for WordPress
Published: June 7, 2024

CVE-2024-5425

6.4
    WP jQuery Lightbox plugin for WordPress
Published: June 7, 2024

CVE-2024-5612

6.4
    Essential Addons for Elementor Pro plugin for WordPress
Published: June 7, 2024

CVE-2024-5640

6.4
    Prime Slider - Addons For Elementor plugin for WordPress
Published: June 7, 2024

CVE-2024-4042

6.4
    WordPress Post Grid plugin
    WordPress Form Maker plugin
    WordPress Popup Maker plugin
    WordPress WooCommerce Blocks plugin
    WordPress Post Blocks plugin
    WordPress Post Carousel – Combo Blocks plugin
Published: June 7, 2024

CVE-2024-4354

6.4
    TablePress
Published: June 7, 2024

CVE-2024-4451

6.4
    Colibri Page Builder plugin for WordPress
Published: June 7, 2024

CVE-2024-4488

6.4
    Royal Elementor Addons and Templates for WordPress
Published: June 7, 2024

CVE-2024-4489

6.4
    Royal Elementor Addons and Templates plugin for WordPress
Published: June 7, 2024

CVE-2024-4703

6.4
    One Page Express Companion plugin for WordPress
Published: June 7, 2024

CVE-2024-5426

6.4
    Photo Gallery by 10Web
Published: June 7, 2024

CVE-2024-5645

6.4
    Envo Extra plugin for WordPress
Published: June 7, 2024

CVE-2024-37163

6.4
    SkyScrape
Published: June 7, 2024

CVE-2024-5734

6.3
    Online Discussion Forum
Published: June 7, 2024

CVE-2024-5745

6.3
    Bakery Online Ordering System
Published: June 7, 2024

CVE-2023-6876

5.4
    Clever Fox - One Click Website Importer by Nayra Themes plugin for WordPress
Published: June 7, 2024

CVE-2024-3987

5.4
    WP Mobile Menu
Published: June 7, 2024

CVE-2024-5607

5.4
    GDPR CCPA Compliance & Cookie Consent Banner plugin for WordPress
Published: June 7, 2024

CVE-2024-1689

5.3
    WooCommerce Tools plugin for WordPress
Published: June 7, 2024

CVE-2024-31878

5.3
    IBM i
Published: June 7, 2024

CVE-2024-37160

4.8
    Formwork
Published: June 7, 2024

CVE-2023-5424

4.7
    WS Form LITE plugin for WordPress
Published: June 7, 2024

CVE-2023-6491

4.3
    Strong Testimonials plugin for WordPress
Published: June 7, 2024

CVE-2024-5438

4.3
    Tutor LMS
Published: June 7, 2024

CVE-2024-37162

4.0
    zsa
    zsa
Published: June 7, 2024

CVE-2024-36082

None
    Music Store - WordPress eCommerce
Published: June 7, 2024

CVE-2024-37383

None
    Roundcube Webmail
Published: June 7, 2024

CVE-2024-37384

None
    Roundcube Webmail
Published: June 7, 2024

CVE-2024-37385

None
    Roundcube Webmail
Published: June 7, 2024

CVE-2024-3288

None
    Logo Slider WordPress plugin
Published: June 7, 2024

CVE-2024-4620

None
    ARForms - Premium WordPress Form Builder Plugin
Published: June 7, 2024

CVE-2024-4621

None
    ARForms - Premium WordPress Form Builder Plugin
Published: June 7, 2024

CVE-2024-4756

None
    WP Backpack WordPress plugin
Published: June 7, 2024

CVE-2024-5003

None
    WP Stacker WordPress plugin
Published: June 7, 2024

CVE-2024-4610

None
    Arm Ltd Bifrost GPU Kernel Driver
    Arm Ltd Valhall GPU Kernel Driver
Published: June 7, 2024

CVE-2024-36673

None
    Sourcecodester Pharmacy/Medical Store Point of Sale System
Published: June 7, 2024

CVE-2024-36773

None
    Monstra CMS
Published: June 7, 2024

CVE-2024-36787

None
    Netgear WNR614 JNR1010V2 N300
Published: June 7, 2024

CVE-2024-36788

None
    Netgear WNR614 JNR1010V2 N300
Published: June 7, 2024

CVE-2024-36789

None
    Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1
    Netgear WNR614 JNR1010V2/N300
Published: June 7, 2024

CVE-2024-36790

None
    Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1
    Netgear WNR614
Published: June 7, 2024

CVE-2024-36792

None
    Netgear WNR614 JNR1010V2/N300-V1.1.0.54_1.0.1
    Netgear WNR614 JNR1010V2/N300
Published: June 7, 2024

CVE-2024-30162

None
    Invision Community
Published: June 7, 2024

CVE-2024-30163

None
    Invision Community
Published: June 7, 2024

CVE-2024-3380

None
    UNKNOWN
Published: June 7, 2024

CVE-2024-4152

None
    UNKNOWN
Published: June 7, 2024

CVE-2023-6997

None
    UNKNOWN
Published: June 7, 2024

CVE-2024-23595

None
    UNKNOWN
Published: June 7, 2024

CVE-2024-36811

None
    aimeos-core
Published: June 7, 2024

CVE-2024-36827

None
    ebookmeta
Published: June 7, 2024

CVE-2024-37388

None
    lxml
Published: June 7, 2024

CVE-2024-3133

None
    UNKNOWN
Published: June 7, 2024

CVE-2024-5761

None
    UNKNOWN
Published: June 7, 2024

CVE-2023-49221

None
    Precor touchscreen console
Published: June 7, 2024

CVE-2023-49222

None
    Precor P82 Touchscreen Console
Published: June 7, 2024

CVE-2023-49223

None
    Precor touchscreen console P62, P80, and P82
Published: June 7, 2024

CVE-2023-49224

None
    Precor touchscreen console P62, P80, and P82
Published: June 7, 2024

CVE-2023-7261

None
    Google Chrome
Published: June 7, 2024

CVE-2024-1694

None
    Google Chrome
Published: June 7, 2024
Click here to see more Vulnerabilities