Tag: 2024-06-10

5 Attack Reports | 142 Vulnerabilities

Attack reports

Dissecting SSLoad Malware: A Comprehensive Technical Analysis

This in-depth analysis explores the intricate inner workings of SSLoad, a stealthy and adaptable malware known for its sophisticated delivery methods and evasion techniques. The comprehensive investigation unravels the malware's multistage infection chain, dissecting the various loaders, decryption…
cobalt strike
ssload
2024-06-10
Published: June 10, 2024
Downloadable IOCs: 7

New Updates to ValleyRAT

Zscaler ThreatLabz recently uncovered a new campaign used to deliver the latest iteration of ValleyRAT, a remote access trojan attributed to a China-based threat actor. The campaign involves multiple stages, with the initial stage downloader utilizing an HTTP File Server (HFS) to fetch subsequent c…
2024-06-10
valleyrat
Published: June 10, 2024
Downloadable IOCs: 26

New Agent Tesla Campaign Targeting Spanish-Speaking People

This report analyzes a phishing campaign spreading a new Agent Tesla variant designed to infiltrate victims' computers and steal sensitive information like credentials, email contacts, and system details. It leverages techniques like exploiting Microsoft Office vulnerabilities, executing JavaScript…
malware
obfuscation
phishing
infostealer
2024-06-10
CVE-2017-0199
CVE-2017-11882
agent tesla
spain
Published: June 10, 2024
Linked vulnerabilities : CVE-2017-11882, CVE-2017-0199
Downloadable IOCs: 6

Cybercriminals attack banking customers in EU with V3B phishing kit

An analysis reveals that a cybercriminal group is distributing sophisticated phishing kits to target banking customers in the European Union. These kits, designed to steal sensitive information like credentials and OTP codes, utilize social engineering tactics to deceive victims into revealing pers…
phishing
cybercrime
fraud
social-engineering
banking
2024-06-10
Published: June 10, 2024
Downloadable IOCs: 44

IcedID Brings ScreenConnect and CSharp Streamer to ALPHV Ransomware Deployment

This report details an intrusion that commenced with a spam campaign distributing a forked IcedID loader. After gaining initial access, the threat actor deployed ScreenConnect and established Cobalt Strike beacons, enabling remote command execution. They also utilized CSharp Streamer, a capable RAT…
backdoor
rat
ransomware
blackcat
alphv
cobalt strike
icedid
exfiltration
2024-06-10
noberus
csharp streamer
Published: June 10, 2024
Downloadable IOCs: 33
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-35746

10.0
    BuddyPress Cover
Published: June 10, 2024

CVE-2024-36412

10.0
    SuiteCRM
Published: June 10, 2024

CVE-2024-34762

9.9
    Advanced Custom Fields PRO
    Advanced Custom Fields PRO
Published: June 10, 2024

CVE-2024-36408

9.6
    SuiteCRM
Published: June 10, 2024

CVE-2024-36409

9.6
    SuiteCRM
Published: June 10, 2024

CVE-2024-36410

9.6
    SuiteCRM
Published: June 10, 2024

CVE-2024-36411

9.6
    SuiteCRM
Published: June 10, 2024

CVE-2024-37051

9.3
    JetBrains IntelliJ IDEA
    JetBrains Aqua
    JetBrains CLion
    JetBrains DataGrip
    JetBrains DataSpell
    JetBrains GoLand
    JetBrains MPS
    JetBrains PhpStorm
    JetBrains PyCharm
    JetBrains Rider
    JetBrains RubyMine
    JetBrains RustRover
    JetBrains WebStorm
    IntelliJ IDEA
    Aqua
    CLion
    DataGrip
    DataSpell
    GoLand
    MPS
    PhpStorm
    PyCharm
    Rider
    RubyMine
    RustRover
    WebStorm
Published: June 10, 2024

CVE-2024-36415

9.1
    SuiteCRM
Published: June 10, 2024

CVE-2024-35677

9.0
    MegaMenu
Published: June 10, 2024

CVE-2024-36413

8.9
    SuiteCRM
Published: June 10, 2024

CVE-2024-37166

8.9
    ghtml
Published: June 10, 2024

CVE-2024-35241

8.8
    Composer
Published: June 10, 2024

CVE-2024-35242

8.8
    Composer
Published: June 10, 2024

CVE-2024-35658

8.6
    ThemeHigh Checkout Field Editor for WooCommerce (Pro)
    ThemeHigh Checkout Field Editor for WooCommerce (Pro)
Published: June 10, 2024

CVE-2024-35743

8.6
    Siteclean SC filechecker
Published: June 10, 2024

CVE-2024-35744

8.6
    Upunzipper
Published: June 10, 2024

CVE-2024-36416

8.6
    SuiteCRM
Published: June 10, 2024

CVE-2024-34761

8.5
    Advanced Custom Fields PRO
Published: June 10, 2024

CVE-2024-36418

8.5
    SuiteCRM
Published: June 10, 2024

CVE-2024-5785

8.0
    Comtrend router WLD71-T1_v2.0.201820
    GRG-4280us
    Comtrend router WLD71-T1_v2.0.201820
    GRG-4280us
Published: June 10, 2024

CVE-2024-5597

7.8
    Fuji Electric Monitouch V-SFT
Published: June 10, 2024

CVE-2024-32849

7.8
    Trend Micro Security (Consumer)
Published: June 10, 2024

CVE-2024-36302

7.8
    Trend Micro Apex One Security Agent
Published: June 10, 2024

CVE-2024-36303

7.8
    Trend Micro Apex One security agent
Published: June 10, 2024

CVE-2024-36304

7.8
    Trend Micro Apex One and Apex One as a Service agent
Published: June 10, 2024

CVE-2024-36305

7.8
    Trend Micro Apex One
Published: June 10, 2024

CVE-2024-36358

7.8
    Trend Micro Deep Security
Published: June 10, 2024

CVE-2024-37289

7.8
    Trend Micro Apex One
Published: June 10, 2024

CVE-2024-36414

7.7
    SuiteCRM
Published: June 10, 2024

CVE-2024-34800

7.6
    Crafthemes Demo Import
Published: June 10, 2024

CVE-2024-35745

7.5
    Strategery Migrations
Published: June 10, 2024

CVE-2024-35754

7.5
    Ovic Importer
Published: June 10, 2024

CVE-2024-5786

6.5
    Comtrend router WLD71-T1_v2.0.201820
    Comtrend router WLD71-T1_v2.0.201820
    GRG-4280us
Published: June 10, 2024

CVE-2024-35474

6.5
    iceice666 ResourcePack Server
Published: June 10, 2024

CVE-2024-36306

6.1
    Trend Micro Apex One
    Trend Micro Apex One as a Service
Published: June 10, 2024

CVE-2024-28833

5.9
    Checkmk
Published: June 10, 2024

CVE-2024-36405

5.9
    liboqs
    liboqs
Published: June 10, 2024

CVE-2024-22279

5.9
    Cloud Foundry
Published: June 10, 2024

CVE-2024-36417

5.7
    SuiteCRM
Published: June 10, 2024

CVE-2024-21751

5.4
    RabbitLoader
    RabbitLoader
Published: June 10, 2024

CVE-2024-36406

5.4
    SuiteCRM
Published: June 10, 2024

CVE-2024-3850

5.4
    Uniview NVR301-04S2-P4
Published: June 10, 2024

CVE-2024-36359

5.4
    Trend Micro InterScan Web Security Virtual Appliance (IWSVA)
Published: June 10, 2024

CVE-2024-22298

5.3
    TMS Amelia ameliabooking
    TMS Amelia ameliabooking
Published: June 10, 2024

CVE-2024-23524

5.3
    PilotPress
Published: June 10, 2024

CVE-2024-35729

5.3
    Tickera
Published: June 10, 2024

CVE-2024-35735

5.3
    WP Time Slots Booking Form
    WP Time Slots Booking Form
Published: June 10, 2024

CVE-2024-35742

5.3
    Easy Forms for Mailchimp
    Easy Forms for Mailchimp
Published: June 10, 2024

CVE-2024-4744

5.3
    iPages Flipbook
    Avirtum iPages Flipbook
Published: June 10, 2024

CVE-2024-35680

5.3
    YITH WooCommerce Product Add-Ons
    YITH WooCommerce Product Add-Ons
Published: June 10, 2024

CVE-2024-35728

5.3
    PPOM for WooCommerce
Published: June 10, 2024

CVE-2024-35747

5.3
    wpdevart Contact Form Builder
    Contact Widget
Published: June 10, 2024

CVE-2024-36473

5.3
    Trend Micro VPN Proxy One Pro
Published: June 10, 2024

CVE-2024-37168

5.3
    @grpc/grps-js
Published: June 10, 2024

CVE-2024-37169

5.3
    @jmondi/url-to-png
Published: June 10, 2024

CVE-2024-35650

4.9
    Melapress MelaPress Login Security
    Melapress MelaPress Login Security
Published: June 10, 2024

CVE-2024-35712

4.9
    Database Cleaner
Published: June 10, 2024

CVE-2024-36307

4.7
    Trend Micro Apex One
    Apex One as a Service
Published: June 10, 2024

CVE-2024-4403

4.4
    parisneo/lollms-webui
Published: June 10, 2024

CVE-2024-22296

4.3
    12 Step Meeting List
Published: June 10, 2024

CVE-2024-35717

4.3
    Media Slider – Photo Sleder, Video Slider, Link Slider, Carousal Slideshow
    Media Slider - Photo Sleder, Video Slider, Link Slider, Carousal Slideshow
Published: June 10, 2024

CVE-2024-35720

4.3
    Album Gallery - WordPress Gallery
    Album Gallery - WordPress Gallery
Published: June 10, 2024

CVE-2024-35721

4.3
    Image Gallery - Lightbox Gallery, Responsive Photo Gallery, Masonry Gallery
    A WP Life Image Gallery - Lightbox Gallery
Published: June 10, 2024

CVE-2024-35722

4.3
    WP Life Slider Responsive Slideshow
    Slider Responsive Slideshow
Published: June 10, 2024

CVE-2024-35723

4.3
    Dashboard To-Do List
Published: June 10, 2024

CVE-2024-35724

4.3
    Bosa Elementor Addons and Templates for WooCommerce
Published: June 10, 2024

CVE-2024-35725

4.3
    LA-Studio Element Kit for Elementor
Published: June 10, 2024

CVE-2024-35726

4.3
    ThemeKraft WooBuddy
    WooBuddy
Published: June 10, 2024

CVE-2024-35727

4.3
    Extra Product Options for WooCommerce
    Extra Product Options for WooCommerce
Published: June 10, 2024

CVE-2024-35741

4.3
    Awesome Support
    Awesome Support
Published: June 10, 2024

CVE-2024-4745

4.3
    Giveaways and Contests by RafflePress
    RafflePress Giveaways and Contests by RafflePress
Published: June 10, 2024

CVE-2024-4746

4.3
    Netgsm
    Netgsm
Published: June 10, 2024

CVE-2024-36419

4.3
    SuiteCRM
Published: June 10, 2024

CVE-2024-4328

4.0
    parisneo/lollms-webui
Published: June 10, 2024

CVE-2024-35749

3.7
    Acurax Under Construction / Maintenance Mode
Published: June 10, 2024

CVE-2024-36407

3.7
    SuiteCRM
Published: June 10, 2024

CVE-2024-37880

None
    Kyber reference implementation
Published: June 10, 2024

CVE-2024-36971

None
    Linux kernel
    Linux Kernel
Published: June 10, 2024

CVE-2024-1228

None
    Eurosoft Przychodnia
Published: June 10, 2024

CVE-2024-3699

None
    drEryk Gabinet
Published: June 10, 2024

CVE-2024-3700

None
    Estomed Sp. z o.o. Simple Care software
Published: June 10, 2024

CVE-2022-45168

None
    LIVEBOX Collaboration vDesk
Published: June 10, 2024

CVE-2022-45176

None
    LIVEBOX Collaboration vDesk
Published: June 10, 2024

CVE-2024-35304

None
    Pandora FMS
    Pandora FMS
Published: June 10, 2024

CVE-2024-35305

None
    Pandora FMS
    Pandora FMS
Published: June 10, 2024

CVE-2024-35306

None
    Pandora FMS
    Pandora FMS
Published: June 10, 2024

CVE-2024-35307

None
    Pandora FMS
    Pandora FMS
Published: June 10, 2024

CVE-2024-36528

None
    nukeviet
    nukeviet-egov
    nukeviet
    nukeviet-egov
Published: June 10, 2024

CVE-2024-36531

None
    nukeviet
    nukeviet-egov
    nukeviet
    nukeviet-egov
Published: June 10, 2024

CVE-2024-36972

None
    Linux kernel
    Linux Kernel
Published: June 10, 2024

CVE-2024-26507

None
    FinalWire AIRDA Extreme
    AIDA64 Engineer
    AIDA64 Business
    AIDA64 Network Audit
Published: June 10, 2024

CVE-2024-31613

None
    BOSSCMS
Published: June 10, 2024

CVE-2024-34332

None
    SiSoftware SANDRA
    SiSoftware SANDRA
Published: June 10, 2024

CVE-2024-31611

None
    SeaCMS
Published: June 10, 2024

CVE-2024-5102

None
    Avast Antivirus
Published: June 10, 2024

CVE-2024-31612

None
    Emlog
    Emlog
Published: June 10, 2024

CVE-2022-32897

None
    macOS
Published: June 10, 2024

CVE-2022-32933

None
    macOS
Published: June 10, 2024

CVE-2022-48578

None
    macOS
Published: June 10, 2024

CVE-2022-48683

None
    macOS Ventura
Published: June 10, 2024

CVE-2023-40389

None
    macOS Ventura
    macOS Monterey
Published: June 10, 2024

CVE-2024-23299

None
    macOS
Published: June 10, 2024

CVE-2024-27792

None
    macOS
Published: June 10, 2024

CVE-2024-32167

None
    Sourcecodester Online Medicine Ordering System
Published: June 10, 2024

CVE-2024-37014

None
    Langflow
Published: June 10, 2024

CVE-2024-37393

None
    SecurEnvoy MFA
Published: June 10, 2024

CVE-2024-23251

None
    macOS
    watchOS
    iOS
    iPadOS
Published: June 10, 2024

CVE-2024-23282

None
    macOS Sonoma
    watchOS
    iOS
    iPadOS
Published: June 10, 2024

CVE-2024-27799

None
    iOS
    iPadOS
    macOS Monterey
    macOS Ventura
    macOS Sonoma
Published: June 10, 2024

CVE-2024-27800

None
    macOS Monterey
    macOS Ventura
    macOS Sonoma
    tvOS
    watchOS
    iOS
    iPadOS
    visionOS
Published: June 10, 2024

CVE-2024-27801

None
    iOS
    iPadOS
    macOS Sonoma
    tvOS
    watchOS
    visionOS
Published: June 10, 2024

CVE-2024-27802

None
    macOS Monterey
    macOS Ventura
    macOS Sonoma
    tvOS
    iOS
    iPadOS
    visionOS
Published: June 10, 2024

CVE-2024-27805

None
    macOS Monterey
    macOS Ventura
    macOS Sonoma
    tvOS
    watchOS
    iOS
    iPadOS
Published: June 10, 2024

CVE-2024-27806

None
    macOS Monterey
    macOS Ventura
    macOS Sonoma
    tvOS
    watchOS
    iOS
    iPadOS
Published: June 10, 2024

CVE-2024-27807

None
    iOS
    iPadOS
Published: June 10, 2024

CVE-2024-27808

None
    iOS
    iPadOS
    macOS Sonoma
    tvOS
    watchOS
    Safari
    visionOS
Published: June 10, 2024

CVE-2024-27811

None
    macOS
    iOS
    iPadOS
    tvOS
    watchOS
    visionOS
Published: June 10, 2024

CVE-2024-27812

None
    visionOS
Published: June 10, 2024

CVE-2024-27814

None
    watchOS
Published: June 10, 2024

CVE-2024-27815

None
    iOS
    iPadOS
    macOS Sonoma
    tvOS
    watchOS
    visionOS
Published: June 10, 2024

CVE-2024-27817

None
    Apple macOS
    Apple iOS
    Apple iPadOS
    Apple tvOS
    Apple visionOS
Published: June 10, 2024

CVE-2024-27819

None
    iOS
    iPadOS
Published: June 10, 2024

CVE-2024-27820

None
    macOS Sonoma
    tvOS
    watchOS
    Safari
    iOS
    iPadOS
    visionOS
Published: June 10, 2024

CVE-2024-27828

None
    iOS
    iPadOS
    tvOS
    watchOS
    visionOS
Published: June 10, 2024

CVE-2024-27830

None
    iOS
    iPadOS
    macOS Sonoma
    tvOS
    watchOS
    Safari
    visionOS
Published: June 10, 2024

CVE-2024-27831

None
    macOS Monterey
    macOS Ventura
    macOS Sonoma
    tvOS
    iOS
    iPadOS
    visionOS
Published: June 10, 2024

CVE-2024-27832

None
    iOS
    iPadOS
    macOS Sonoma
    tvOS
    watchOS
    visionOS
Published: June 10, 2024

CVE-2024-27833

None
    Apple iOS
    Apple iPadOS
    Apple tvOS
    Apple visionOS
    Apple Safari
Published: June 10, 2024

CVE-2024-27836

None
    iOS
    iPadOS
    macOS Sonoma
    visionOS
Published: June 10, 2024

CVE-2024-27838

None
    macOS Sonoma
    tvOS
    watchOS
    Safari
    iOS
    iPadOS
    visionOS
Published: June 10, 2024

CVE-2024-27840

None
    macOS Monterey
    macOS Ventura
    tvOS
    watchOS
    iOS
    iPadOS
    visionOS
Published: June 10, 2024

CVE-2024-27844

None
    macOS Sonoma
    Safari
    visionOS
Published: June 10, 2024

CVE-2024-27845

None
    iOS
    iPadOS
Published: June 10, 2024

CVE-2024-27848

None
    iOS
    iPadOS
    macOS Sonoma
Published: June 10, 2024

CVE-2024-27850

None
    iOS
    iPadOS
    macOS Sonoma
    Safari
    visionOS
Published: June 10, 2024

CVE-2024-27851

None
    macOS
    iOS
    iPadOS
    tvOS
    watchOS
    Safari
    visionOS
Published: June 10, 2024

CVE-2024-27855

None
    iOS
    iPadOS
    macOS
Published: June 10, 2024

CVE-2024-27857

None
    iOS
    iPadOS
    macOS Sonoma
    tvOS
    visionOS
Published: June 10, 2024

CVE-2024-27885

None
    macOS
Published: June 10, 2024

CVE-2024-33850

None
    Pexip Infinity
Published: June 10, 2024

CVE-2024-36471

None
    Apache Allura
Published: June 10, 2024
Click here to see more Vulnerabilities