Tag: 2024-06-24

7 Attack Reports | 92 Vulnerabilities

Attack reports

Chinese State-Sponsored RedJuliett Intensifies Taiwanese Cyber Espionage via Network Perimeter Exploitation

Chinese state-sponsored cyber-espionage group RedJuliett continues to target Taiwanese government, academic, technology companies and de facto embassies, according to a new report from Insikt Group.
softether vpn
2024-06-24
taiwan
redjuliett
beijing
laos
kenya
rwanda
Published: June 24, 2024
Downloadable IOCs: 11

Malvertising Campaign Leads to Execution of Oyster Backdoor

Rapid7 has observed a recent malvertising campaign that lures users into downloading malicious installers for popular software such as Google Chrome and Microsoft Teams.
malware
powershell
persistence
execution
malicious
python script
2024-06-24
lnk file
schtasks
json
microsoft teams
temp directory
http post
oyster main
Published: June 24, 2024
Downloadable IOCs: 13

AdsExhaust, a Newly Discovered Adware MasqueradingOculus…

In June 2024, the eSentire Threat Response Unit (TRU) identified adware, which we have dubbed AdsExhaust, being distributed through a fake Oculus installer application. The adware is capable of exfiltrating screenshots from infected devices and interacting with browsers using simulated keystrokes.
phishing
powershell
c2 server
download
2024-06-24
urls
adsexhaust
Published: June 24, 2024
Downloadable IOCs: 17

Analysis of CoinMiner Attacks Targeting Web Servers

The report details two separate attack cases targeting a Korean medical institution's web server, resulting in the installation of CoinMiners. The targeted server was a Windows IIS server, likely with PACS software installed. In both attacks, web shells were uploaded, and system information was col…
xmrig
coinminer
privilege escalation
earthworm
badpotato
godpotato
2024-06-24
webshell
netcat
cpolar
fscan
printnotifypotato
Published: June 24, 2024
Downloadable IOCs: 59

espionage group targets government agencies with and more infection techniques

A recently discovered threat actor, dubbed 'SneakyChef,' has been conducting an ongoing espionage campaign targeting government agencies across different regions, primarily utilizing the SugarGh0st malware. The group employs decoy documents impersonating government entities and infects victims thro…
apt
espionage
rat
phishing
government
sugargh0st
2024-06-24
spicerat
Published: June 24, 2024
Downloadable IOCs: 148

Unveiling SpiceRAT: Latest tool targeting EMEA and Asia

Cisco Talos discovered a new remote access trojan (RAT) dubbed SpiceRAT, employed by the threat actor SneakyChef in a recent malicious campaign. The campaign targeted government agencies across multiple countries in Europe, the Middle East, Africa, and Asia. SpiceRAT was delivered alongside SugarGh…
rat
phishing
sugargh0st
sideloading
2024-06-24
spicerat
Published: June 24, 2024
Downloadable IOCs: 6

Uncovering Espionage Operations

This comprehensive analysis delves into the intricate tactics employed by a suspected China-nexus cyber espionage actor, UNC3886. The report unveils the group's sophisticated exploitation of zero-day vulnerabilities and their deployment of rootkits like REPTILE and MEDUSA for persistent system acce…
espionage
rootkit
supply chain
zero-day
2024-06-24
CVE-2022-42475
CVE-2023-20867
CVE-2023-34048
CVE-2022-41328
CVE-2022-22948
virtualsphere
Published: June 24, 2024
Downloadable IOCs: 39
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-37228

10.0
    InstaWP Connect
  • Version(s): from n/a through 0.1.0.38
Published: June 24, 2024

CVE-2024-37091

9.9
    StylemixThemes Consulting Elementor Widgets
  • Version(s): n/a, 1.3.0
Published: June 24, 2024

CVE-2024-37109

9.9
    WishList Member X
  • Version(s): n/a, 3.25.1
Published: June 24, 2024

CVE-2024-38369

9.9
    XWiki Platform
  • Version(s): before 15.0 RC1
Published: June 24, 2024

CVE-2024-5683

9.8
    Next4Biz CRM & BPM Software
  • Version(s): 6.6.4.4, before 6.6.4.5
Published: June 24, 2024

CVE-2024-38373

9.6
    FreeRTOS-Plus-TCP
  • Version(s): 4.0.0, 4.0.1, 4.1.0
Published: June 24, 2024

CVE-2024-37089

9.0
    StylemixThemes Consulting Elementor Widgets
  • Version(s): n/a, 1.3.0
Published: June 24, 2024

CVE-2024-37107

8.8
    WishList Member X
  • Version(s): n/a, 3.25.1
Published: June 24, 2024

CVE-2024-4748

8.8
    CRUDDIY
Published: June 24, 2024

CVE-2024-37231

8.6
    Salon Booking System
  • Version(s): n/a through 9.9
Published: June 24, 2024

CVE-2024-37092

8.5
    Consulting Elementor Widgets
  • Version(s): n/a - 1.3.0
Published: June 24, 2024

CVE-2024-4499

7.6
    parisneo/lollms
  • Version(s): 9.6
Published: June 24, 2024

CVE-2024-37111

7.5
    WishList Member X
  • Version(s): n/a - 3.25.1
Published: June 24, 2024

CVE-2024-5862

7.5
    Mia Technology Inc. Mia-Med Health Aplication
  • Version(s): before 1.0.14
Published: June 24, 2024

CVE-2024-6285

7.5
    Renesas arm-trusted-firmware
Published: June 24, 2024

CVE-2024-6287

7.5
    arm-trusted-firmware
Published: June 24, 2024

CVE-2024-3121

6.8
    UNKNOWN
Published: June 24, 2024

CVE-2023-49793

6.5
    CodeChecker
  • Version(s): 6.0, 6.23
Published: June 24, 2024

CVE-2024-6279

6.3
    lahirudanushka School Management System
  • Version(s): 1.0.0, 1.0.1
Published: June 24, 2024

CVE-2024-6280

6.3
    SourceCodester Simple Online Bidding System
  • Version(s): 1.0
Published: June 24, 2024

CVE-2024-36038

6.3
    Zoho ManageEngine ITOM
  • Version(s): from 128234 to 128248
Published: June 24, 2024

CVE-2024-6104

6.0
    go-retryablehttp
  • Version(s): before 0.7.7
Published: June 24, 2024

CVE-2024-4754

5.4
    Next4Biz CRM & BPM Software
  • Version(s): 6.6.4.4, 6.6.4.5
Published: June 24, 2024

CVE-2024-3264

5.3
    Mia Technology Inc. Mia-Med Health Application
  • Version(s): before 1.0.14
Published: June 24, 2024

CVE-2024-6274

4.7
    lahirudanushka School Management System
  • Version(s): 1.0.0, 1.0.1
Published: June 24, 2024

CVE-2024-6275

4.7
    lahirudanushka School Management System
  • Version(s): 1.0.0, 1.0.1
Published: June 24, 2024

CVE-2024-6276

4.7
    lahirudanushka School Management System
  • Version(s): 1.0.0, 1.0.1
Published: June 24, 2024

CVE-2024-6277

4.7
    lahirudanushka School Management System
  • Version(s): 1.0.0, 1.0.1
Published: June 24, 2024

CVE-2024-6278

4.7
    School Management System
  • Version(s): 1.0.0, 1.0.1
Published: June 24, 2024

CVE-2024-4839

4.4
    parisneo/lollms-webui
  • Version(s): 9.6, latest
Published: June 24, 2024

CVE-2024-4460

4.3
    zenml-io/zenml
  • Version(s): 0.56.3
Published: June 24, 2024

CVE-2024-37233

4.3
    Play.Ht
  • Version(s): n/a, 3.6.4
Published: June 24, 2024

CVE-2024-39337

None
    Click Studios Passwordstate Core
  • Version(s): before 9.8 build 9858
Published: June 24, 2024

CVE-2024-4899

None
    SEOPress WordPress plugin
  • Version(s): before 7.8
Published: June 24, 2024

CVE-2024-4900

None
    SEOPress WordPress plugin
  • Version(s): before 7.8
Published: June 24, 2024

CVE-2024-24550

None
    Bludit
Published: June 24, 2024

CVE-2024-24551

None
    Bludit
Published: June 24, 2024

CVE-2024-24552

None
    Bludit
Published: June 24, 2024

CVE-2024-24553

None
    Bludit
Published: June 24, 2024

CVE-2024-24554

None
    Bludit
Published: June 24, 2024

CVE-2024-27136

None
    Apache JSPWiki
  • Version(s): 2.12.1 and prior
Published: June 24, 2024

CVE-2024-36495

None
    Faronics WINSelect
  • Version(s): Standard, Enterprise
Published: June 24, 2024

CVE-2024-36496

None
    UNKNOWN
Published: June 24, 2024

CVE-2024-36497

None
    WINSelect
Published: June 24, 2024

CVE-2024-29868

None
    Apache StreamPipes
  • Version(s): 0.69.0 - 0.93.0
Published: June 24, 2024

CVE-2024-6160

None
    MegaBIP
  • Version(s): through 5.12.1
Published: June 24, 2024

CVE-2024-32936

None
    Linux kernel
  • Version(s): UNKNOWN
Published: June 24, 2024

CVE-2024-33278

None
    ASUS RT-AX88U router
  • Version(s): v3.0.0.4.388_24198 and earlier
Published: June 24, 2024

CVE-2024-33847

None
    Linux kernel
Published: June 24, 2024

CVE-2024-34027

None
    Linux Kernel
Published: June 24, 2024

CVE-2024-34030

None
    Linux kernel
Published: June 24, 2024

CVE-2024-35247

None
    Linux kernel
Published: June 24, 2024

CVE-2024-36479

None
    Linux kernel
Published: June 24, 2024

CVE-2024-37021

None
    Linux kernel
Published: June 24, 2024

CVE-2024-37026

None
    Linux kernel
Published: June 24, 2024

CVE-2024-37825

None
    EnvisionWare Computer Access & Reservation Control SelfCheck
  • Version(s): 1.0
Published: June 24, 2024

CVE-2024-38384

None
    Linux kernel
Published: June 24, 2024

CVE-2024-38663

None
    Linux Kernel
Published: June 24, 2024

CVE-2024-38664

None
    Linux kernel
Published: June 24, 2024

CVE-2024-38667

None
    Linux kernel
Published: June 24, 2024

CVE-2024-39291

None
    Linux kernel
Published: June 24, 2024

CVE-2024-39292

None
    Linux kernel
Published: June 24, 2024

CVE-2024-33687

None
    NJ Series CPU Unit
  • Version(s): all versions
    NX Series CPU Unit
  • Version(s): all versions
Published: June 24, 2024

CVE-2024-33879

None
    VirtoSoftware Virto Bulk File Download for SharePoint 2019
  • Version(s): 5.5.44
Published: June 24, 2024

CVE-2024-33880

None
    VirtoSoftware Virto Bulk File Download
  • Version(s): 5.5.44 for SharePoint 2019
Published: June 24, 2024

CVE-2024-33881

None
    VirtoSoftware Virto Bulk File Download
  • Version(s): 5.5.44 for SharePoint 2019
Published: June 24, 2024

CVE-2021-45785

None
    TruDesk Help Desk/Ticketing Solution
  • Version(s): v1.1.11
Published: June 24, 2024

CVE-2024-37677

None
    Shenzhen Weitillage Industrial Co., Ltd the access management specialist
  • Version(s): V6.62.51215
Published: June 24, 2024

CVE-2024-37679

None
    Finnesoft
  • Version(s): 8.0 and before
Published: June 24, 2024

CVE-2024-37680

None
    FineSoft
  • Version(s): <=8.0
Published: June 24, 2024

CVE-2024-37732

None
    Anchor CMS
  • Version(s): 0.12.7
Published: June 24, 2024

CVE-2024-34312

None
    Virtual Programming Lab for Moodle
  • Version(s): up to v4.2.3
Published: June 24, 2024

CVE-2024-34313

None
    VPL Jail System
  • Version(s): up to v4.0.2
Published: June 24, 2024

CVE-2024-37678

None
    Finesoft
  • Version(s): 8.0, before 8.0
Published: June 24, 2024

CVE-2024-37681

None
    Shanxi Internet Chuangxiang Technology Co., Ltd
  • Version(s): 1.0.1
Published: June 24, 2024

CVE-2023-45196

None
    AdminerEvo
  • Version(s): 4.8.4
Published: June 24, 2024

CVE-2024-37759

None
    DataGear
  • Version(s): 5.0.0 and earlier
Published: June 24, 2024

CVE-2024-38892

None
    Wavlink WN551K1
Published: June 24, 2024

CVE-2024-38894

None
    WAVLINK WN551K1
Published: June 24, 2024

CVE-2024-38895

None
    WAVLINK WN551K1
Published: June 24, 2024

CVE-2024-38896

None
    WAVLINK WN551K1
Published: June 24, 2024

CVE-2024-38897

None
    WAVLINK WN551K1
Published: June 24, 2024

CVE-2024-38902

None
    H3C Magic R230
  • Version(s): V100R002
Published: June 24, 2024

CVE-2024-38903

None
    H3C Magic R230
  • Version(s): V100R002
Published: June 24, 2024

CVE-2023-45195

None
    AdminerEvo
  • Version(s): 4.8.4
Published: June 24, 2024

CVE-2024-33898

None
    Axiros AXESS Auto Configuration Server (ACS)
  • Version(s): 4.x, 5.0.0
Published: June 24, 2024

CVE-2024-34991

None
    PrestaShop module Axepta
  • Version(s): before 1.3.4
Published: June 24, 2024

CVE-2024-36682

None
    PrestaShop Theme settings (pk_themesettings) module
  • Version(s): <= 1.8.8
Published: June 24, 2024

CVE-2024-6290

None
    Google Chrome
  • Version(s): before 126.0.6478.126
Published: June 24, 2024

CVE-2024-6291

None
    Google Chrome
  • Version(s): before 126.0.6478.126
Published: June 24, 2024

CVE-2024-6292

None
    Google Chrome
  • Version(s): before 126.0.6478.126
Published: June 24, 2024

CVE-2024-6293

None
    Google Chrome
  • Version(s): before 126.0.6478.126
Published: June 24, 2024
Click here to see more Vulnerabilities