SecuriTricks - 2024-06-26

Title	Published	Tags	Description	Number of indicators
Chamelgang & Friends \| Cyberespionage Groups Attacking Critical Infrastructure with Ransomware	June 26, 2024, 5:32 p.m.	ransomware cobalt strike icedid bitlocker 2024-06-26 china chopper wiper conti chamelgang bestcrypt beaconloader silver sparrow	In collaboration with Recorded Future, SentinelLabs has been tracking two distinct activity clusters targeting government and cri…	8
Attackers Exploiting Public Cobalt Strike Profiles	June 26, 2024, 5:26 p.m.	evasion cobalt strike malicious 2024-06-26 profiles samples	This report discusses recent findings of malicious Cobalt Strike infrastructure and malicious Cobalt Strike samples that leverage…	6
A New Compact Variant Discovered	June 26, 2024, 8:23 a.m.	android trojan fraud medusa 2024-06-26 tanglebot	Security researchers at Cleafy Labs detected a resurgence of the Medusa banking trojan, which targets Android devices for on-devi…	50
Armageddon is more than a Grammy-nominated album	June 26, 2024, 8:18 a.m.	russia ukraine geopolitics 2024-06-26	This report details a Russia-linked threat actor targeting Ukraine, employing various obfuscation techniques. The malicious activ…	102

Vulnerabilities

CVE	CVSS	Published	Product impacted	Tags
CVE-2024-1839	10.0	June 26, 2024, 9:15 p.m.	Intrado 911 Emergency Gateway	CWE-89 9119a7d8-5eab-497f-8521-727c672e3725 2024-06-26 CVE-2024-1839
CVE-2024-5181	9.8	June 26, 2024, 3:15 a.m.	mudler/localai	CWE-78 security@huntr.dev 2024-06-26 CVE-2024-5181
CVE-2024-4228	9.8	June 26, 2024, 3:15 p.m.	Magarsus Consultancy SSO (Single Sign On)	CWE-89 iletisim@usom.gov.tr 2024-06-26 CVE-2024-4228
CVE-2024-37252	9.3	June 26, 2024, 11:15 a.m.	Icegram Email Subscribers & Newsletters	audit@patchstack.com CWE-89 2024-06-26 CVE-2024-37252
CVE-2024-29176	8.8	June 26, 2024, 3:15 a.m.	Dell PowerProtect DD	security_alert@emc.com 2024-06-26 CVE-2024-29176 CWE-788
CVE-2024-37140	8.8	June 26, 2024, 4:15 a.m.	Dell PowerProtect DD	security_alert@emc.com CWE-78 2024-06-26 CVE-2024-37140
CVE-2024-5460	8.1	June 26, 2024, 12:15 a.m.	Brocade Fabric OS	CWE-798 sirt@brocade.com 2024-06-26 CVE-2024-5460
CVE-2024-38520	7.5	June 26, 2024, 7:15 p.m.	SoftEtherVPN	security-advisories@github.com CWE-400 2024-06-26 CVE-2024-38520
CVE-2024-38526	7.2	June 26, 2024, 12:15 a.m.	pdoc	security-advisories@github.com 2024-06-26 CVE-2024-38526
CVE-2024-4869	7.2	June 26, 2024, 12:15 a.m.	WP Cookie Consent plugin for WordPress	security@wordfence.com 2024-06-26 CVE-2024-4869
CVE-2024-29173	6.8	June 26, 2024, 3:15 a.m.	Dell PowerProtect DD	security_alert@emc.com CWE-918 2024-06-26 CVE-2024-29173
CVE-2024-37139	6.5	June 26, 2024, 4:15 a.m.	Dell PowerProtect DD	security_alert@emc.com 2024-06-26 CVE-2024-37139 CWE-664
CVE-2024-37247	6.5	June 26, 2024, 10:15 p.m.	jQuery T(-) Countdown Widget	CWE-79 audit@patchstack.com 2024-06-26 CVE-2024-37247
CVE-2024-37248	6.5	June 26, 2024, 10:15 p.m.	Anima	CWE-79 audit@patchstack.com 2024-06-26 CVE-2024-37248
CVE-2024-5173	6.4	June 26, 2024, 2:15 a.m.	HT Mega - Absolute Addons For Elementor plugin for WordPress	security@wordfence.com 2024-06-26 CVE-2024-5173
CVE-2024-5332	6.4	June 26, 2024, 6:15 a.m.	Exclusive Addons for Elementor plugin for WordPress	security@wordfence.com 2024-06-26 CVE-2024-5332
CVE-2024-5215	6.4	June 26, 2024, 7:15 a.m.	HT Mega - Absolute Addons For Elementor plugin for WordPress	security@wordfence.com 2024-06-26 CVE-2024-5215
CVE-2024-21520	6.1	June 26, 2024, 5:15 a.m.	djangorestframework	CWE-79 report@snyk.io 2024-06-26 CVE-2024-21520
CVE-2024-4604	6.1	June 26, 2024, 3:15 p.m.	Magarsus Consultancy SSO	CWE-601 iletisim@usom.gov.tr 2024-06-26 CVE-2024-4604
CVE-2024-29954	5.9	June 26, 2024, 12:15 a.m.	Brocade Fabric OS	CWE-312 sirt@brocade.com 2024-06-26 CVE-2024-29954
CVE-2024-28973	5.9	June 26, 2024, 3:15 a.m.	Dell PowerProtect DD	security_alert@emc.com CWE-79 2024-06-26 CVE-2024-28973
CVE-2024-29175	5.9	June 26, 2024, 3:15 a.m.	Dell PowerProtect Data Domain	security_alert@emc.com CWE-327 2024-06-26 CVE-2024-29175
CVE-2024-4105	5.8	June 26, 2024, 6:15 a.m.	FAST/TOOLS	CWE-79 7168b535-132a-4efe-a076-338f829b2eb9 2024-06-26 CVE-2024-4105
CVE-2024-38527	5.4	June 26, 2024, 8:15 p.m.	ZenUML	security-advisories@github.com CWE-79 2024-06-26 CVE-2024-38527
CVE-2024-4106	5.3	June 26, 2024, 6:15 a.m.	FAST/TOOLS	7168b535-132a-4efe-a076-338f829b2eb9 2024-06-26 CVE-2024-4106 CWE-258
CVE-2024-38375	5.3	June 26, 2024, 7:15 p.m.	@fastly/js-compute	security-advisories@github.com CWE-416 2024-06-26 CVE-2024-38375
CVE-2024-29174	4.4	June 26, 2024, 3:15 a.m.	Dell Data Domain	security_alert@emc.com CWE-89 2024-06-26 CVE-2024-29174
CVE-2024-37098	4.4	June 26, 2024, 11:15 a.m.	BlossomThemes Email Newsletter	audit@patchstack.com CWE-918 2024-06-26 CVE-2024-37098
CVE-2024-29953	4.3	June 26, 2024, 12:15 a.m.	Brocade Fabric OS	sirt@brocade.com CWE-922 2024-06-26 CVE-2024-29953
CVE-2024-6355	4.3	June 26, 2024, 9:15 p.m.	Genexis Tilgin Fiber Home Gateway HG1522	CWE-79 cna@vuldb.com 2024-06-26 CVE-2024-6355
CVE-2024-37138	4.1	June 26, 2024, 4:15 a.m.	Dell PowerProtect DD	security_alert@emc.com CWE-23 2024-06-26 CVE-2024-37138
CVE-2024-24764	3.5	June 26, 2024, 1:15 a.m.	October CMS	security-advisories@github.com CWE-601 2024-06-26 CVE-2024-24764
CVE-2024-37141	3.5	June 26, 2024, 4:15 a.m.	Dell PowerProtect DD	security_alert@emc.com CWE-601 2024-06-26 CVE-2024-37141
CVE-2024-25637	3.1	June 26, 2024, 4:15 p.m.	October CMS	security-advisories@github.com CWE-79 2024-06-26 CVE-2024-25637
CVE-2024-29177	2.7	June 26, 2024, 3:15 a.m.	Dell PowerProtect DD	security_alert@emc.com CWE-532 2024-06-26 CVE-2024-29177
CVE-2024-28830	2.7	June 26, 2024, 8:15 a.m.	Checkmk	CWE-532 security@checkmk.com 2024-06-26 CVE-2024-28830
CVE-2024-38364	2.6	June 26, 2024, 12:15 a.m.	DSpace	security-advisories@github.com CWE-79 2024-06-26 CVE-2024-38364
CVE-2024-6344	2.4	June 26, 2024, 11:15 a.m.	ZKTeco ZKBio CVSecurity V5000	CWE-79 cna@vuldb.com 2024-06-26 CVE-2024-6344
CVE-2024-27867	None	June 26, 2024, 4:15 a.m.	AirPods	product-security@apple.com 2024-06-26 CVE-2024-27867
CVE-2024-34580	None	June 26, 2024, 5:15 a.m.	Apache XML Security for C++	cve@mitre.org 2024-06-26 CVE-2024-34580
CVE-2024-34581	None	June 26, 2024, 5:15 a.m.	W3C XML Signature Syntax and Processing (XMLDsig) specification	cve@mitre.org 2024-06-26 CVE-2024-34581
CVE-2024-36802	None	June 26, 2024, 6:15 a.m.	UNKNOWN	cve@mitre.org 2024-06-26 CVE-2024-36802
CVE-2024-3633	None	June 26, 2024, 6:15 a.m.	WebP & SVG Support WordPress plugin	contact@wpscan.com 2024-06-26 CVE-2024-3633
CVE-2024-4758	None	June 26, 2024, 6:15 a.m.	Muslim Prayer Time BD WordPress plugin	contact@wpscan.com 2024-06-26 CVE-2024-4758
CVE-2024-4957	None	June 26, 2024, 6:15 a.m.	Frontend Checklist WordPress plugin	contact@wpscan.com 2024-06-26 CVE-2024-4957
CVE-2024-4959	None	June 26, 2024, 6:15 a.m.	Frontend Checklist WordPress plugin	contact@wpscan.com 2024-06-26 CVE-2024-4959
CVE-2024-5071	None	June 26, 2024, 6:15 a.m.	Bookster WordPress plugin	contact@wpscan.com 2024-06-26 CVE-2024-5071
CVE-2024-5169	None	June 26, 2024, 6:15 a.m.	Video Widget WordPress plugin	contact@wpscan.com 2024-06-26 CVE-2024-5169
CVE-2024-5199	None	June 26, 2024, 6:15 a.m.	Spotify Play Button WordPress plugin	contact@wpscan.com 2024-06-26 CVE-2024-5199
CVE-2024-5473	None	June 26, 2024, 6:15 a.m.	Simple Photoswipe WordPress plugin	contact@wpscan.com 2024-06-26 CVE-2024-5473
CVE-2024-5573	None	June 26, 2024, 6:15 a.m.	Easy Table of Contents WordPress plugin	contact@wpscan.com 2024-06-26 CVE-2024-5573
CVE-2024-6349	None	June 26, 2024, 3:15 p.m.	UNKNOWN	security@huntr.dev 2024-06-26 CVE-2024-6349
CVE-2024-38271	None	June 26, 2024, 4:15 p.m.	Quickshare/Nearby	cve-coordination@google.com CWE-404 2024-06-26 CVE-2024-38271
CVE-2024-38272	None	June 26, 2024, 4:15 p.m.	Quickshare	cve-coordination@google.com CWE-294 2024-06-26 CVE-2024-38272
CVE-2024-39458	None	June 26, 2024, 5:15 p.m.	Jenkins Structs Plugin	jenkinsci-cert@googlegroups.com 2024-06-26 CVE-2024-39458
CVE-2024-39459	None	June 26, 2024, 5:15 p.m.	Jenkins Plain Credentials Plugin	jenkinsci-cert@googlegroups.com 2024-06-26 CVE-2024-39459
CVE-2024-39460	None	June 26, 2024, 5:15 p.m.	Jenkins Bitbucket Branch Source Plugin	jenkinsci-cert@googlegroups.com 2024-06-26 CVE-2024-39460
CVE-2024-6354	None	June 26, 2024, 5:15 p.m.	Devolutions Remote Desktop Manager	security@devolutions.net 2024-06-26 CVE-2024-6354
CVE-2024-35545	None	June 26, 2024, 6:15 p.m.	MAP-OS	cve@mitre.org 2024-06-26 CVE-2024-35545
CVE-2024-33326	None	June 26, 2024, 7:15 p.m.	Lumisxp	cve@mitre.org 2024-06-26 CVE-2024-33326
CVE-2024-33327	None	June 26, 2024, 7:15 p.m.	Lumisxp	cve@mitre.org 2024-06-26 CVE-2024-33327
CVE-2024-33328	None	June 26, 2024, 7:15 p.m.	Lumisxp	cve@mitre.org 2024-06-26 CVE-2024-33328
CVE-2024-33329	None	June 26, 2024, 7:15 p.m.	Lumisxp	cve@mitre.org 2024-06-26 CVE-2024-33329
CVE-2023-26877	None	June 26, 2024, 8:15 p.m.	Softexpert Excellence Suite	cve@mitre.org 2024-06-26 CVE-2023-26877
CVE-2024-38949	None	June 26, 2024, 8:15 p.m.	Libde265	cve@mitre.org 2024-06-26 CVE-2024-38949
CVE-2024-38950	None	June 26, 2024, 8:15 p.m.	Libde265	cve@mitre.org 2024-06-26 CVE-2024-38950
CVE-2024-39241	None	June 26, 2024, 8:15 p.m.	skycaiji	cve@mitre.org 2024-06-26 CVE-2024-39241
CVE-2024-39242	None	June 26, 2024, 8:15 p.m.	skycaiji	cve@mitre.org 2024-06-26 CVE-2024-39242
CVE-2024-39243	None	June 26, 2024, 8:15 p.m.	skycaiji	cve@mitre.org 2024-06-26 CVE-2024-39243
CVE-2024-23765	None	June 26, 2024, 9:15 p.m.	HMS Anybus X-Gateway AB7832-F	cve@mitre.org 2024-06-26 CVE-2024-23765
CVE-2024-23766	None	June 26, 2024, 9:15 p.m.	HMS Anybus X-Gateway AB7832-F	cve@mitre.org 2024-06-26 CVE-2024-23766
CVE-2024-23767	None	June 26, 2024, 9:15 p.m.		cve@mitre.org 2024-06-26 CVE-2024-23767
CVE-2024-36829	None	June 26, 2024, 9:15 p.m.	Teldat M1	cve@mitre.org 2024-06-26 CVE-2024-36829
CVE-2024-37571	None	June 26, 2024, 10:15 p.m.	SAS Broker	cve@mitre.org 2024-06-26 CVE-2024-37571
CVE-2024-37734	None	June 26, 2024, 10:15 p.m.	OpenEMR	cve@mitre.org 2024-06-26 CVE-2024-37734

» Click here to see all Vulnerabilities «

Tag : 2024-06-26

Attack Reports

Vulnerabilities