Tag: 2024-07-01

5 Attack Reports | 56 Vulnerabilities

Attack reports

CapraTube Remix | Android Spyware Targeting Gamers, Weapons Enthusiasts

SentinelLabs has uncovered a new campaign of Android spyware apps associated with the suspected Pakistan state-aligned Transparent Tribe threat group. The malicious apps, disguised as video browsers, gaming sites, and TikTok content, target mobile gamers, weapons enthusiasts, and individuals intere…

social engineering

Published: July 1, 2024

Downloadable IOCs: 6

Supply Chain Compromise Leads to Trojanized Installers

Rapid7 discovered that installers for Notezilla, RecentX, and Copywhiz hosted on conceptworld[.]com were trojanized to execute information-stealing malware. The malware can steal browser credentials, crypto wallet info, clipboard data, and keystrokes, as well as download additional payloads. Rapid7…

Published: July 1, 2024

Downloadable IOCs: 27

Unfurling Hemlock: Threat group uses cluster bomb campaigns

A threat actor dubbed Unfurling Hemlock has been observed distributing hundreds of thousands of malware samples in a campaign lasting several months. The malware is distributed using a 'cluster bomb' technique where each sample contains multiple stages of nested executable files, each containing ad…

mass distribution

eastern european

Published: July 1, 2024

Downloadable IOCs: 55

Appearance of Kimsuky group's new backdoor (HappyDoor)

Asec Ahnlab analyzes a new backdoor malware called HappyDoor used by the North Korean hacking group Kimsuky in recent email attacks. The malware has evolved over time and contains capabilities for information stealing and remote access. It communicates with command and control servers using encrypt…

cyber espionage

information stealing

Published: July 1, 2024

Downloadable IOCs: 16

Malware Used in Attacks Against Korean Companies

A recent analysis by ASEC discovered attacks exploiting a Korean ERP solution to distribute malware like XcLoader and Xctdoor. The attacks targeted Korean defense and manufacturing companies. The malware was propagated by compromising ERP update servers to install backdoors. Xctdoor captures system…

Published: July 1, 2024

Downloadable IOCs: 9

Click here to see more Attack Reports

Vulnerabilities

CVE-2024-6424

Published: July 1, 2024

CVE-2024-6425

Published: July 1, 2024

CVE-2024-4007

Published: July 1, 2024

CVE-2023-43554

Qualcomm FastRPC

Published: July 1, 2024

CVE-2024-21461

Published: July 1, 2024

CVE-2024-6387

Published: July 1, 2024

CVE-2024-21465

Published: July 1, 2024

CVE-2024-24749

Published: July 1, 2024

CVE-2024-21469

Published: July 1, 2024

CVE-2024-3123

Published: July 1, 2024

CVE-2024-21460

Qualcomm Snapdragon

Published: July 1, 2024

CVE-2024-21462

Published: July 1, 2024

CVE-2024-39428

Published: July 1, 2024

CVE-2024-21456

Qualcomm Wi-Fi technology

Published: July 1, 2024

CVE-2024-21457

Qualcomm Wi-Fi chipset firmware

Published: July 1, 2024

CVE-2024-21458

Qualcomm products

Published: July 1, 2024

CVE-2024-21466

Qualcomm products

Published: July 1, 2024

CVE-2024-6419

SourceCodester Medicine Tracker System

Published: July 1, 2024

CVE-2024-39427

Published: July 1, 2024

CVE-2024-39429

Published: July 1, 2024

CVE-2024-39430

Published: July 1, 2024

CVE-2024-3122

Published: July 1, 2024

CVE-2024-20076

Published: July 1, 2024

CVE-2024-20077

Published: July 1, 2024

CVE-2024-20078

venc

Published: July 1, 2024

CVE-2024-20079

gnss service

Published: July 1, 2024

CVE-2024-20080

Published: July 1, 2024

CVE-2024-20081

gnss service

Published: July 1, 2024

CVE-2024-38480

Piccoma App for Android

Piccoma App for iOS

Published: July 1, 2024

CVE-2024-4934

Quiz and Survey Master (QSM) WordPress plugin

Published: July 1, 2024

CVE-2024-6130

Form Maker by 10Web WordPress plugin

Published: July 1, 2024

CVE-2024-0153

Arm Ltd Valhall GPU Firmware

Arm Ltd Arm 5th Gen GPU Architecture Firmware

Published: July 1, 2024

CVE-2024-38987

Published: July 1, 2024

CVE-2024-38990

Published: July 1, 2024

CVE-2024-38991

akbr patch-into

Published: July 1, 2024

CVE-2024-38992

airvertco frappejs

Published: July 1, 2024

CVE-2024-38993

jsonic-next

Published: July 1, 2024

CVE-2024-38994

amoyjs amoy common

Published: July 1, 2024

CVE-2024-38996

ag-grid-community

ag-grid-enterprise

Published: July 1, 2024

CVE-2024-38997

ratio-swiper

Published: July 1, 2024

CVE-2024-38998

Published: July 1, 2024

CVE-2024-38999

Published: July 1, 2024

CVE-2024-39000

ratio-swiper

Published: July 1, 2024

CVE-2024-39001

ag-grid-enterprise

Published: July 1, 2024

CVE-2024-39002

jsonic-next

Published: July 1, 2024

CVE-2024-39003

amoyjs amoy common

Published: July 1, 2024

CVE-2024-39008

robinweser fast-loops

Published: July 1, 2024

CVE-2024-39013

2o3t-utility

Published: July 1, 2024

CVE-2024-39014

cahil/utils

Published: July 1, 2024

CVE-2024-39015

cafebazaar hod

Published: July 1, 2024

CVE-2024-39016

che3vinci c3/utils-1

Published: July 1, 2024

CVE-2024-39017

agreejs shared

Published: July 1, 2024

CVE-2024-39018

cat5th/key-serializer

Published: July 1, 2024

CVE-2024-39853

ratio-swiper

Published: July 1, 2024

CVE-2024-38953

Published: July 1, 2024

CVE-2024-6050

SOWA OPAC software

Published: July 1, 2024

Click here to see more Vulnerabilities