Tag: 2024-07-01

5 Attack Reports | 56 Vulnerabilities

Attack reports

CapraTube Remix | Android Spyware Targeting Gamers, Weapons Enthusiasts

SentinelLabs has uncovered a new campaign of Android spyware apps associated with the suspected Pakistan state-aligned Transparent Tribe threat group. The malicious apps, disguised as video browsers, gaming sites, and TikTok content, target mobile gamers, weapons enthusiasts, and individuals intere…
social engineering
android
pakistan
spyware
2024-07-01
caprarat
Published: July 1, 2024
Downloadable IOCs: 6

Supply Chain Compromise Leads to Trojanized Installers

Rapid7 discovered that installers for Notezilla, RecentX, and Copywhiz hosted on conceptworld[.]com were trojanized to execute information-stealing malware. The malware can steal browser credentials, crypto wallet info, clipboard data, and keystrokes, as well as download additional payloads. Rapid7…
supply-chain
2024-07-01
notezilla
copywhiz
recentx
Published: July 1, 2024
Downloadable IOCs: 27

Unfurling Hemlock: Threat group uses cluster bomb campaigns

A threat actor dubbed Unfurling Hemlock has been observed distributing hundreds of thousands of malware samples in a campaign lasting several months. The malware is distributed using a 'cluster bomb' technique where each sample contains multiple stages of nested executable files, each containing ad…
amadey
redline
smokeloader
2024-07-01
risepro
mystic stealer
cluster bomb
mass distribution
eastern european
stealers
Published: July 1, 2024
Downloadable IOCs: 55

Appearance of Kimsuky group's new backdoor (HappyDoor)

Asec Ahnlab analyzes a new backdoor malware called HappyDoor used by the North Korean hacking group Kimsuky in recent email attacks. The malware has evolved over time and contains capabilities for information stealing and remote access. It communicates with command and control servers using encrypt…
backdoor
north korea
kimsuky
cyber espionage
2024-07-01
appleseed
information stealing
happydoor
Published: July 1, 2024
Downloadable IOCs: 16

Malware Used in Attacks Against Korean Companies

A recent analysis by ASEC discovered attacks exploiting a Korean ERP solution to distribute malware like XcLoader and Xctdoor. The attacks targeted Korean defense and manufacturing companies. The malware was propagated by compromising ERP update servers to install backdoors. Xctdoor captures system…
korea
2024-07-01
lazarus
andariel
xctdoor
xcloader
hotcroissant
Published: July 1, 2024
Downloadable IOCs: 9
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-6424

9.3
    MESbook
  • Version(s): 20221021.03
Published: July 1, 2024

CVE-2024-6425

9.1
    MESbook
  • Version(s): 20221021.03
Published: July 1, 2024

CVE-2024-4007

8.8
    UNKNOWN
Published: July 1, 2024

CVE-2023-43554

8.4
    Qualcomm FastRPC
Published: July 1, 2024

CVE-2024-21461

8.4
    UNKNOWN
Published: July 1, 2024

CVE-2024-6387

8.1
    OpenSSH
  • Version(s): all versions
Published: July 1, 2024

CVE-2024-21465

7.8
    UNKNOWN
Published: July 1, 2024

CVE-2024-24749

7.5
    GeoServer
  • Version(s): 2.23.5, 2.24.3
Published: July 1, 2024

CVE-2024-21469

7.3
    UNKNOWN
Published: July 1, 2024

CVE-2024-3123

7.2
    UNKNOWN
Published: July 1, 2024

CVE-2024-21460

7.1
    Qualcomm Snapdragon
Published: July 1, 2024

CVE-2024-21462

7.1
    UNKNOWN
Published: July 1, 2024

CVE-2024-39428

6.8
    UNKNOWN
Published: July 1, 2024

CVE-2024-21456

6.5
    Qualcomm Wi-Fi technology
Published: July 1, 2024

CVE-2024-21457

6.5
    Qualcomm Wi-Fi chipset firmware
Published: July 1, 2024

CVE-2024-21458

6.5
    Qualcomm products
Published: July 1, 2024

CVE-2024-21466

6.5
    Qualcomm products
Published: July 1, 2024

CVE-2024-6419

6.3
    SourceCodester Medicine Tracker System
  • Version(s): 1.0
Published: July 1, 2024

CVE-2024-39427

5.1
    UNKNOWN
Published: July 1, 2024

CVE-2024-39429

5.1
    UNKNOWN
Published: July 1, 2024

CVE-2024-39430

5.1
    UNKNOWN
Published: July 1, 2024

CVE-2024-3122

4.9
    UNKNOWN
Published: July 1, 2024

CVE-2024-20076

None
    Modem
Published: July 1, 2024

CVE-2024-20077

None
    Modem
Published: July 1, 2024

CVE-2024-20078

None
    venc
Published: July 1, 2024

CVE-2024-20079

None
    gnss service
Published: July 1, 2024

CVE-2024-20080

None
    UNKNOWN
Published: July 1, 2024

CVE-2024-20081

None
    gnss service
Published: July 1, 2024

CVE-2024-38480

None
    Piccoma App for Android
  • Version(s): before 6.20.0
    Piccoma App for iOS
  • Version(s): before 6.20.0
Published: July 1, 2024

CVE-2024-4934

None
    Quiz and Survey Master (QSM) WordPress plugin
  • Version(s): before 9.0.2
Published: July 1, 2024

CVE-2024-6130

None
    Form Maker by 10Web WordPress plugin
  • Version(s): before 1.15.26
Published: July 1, 2024

CVE-2024-0153

None
    Arm Ltd Valhall GPU Firmware
  • Version(s): r29p0 - r46p0
    Arm Ltd Arm 5th Gen GPU Architecture Firmware
  • Version(s): r41p0 - r46p0
Published: July 1, 2024

CVE-2024-38987

None
    cli-lib
  • Version(s): 3.14.0
Published: July 1, 2024

CVE-2024-38990

None
    sp-common
  • Version(s): 0.5.4
Published: July 1, 2024

CVE-2024-38991

None
    akbr patch-into
  • Version(s): 1.0.1
Published: July 1, 2024

CVE-2024-38992

None
    airvertco frappejs
  • Version(s): 0.0.11
Published: July 1, 2024

CVE-2024-38993

None
    jsonic-next
  • Version(s): 2.12.1
Published: July 1, 2024

CVE-2024-38994

None
    amoyjs amoy common
  • Version(s): 1.0.10
Published: July 1, 2024

CVE-2024-38996

None
    ag-grid-community
  • Version(s): 31.3.2
    ag-grid-enterprise
  • Version(s): 31.3.2
Published: July 1, 2024

CVE-2024-38997

None
    ratio-swiper
  • Version(s): 0.0.2
Published: July 1, 2024

CVE-2024-38998

None
    requirejs
  • Version(s): 2.3.6
Published: July 1, 2024

CVE-2024-38999

None
    requirejs
  • Version(s): 2.3.6
Published: July 1, 2024

CVE-2024-39000

None
    ratio-swiper
  • Version(s): 0.0.2
Published: July 1, 2024

CVE-2024-39001

None
    ag-grid-enterprise
  • Version(s): 31.3.2
Published: July 1, 2024

CVE-2024-39002

None
    jsonic-next
  • Version(s): 2.12.1
Published: July 1, 2024

CVE-2024-39003

None
    amoyjs amoy common
  • Version(s): 1.0.10
Published: July 1, 2024

CVE-2024-39008

None
    robinweser fast-loops
  • Version(s): 1.1.3
Published: July 1, 2024

CVE-2024-39013

None
    2o3t-utility
  • Version(s): v0.1.2
Published: July 1, 2024

CVE-2024-39014

None
    cahil/utils
  • Version(s): 2.3.2
Published: July 1, 2024

CVE-2024-39015

None
    cafebazaar hod
  • Version(s): 0.4.14
Published: July 1, 2024

CVE-2024-39016

None
    che3vinci c3/utils-1
  • Version(s): 1.0.131
Published: July 1, 2024

CVE-2024-39017

None
    agreejs shared
  • Version(s): 0.0.1
Published: July 1, 2024

CVE-2024-39018

None
    cat5th/key-serializer
  • Version(s): 0.2.5
Published: July 1, 2024

CVE-2024-39853

None
    ratio-swiper
  • Version(s): 0.0.2
Published: July 1, 2024

CVE-2024-38953

None
    phpok
  • Version(s): 6.4.003
Published: July 1, 2024

CVE-2024-6050

None
    SOWA OPAC software
  • Version(s): 4.0 before 4.9.10, 5.0 before 6.2.12
Published: July 1, 2024
Click here to see more Vulnerabilities