SecuriTricks - 2024-07-08

Attack Reports

Title	Published	Tags	Description	Number of indicators
M365 adversary-in-the-middle campaign	July 8, 2024, 7:46 p.m.	phishing credential 2024-07-08 bec m365 harvesting adversary-in-the-middle	Field Effect researchers uncovered a previously unreported campaign leveraging the Axios user agent string to facilitate business…	19
CloudSorcerer – A new APT targeting Russian government entities	July 8, 2024, 7:18 p.m.	2024-07-08 github c programming language cloudsorcerer ror14 algorithm microsoft com object	In May 2024, Kaspersky discovered a sophisticated cyberespionage tool called CloudSorcerer, targeting Russian government entities…	1
Kimsuky Group’s New Backdoor (HappyDoor)	July 8, 2024, 6:34 p.m.	powershell keylogger happydoor 2024-07-08 pebbledash alphaseed infostealing regsvr32	This report provides a detailed analysis of the HappyDoor malware, a new backdoor utilized by the Kimsuky threat group known for …	7
BlackSuit Ransomware: Insights and Defense Strategies	July 8, 2024, 10:54 a.m.	ransomware encryption data exfiltration 2024-07-08 blacksuit cybersecurity threat analysis	This report provides an in-depth analysis of the BlackSuit ransomware, a threat that has been actively targeting various sectors …	8
Exposing Attack Operations Utilizing PyPI Against Windows, Linux and macOS Platforms	July 8, 2024, 10:50 a.m.	malware apt supply chain lazarus 2024-07-08 pypi comebacker cross-platform	The report details the APT-C-26 (Lazarus) group's recent attack campaign utilizing malicious Python packages hosted on the PyPI r…	28
Turla: A Master of Deception	July 8, 2024, 10:45 a.m.	backdoor evasion powershell 2024-07-08 snake msbuild fileless uroburos	This report details a recent campaign by the Turla threat group involving malicious LNK files that deliver a fileless backdoor. T…	10

» Click here to see all Attack Reports «

Vulnerabilities

CVE	CVSS	Published	Product impacted	Tags
CVE-2023-46685	9.8	July 8, 2024, 4:15 p.m.	LevelOne WBR-6013	talos-cna@cisco.com CWE-259 2024-07-08 CVE-2023-46685
CVE-2023-47677	8.8	July 8, 2024, 4:15 p.m.	Realtek rtl819x Jungle SDK	talos-cna@cisco.com CWE-352 2024-07-08 CVE-2023-47677
CVE-2024-5711	8.1	July 8, 2024, 12:15 a.m.	GitHub	CWE-79 security@huntr.dev 2024-07-08 CVE-2024-5711
CVE-2024-39742	8.1	July 8, 2024, 2:15 p.m.	IBM MQ Operator	psirt@us.ibm.com 2024-07-08 CVE-2024-39742 CWE-187
CVE-2024-37999	7.8	July 8, 2024, 11:15 a.m.	Medicalis Workflow Orchestrator	CWE-282 productcert@siemens.com 2024-07-08 CVE-2024-37999
CVE-2024-6563	7.5	July 8, 2024, 4:15 p.m.	arm-trusted-firmware	CWE-120 cve@asrg.io 2024-07-08 CVE-2024-6563
CVE-2024-39896	7.5	July 8, 2024, 6:15 p.m.	Directus	security-advisories@github.com CWE-200 2024-07-08 CVE-2024-39896
CVE-2024-6227	7.5	July 8, 2024, 7:15 p.m.	aimhubio/aim	CWE-400 security@huntr.dev 2024-07-08 CVE-2024-6227
CVE-2024-5971	7.5	July 8, 2024, 9:15 p.m.	Undertow	secalert@redhat.com CWE-674 2024-07-08 CVE-2024-5971
CVE-2024-4341	7.2	July 8, 2024, 2:15 p.m.	Extreme XDS	CWE-269 iletisim@usom.gov.tr 2024-07-08 CVE-2024-4341
CVE-2023-34435	7.2	July 8, 2024, 4:15 p.m.	Realtek rtl819x Jungle SDK	talos-cna@cisco.com CWE-347 2024-07-08 CVE-2023-34435
CVE-2023-41251	7.2	July 8, 2024, 4:15 p.m.	Realtek rtl819x Jungle SDK	talos-cna@cisco.com CWE-121 2024-07-08 CVE-2023-41251
CVE-2023-45215	7.2	July 8, 2024, 4:15 p.m.	Realtek rtl819x Jungle SDK	talos-cna@cisco.com CWE-121 2024-07-08 CVE-2023-45215
CVE-2023-45742	7.2	July 8, 2024, 4:15 p.m.	Realtek rtl819x Jungle SDK	talos-cna@cisco.com CWE-190 2024-07-08 CVE-2023-45742
CVE-2023-47856	7.2	July 8, 2024, 4:15 p.m.	Realtek rtl819x Jungle SDK	talos-cna@cisco.com CWE-121 2024-07-08 CVE-2023-47856
CVE-2023-48270	7.2	July 8, 2024, 4:15 p.m.	Realtek rtl819x Jungle SDK	talos-cna@cisco.com CWE-121 2024-07-08 CVE-2023-48270
CVE-2023-49073	7.2	July 8, 2024, 4:15 p.m.	Realtek rtl819x Jungle SDK	talos-cna@cisco.com CWE-121 2024-07-08 CVE-2023-49073
CVE-2023-49593	7.2	July 8, 2024, 4:15 p.m.	LevelOne WBR-6013 Router	talos-cna@cisco.com CWE-489 2024-07-08 CVE-2023-49593
CVE-2023-49595	7.2	July 8, 2024, 4:15 p.m.	Realtek rtl819x Jungle SDK	talos-cna@cisco.com CWE-121 2024-07-08 CVE-2023-49595
CVE-2023-49867	7.2	July 8, 2024, 4:15 p.m.	Realtek rtl819x Jungle SDK	talos-cna@cisco.com CWE-121 2024-07-08 CVE-2023-49867
CVE-2023-50239	7.2	July 8, 2024, 4:15 p.m.	Realtek rtl819x Jungle SDK	talos-cna@cisco.com CWE-121 2024-07-08 CVE-2023-50239
CVE-2023-50240	7.2	July 8, 2024, 4:15 p.m.	Realtek rtl819x Jungle SDK	talos-cna@cisco.com CWE-121 2024-07-08 CVE-2023-50240
CVE-2023-50243	7.2	July 8, 2024, 4:15 p.m.	Realtek rtl819x Jungle SDK	talos-cna@cisco.com CWE-121 2024-07-08 CVE-2023-50243
CVE-2023-50244	7.2	July 8, 2024, 4:15 p.m.	Realtek rtl819x Jungle SDK	talos-cna@cisco.com CWE-121 2024-07-08 CVE-2023-50244
CVE-2023-50330	7.2	July 8, 2024, 4:15 p.m.	Realtek rtl819x Jungle SDK	talos-cna@cisco.com CWE-121 2024-07-08 CVE-2023-50330
CVE-2023-50381	7.2	July 8, 2024, 4:15 p.m.	Realtek rtl819x Jungle SDK	talos-cna@cisco.com CWE-78 2024-07-08 CVE-2023-50381
CVE-2023-50382	7.2	July 8, 2024, 4:15 p.m.	Realtek rtl819x Jungle SDK	talos-cna@cisco.com CWE-78 2024-07-08 CVE-2023-50382
CVE-2023-50383	7.2	July 8, 2024, 4:15 p.m.	Realtek rtl819x Jungle SDK	talos-cna@cisco.com CWE-78 2024-07-08 CVE-2023-50383
CVE-2024-21778	7.2	July 8, 2024, 4:15 p.m.	Realtek rtl819x Jungle SDK	talos-cna@cisco.com CWE-122 2024-07-08 CVE-2024-21778
CVE-2024-38330	7.0	July 8, 2024, 2:15 a.m.	IBM System Management for i	psirt@us.ibm.com CWE-427 2024-07-08 CVE-2024-38330
CVE-2024-6409	7.0	July 8, 2024, 6:15 p.m.	OpenSSH	secalert@redhat.com CWE-364 2024-07-08 CVE-2024-6409
CVE-2024-39308	6.8	July 8, 2024, 3:15 p.m.	RailsAdmin	security-advisories@github.com CWE-79 2024-07-08 CVE-2024-39308
CVE-2024-6564	6.7	July 8, 2024, 4:15 p.m.	UNKNOWN	CWE-120 cve@asrg.io 2024-07-08 CVE-2024-6564
CVE-2024-39895	6.5	July 8, 2024, 5:15 p.m.	Directus	security-advisories@github.com CWE-400 2024-07-08 CVE-2024-39895
CVE-2024-39701	6.3	July 8, 2024, 5:15 p.m.	Directus	CWE-284 security-advisories@github.com 2024-07-08 CVE-2024-39701
CVE-2024-39743	5.9	July 8, 2024, 2:15 p.m.	IBM MQ Operator	psirt@us.ibm.com 2024-07-08 CWE-187 CVE-2024-39743
CVE-2024-25639	5.9	July 8, 2024, 3:15 p.m.	Khoj Obsidian	security-advisories@github.com CWE-80 2024-07-08 CVE-2024-25639
CVE-2024-39677	5.9	July 8, 2024, 3:15 p.m.	NHibernate	security-advisories@github.com CWE-89 2024-07-08 CVE-2024-39677
CVE-2024-6163	5.3	July 8, 2024, 1:15 p.m.	Checkmk	CWE-290 security@checkmk.com 2024-07-08 CVE-2024-6163
CVE-2024-23562	5.3	July 8, 2024, 4:15 p.m.	HCL Domino	psirt@hcl.com 2024-07-08 CVE-2024-23562
CVE-2024-39695	5.3	July 8, 2024, 4:15 p.m.	Exiv2	security-advisories@github.com CWE-125 2024-07-08 CVE-2024-39695
CVE-2024-34702	5.3	July 8, 2024, 5:15 p.m.	Botan	security-advisories@github.com CWE-405 2024-07-08 CVE-2024-34702
CVE-2024-39312	5.3	July 8, 2024, 5:15 p.m.	Botan	security-advisories@github.com CWE-295 2024-07-08 CVE-2024-39312
CVE-2024-3653	5.3	July 8, 2024, 10:15 p.m.	Undertow	secalert@redhat.com CWE-401 2024-07-08 CVE-2024-3653
CVE-2024-39699	5.0	July 8, 2024, 4:15 p.m.	Directus	security-advisories@github.com CWE-918 2024-07-08 CVE-2024-39699
CVE-2024-37528	4.8	July 8, 2024, 3:15 a.m.	IBM Cloud Pak for Business Automation	CWE-79 psirt@us.ibm.com 2024-07-08 CVE-2024-37528
CVE-2024-39723	4.6	July 8, 2024, 1:15 a.m.	IBM FlashSystem 5300	psirt@us.ibm.com 2024-07-08 CVE-2024-39723 CWE-1299
CVE-2024-37389	4.6	July 8, 2024, 8:15 a.m.	Apache NiFi	CWE-79 security@apache.org 2024-07-08 CVE-2024-37389
CVE-2024-31897	4.3	July 8, 2024, 3:15 a.m.	IBM Cloud Pak for Business Automation	psirt@us.ibm.com CWE-918 2024-07-08 CVE-2024-31897
CVE-2024-34603	4.0	July 8, 2024, 7:15 a.m.	Samsung Message	mobile.security@samsung.com 2024-07-08 CVE-2024-34603
CVE-2024-34602	3.3	July 8, 2024, 7:15 a.m.	Samsung Messages	mobile.security@samsung.com 2024-07-08 CVE-2024-34602
CVE-2024-38372	2.0	July 8, 2024, 9:15 p.m.	Undici	security-advisories@github.com CWE-201 2024-07-08 CVE-2024-38372
CVE-2024-24974	None	July 8, 2024, 11:15 a.m.	OpenVPN	2024-07-08 CVE-2024-24974 security@openvpn.net CWE-923
CVE-2024-27459	None	July 8, 2024, 11:15 a.m.	OpenVPN	CWE-121 2024-07-08 security@openvpn.net CVE-2024-27459
CVE-2024-27903	None	July 8, 2024, 11:15 a.m.	OpenVPN	2024-07-08 security@openvpn.net CVE-2024-27903 CWE-283
CVE-2024-31504	None	July 8, 2024, 4:15 p.m.	freemodbus	cve@mitre.org 2024-07-08 CVE-2024-31504
CVE-2024-39202	None	July 8, 2024, 4:15 p.m.	D-Link DIR-823X firmware	cve@mitre.org 2024-07-08 CVE-2024-39202
CVE-2024-39203	None	July 8, 2024, 4:15 p.m.	Z-BlogPHP	cve@mitre.org 2024-07-08 CVE-2024-39203
CVE-2024-1305	None	July 8, 2024, 6:15 p.m.	OpenVPN	CWE-190 2024-07-08 security@openvpn.net CVE-2024-1305
CVE-2024-4882	None	July 8, 2024, 6:15 p.m.	Sitefinity	CWE-601 security@progress.com 2024-07-08 CVE-2024-4882
CVE-2024-6580	None	July 8, 2024, 7:15 p.m.	/n software IPWorks SSH library SFTPServer component	9119a7d8-5eab-497f-8521-727c672e3725 CWE-1390 2024-07-08 CVE-2024-6580
CVE-2024-28882	None	July 8, 2024, 10:15 p.m.	OpenVPN	2024-07-08 security@openvpn.net CVE-2024-28882 CWE-772

» Click here to see all Vulnerabilities «

Tag : 2024-07-08