Tag: 2024-07-11

6 Attack Reports | 36 Vulnerabilities

Attack reports

CVE-2024-4577 Exploits in the Wild One Day After Disclosure

One of the most recent examples of this onslaught lies in a critical vulnerability discovered in PHP (versions 8.1.*, before 8.1.29, 8.2.* before 8.2.20, and 8.3.* before 8.3.8). The vulnerability is caused by the way PHP and CGI handlers parse certain Unicode characters, which can enable an attack…
rat
xmrig
vulnerability
cryptominer
gh0st rat
muhstik
CVE-2024-4577
2024-07-11
redtail
php injection
Published: July 11, 2024
Downloadable IOCs: 17

Increase In The Exploitation Of Microsoft SmartScreen Vulnerability CVE-2024-21412

Cyble analyzes an ongoing campaign exploiting a Microsoft SmartScreen vulnerability to deliver stealers through spam emails. The campaign employs lures related to healthcare, transportation, and tax notices to trick users into downloading malicious payloads. It utilizes techniques like DLL sideload…
phishing
vulnerability
stealer
CVE-2024-21412
spam
malicious
2024-07-11
lumma
meduza stealer
Published: July 11, 2024
Downloadable IOCs: 12

Ransomware: Activity Levels Remain High Despite Disruption

While overall activity levels dipped slightly in the first quarter of 2024, the number of claimed attacks remained high, with LockBit accounting for over 20%. The report explores the changing tactics employed by ransomware actors, including the exploitation of vulnerabilities, the use of Bring-Your…
ransomware
lockbit
vulnerability
blackcat
alphv
encryption
phobos
cyclops blink
CVE-2024-4577
noberus
tellyouthepass
blacksuit
2024-07-11
akira
warp av killer
qilin
disruption
Published: July 11, 2024
Linked vulnerabilities : CVE-2024-4577 (CVSS 9.8)
Downloadable IOCs: 27

DodgeBox: A deep dive into the updated arsenal of APT41

This blog post provides an in-depth technical analysis of a newly discovered malware loader called DodgeBox, which is attributed to the China-based advanced persistent threat (APT) actor APT41. DodgeBox incorporates various evasion techniques such as call stack spoofing, DLL sideloading, DLL hollow…
loader
evasion
china
2024-07-11
stealthvector
moonwalk
nationstate
dodgebox
Published: July 11, 2024
Downloadable IOCs: 1

DarkGate: Dancing the Samba With Alluring Excel Files

This analysis delves into a DarkGate malware campaign from March-April 2024 that exploits Microsoft Excel files to retrieve malicious payloads hosted on public-facing SMB file shares. It sheds light on the evolving tactics of this threat, which creatively abuses legitimate tools and services for di…
anti-analysis
autohotkey
darkgate
excel
sideloading
2024-07-11
Published: July 11, 2024
Linked vulnerabilities : CVE-2024-3400
Downloadable IOCs: 37

FIN7: Silent Push unearths 4000+ phishing and shell domains

Silent Push threat analysts have uncovered an extensive series of campaigns linked to the FIN7 cybercrime group, including several hundred active phishing, spoofing, shell and malware delivery domains and IPs targeting various organizations. The campaigns utilize over 4000 domains and subdomains, w…
phishing
eugenloader
2024-07-11
carbanak
spoofing
anunak
gracewire
Published: July 11, 2024
Downloadable IOCs: 94
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-6397

9.8
    InstaWP Connect - 1-click WP Staging & Migration plugin for WordPress
Published: July 11, 2024

CVE-2024-6624

9.8
    JSON API User plugin for WordPress
Published: July 11, 2024

CVE-2024-6407

9.8
    UNKNOWN
Published: July 11, 2024

CVE-2024-6385

9.6
    GitLab
Published: July 11, 2024

CVE-2024-6035

9.3
    gaizhenbiao/chuanhuchatgpt
Published: July 11, 2024

CVE-2024-6666

8.8
    WP ERP plugin
Published: July 11, 2024

CVE-2024-22280

8.5
    VMware Aria Automation
Published: July 11, 2024

CVE-2024-5681

7.8
    UNKNOWN
Published: July 11, 2024

CVE-2024-6653

7.3
    Simple Task List
Published: July 11, 2024

CVE-2024-2602

7.3
    UNKNOWN
Published: July 11, 2024

CVE-2024-6447

7.2
    FULL - Cliente plugin for WordPress
Published: July 11, 2024

CVE-2024-5679

7.1
    Foxboro Distributed Control System
Published: July 11, 2024

CVE-2024-5680

7.1
    UNKNOWN
Published: July 11, 2024

CVE-2024-22387

6.8
    Gallagher Controller 6000
    Gallagher Controller 7000
Published: July 11, 2024

CVE-2024-38433

6.7
    Nuvoton BootBlock
Published: July 11, 2024

CVE-2024-6138

6.5
    Secure Copy Content Protection and Content Locking WordPress plugin
Published: July 11, 2024

CVE-2024-6256

6.4
    Feeds for YouTube (YouTube video, channel, and gallery plugin) plugin for WordPress
Published: July 11, 2024

CVE-2016-15039

6.3
    phpLDAPadmin
Published: July 11, 2024

CVE-2024-23317

6.3
    Controller 6000
    Controller 7000
Published: July 11, 2024

CVE-2024-6676

6.3
    UNKNOWN
Published: July 11, 2024

CVE-2024-6026

6.1
    Slider by 10Web WordPress plugin
Published: July 11, 2024

CVE-2024-6528

5.4
    UNKNOWN
Published: July 11, 2024

CVE-2024-6210

5.3
    Duplicator plugin for WordPress
Published: July 11, 2024

CVE-2024-0619

5.3
    Payflex Payment Gateway plugin for WordPress
Published: July 11, 2024

CVE-2024-6554

5.3
    Branda - White Label WordPress, Custom Login Page Customizer plugin for WordPress
Published: July 11, 2024

CVE-2024-5257

4.9
    GitLab CE/EE
Published: July 11, 2024

CVE-2024-23485

4.6
    Gallagher Controller 6000
    Gallagher Controller 7000
Published: July 11, 2024

CVE-2024-5470

3.8
    GitLab CE/EE
Published: July 11, 2024

CVE-2024-23194

3.3
    Gallagher Command Centre
Published: July 11, 2024

CVE-2024-2880

2.7
    GitLab CE/EE
Published: July 11, 2024

CVE-2024-40618

None
    Whale browser
Published: July 11, 2024

CVE-2024-1845

None
    VikRentCar Car Rental Management System WordPress plugin
Published: July 11, 2024

CVE-2024-4655

None
    Ultimate Blocks WordPress plugin
Published: July 11, 2024

CVE-2024-5444

None
    Bible Text WordPress plugin
Published: July 11, 2024

CVE-2024-6025

None
    Quiz and Survey Master (QSM) WordPress plugin
Published: July 11, 2024

CVE-2024-6643

None
    UNKNOWN
Published: July 11, 2024
Click here to see more Vulnerabilities