SecuriTricks - 2024-07-15

Title	Published	Tags	Description	Number of indicators
New BugSleep Backdoor Deployed in Recent MuddyWater Campaigns	July 15, 2024, 3:56 p.m.	espionage muddywater 2024-07-15 bugsleep	An Iranian threat group known as MuddyWater, affiliated with the Ministry of Intelligence and Security, has significantly intensi…	50
ShadowRoot Ransomware Targeting Turkish Businesses	July 15, 2024, 3:25 p.m.	ransomware 2024-07-15 türkiye	An analysis reveals a basic ransomware campaign targeting Turkish enterprises. The attack commences with a malicious PDF attachme…	3
Disarming DarkGate: A Deep Dive into Thwarting the Latest DarkGate Variant	July 15, 2024, 3:14 p.m.	rat darkgate 2024-07-15	This report analyzes a recent phishing campaign distributing a new DarkGate Remote Access Trojan variant. The malware leverages v…	4
A Social Engineering Tactic to Deploy Malware	July 15, 2024, 3:12 p.m.	darkgate lumma stealer 2024-07-15 clickfix	McAfee Labs uncovered a sophisticated social engineering technique, dubbed 'ClickFix,' for deploying malware such as DarkGate and…	7
WorkersDevBackdoor and MadMxShell converge in malvertising campaigns	July 15, 2024, 2:52 p.m.	malvertising madmxshell 2024-07-15 workersdevbackdoor	This report analyzes two recent malware distribution campaigns that leverage malvertising techniques. The campaigns deliver the W…	51
Security Advisory for Squarespace	July 15, 2024, 2:45 p.m.	2024-07-15 squarespace	This report outlines a critical vulnerability affecting the Squarespace platform, a widely used website builder. The flaw allows …	4
Braodo Info Stealer Targeting Vietnam and Abroad	July 15, 2024, 10:42 a.m.	obfuscation stealer exfiltration 2024-07-15 telegram vietnam braodo stealer	CYFIRMA discovered Braodo Stealer, a Python-based malware active since early 2024, primarily targeting users in Vietnam but also …	14

Vulnerabilities

CVE	CVSS	Published	Product impacted	Tags
CVE-2024-39915	9.9	July 15, 2024, 8:15 p.m.	Thruk	security-advisories@github.com CWE-94 2024-07-15 CVE-2024-39915
CVE-2024-6743	9.8	July 15, 2024, 7:15 a.m.	AguardNet's Space Management System	CWE-89 twcert@cert.org.tw 2024-07-15 CVE-2024-6743
CVE-2024-6744	9.8	July 15, 2024, 7:15 a.m.	Secure Email Gateway from Cellopoint	CWE-121 twcert@cert.org.tw 2024-07-15 CVE-2024-6744
CVE-2024-40624	9.8	July 15, 2024, 8:15 p.m.	TorrentPier	security-advisories@github.com CWE-502 2024-07-15 CVE-2024-40624
CVE-2024-6345	8.8	July 15, 2024, 1:15 a.m.	setuptools	CWE-94 security@huntr.dev 2024-07-15 CVE-2024-6345
CVE-2024-6737	8.8	July 15, 2024, 3:15 a.m.	Electronic Official Document Management System from 2100 TECHNOLOGY	CWE-284 twcert@cert.org.tw 2024-07-15 CVE-2024-6737
CVE-2024-21513	8.5	July 15, 2024, 5:15 a.m.	langchain-experimental	CWE-94 report@snyk.io 2024-07-15 CVE-2024-21513
CVE-2024-40631	8.1	July 15, 2024, 7:15 p.m.	@udecode/plate-media	security-advisories@github.com CWE-79 2024-07-15 CVE-2024-40631
CVE-2024-5402	7.8	July 15, 2024, 12:15 p.m.	ABB Mint Workbench	CWE-428 cybersecurity@ch.abb.com 2024-07-15 CVE-2024-5402
CVE-2024-6689	7.8	July 15, 2024, 2:15 p.m.	baramundi Management Agent	CWE-749 2024-07-15 CVE-2024-6689 a341c0d1-ebf7-493f-a84e-38cf86618674
CVE-2024-36432	7.5	July 15, 2024, 7:15 p.m.	Supermicro X11DPG-HGX2, X11PDG-QT, X11PDG-OT, X11PDG-SN motherboards	cve@mitre.org 2024-07-15 CVE-2024-36432
CVE-2024-36433	7.5	July 15, 2024, 7:15 p.m.	Supermicro X11DPH-T, X11DPH-Tq, and X11DPH-i motherboards	cve@mitre.org 2024-07-15 CVE-2024-36433
CVE-2024-36434	7.5	July 15, 2024, 7:15 p.m.	Supermicro X11DPH-T, X11DPH-Tq, X11DPH-i motherboards	cve@mitre.org 2024-07-15 CVE-2024-36434
CVE-2024-6745	7.3	July 15, 2024, 11:15 a.m.	Simple Ticket Booking	CWE-89 cna@vuldb.com 2024-07-15 CVE-2024-6745
CVE-2024-27238	7.1	July 15, 2024, 6:15 p.m.	Zoom Apps and SDKs for Windows	CWE-367 security@zoom.us 2024-07-15 CVE-2024-27238
CVE-2024-27240	7.1	July 15, 2024, 6:15 p.m.	Zoom Apps for Windows	CWE-20 security@zoom.us 2024-07-15 CVE-2024-27240
CVE-2024-39826	6.8	July 15, 2024, 6:15 p.m.	Zoom Workplace Apps and SDKs for Windows	CWE-367 security@zoom.us 2024-07-15 CVE-2024-39826
CVE-2024-39819	6.7	July 15, 2024, 6:15 p.m.	Zoom Workplace Apps and SDKs for Windows	CWE-269 security@zoom.us 2024-07-15 CVE-2024-39819
CVE-2024-39820	6.6	July 15, 2024, 6:15 p.m.	Zoom Workplace Desktop App for macOS	CWE-427 security@zoom.us 2024-07-15 CVE-2024-39820
CVE-2024-39821	6.6	July 15, 2024, 6:15 p.m.	Zoom Workplace App for Windows	CWE-367 security@zoom.us 2024-07-15 CVE-2024-39821
CVE-2024-39736	6.5	July 15, 2024, 2:15 a.m.	IBM Datacap Navigator	psirt@us.ibm.com 2024-07-15 CVE-2024-39736 CWE-644
CVE-2024-39728	6.4	July 15, 2024, 2:15 a.m.	IBM Datacap Navigator	CWE-79 psirt@us.ibm.com 2024-07-15 CVE-2024-39728
CVE-2024-6734	6.3	July 15, 2024, 12:15 a.m.	itsourcecode Tailoring Management System	CWE-89 cna@vuldb.com 2024-07-15 CVE-2024-6734
CVE-2024-6735	6.3	July 15, 2024, 12:15 a.m.	itsourcecode Tailoring Management System	CWE-89 cna@vuldb.com 2024-07-15 CVE-2024-6735
CVE-2024-6736	6.3	July 15, 2024, 1:15 a.m.	SourceCodester Employee and Visitor Gate Pass Logging System	CWE-89 cna@vuldb.com 2024-07-15 CVE-2024-6736
CVE-2024-6740	6.1	July 15, 2024, 8:15 a.m.	Openfind Mail2000	CWE-79 twcert@cert.org.tw 2024-07-15 CVE-2024-6740
CVE-2024-39731	5.9	July 15, 2024, 2:15 a.m.	IBM Datacap Navigator	psirt@us.ibm.com CWE-327 2024-07-15 CVE-2024-39731
CVE-2024-6741	5.8	July 15, 2024, 9:15 a.m.	Mail2000	CWE-693 twcert@cert.org.tw 2024-07-15 CVE-2024-6741
CVE-2024-40627	5.8	July 15, 2024, 8:15 p.m.	Fastapi OPA	security-advisories@github.com CWE-204 2024-07-15 CVE-2024-40627
CVE-2024-6540	5.7	July 15, 2024, 8:15 a.m.	OTRS	2024-07-15 security@otrs.com CVE-2024-6540 CWE-790
CVE-2024-39827	5.5	July 15, 2024, 6:15 p.m.	Zoom Workplace Desktop App for Windows	CWE-20 security@zoom.us 2024-07-15 CVE-2024-39827
CVE-2024-39737	5.4	July 15, 2024, 2:15 a.m.	IBM Datacap Navigator	psirt@us.ibm.com CWE-209 2024-07-15 CVE-2024-39737
CVE-2024-39739	5.4	July 15, 2024, 2:15 a.m.	IBM Datacap Navigator	psirt@us.ibm.com CWE-918 2024-07-15 CVE-2024-39739
CVE-2024-39735	5.4	July 15, 2024, 3:15 a.m.	IBM Datacap Navigator	CWE-79 psirt@us.ibm.com 2024-07-15 CVE-2024-39735
CVE-2024-6742	5.4	July 15, 2024, 6:15 a.m.	AguardNet Technology's Space Management System	CWE-79 twcert@cert.org.tw 2024-07-15 CVE-2024-6742
CVE-2024-6738	5.3	July 15, 2024, 3:15 a.m.	Tronclass from WisdomGarden	CWE-284 twcert@cert.org.tw 2024-07-15 CVE-2024-6738
CVE-2024-6739	5.3	July 15, 2024, 4:15 a.m.	MailAudit	twcert@cert.org.tw 2024-07-15 CVE-2024-6739 CWE-1004
CVE-2024-27241	5.3	July 15, 2024, 6:15 p.m.	Zoom Apps and SDKs	CWE-20 security@zoom.us 2024-07-15 CVE-2024-27241
CVE-2024-39912	5.3	July 15, 2024, 8:15 p.m.	web-auth/webauthn-lib	security-advisories@github.com CWE-204 2024-07-15 CVE-2024-39912
CVE-2024-23794	5.2	July 15, 2024, 8:15 a.m.	OTRS	CWE-266 2024-07-15 CVE-2024-23794 security@otrs.com
CVE-2024-38360	4.9	July 15, 2024, 8:15 p.m.	Discourse	security-advisories@github.com CWE-400 2024-07-15 CVE-2024-38360
CVE-2024-39729	4.3	July 15, 2024, 3:15 a.m.	IBM Datacap Navigator	psirt@us.ibm.com CWE-540 2024-07-15 CVE-2024-39729
CVE-2024-39740	4.3	July 15, 2024, 3:15 a.m.	IBM Datacap Navigator	psirt@us.ibm.com CWE-497 2024-07-15 CVE-2024-39740
CVE-2024-39741	4.3	July 15, 2024, 3:15 a.m.	IBM Datacap Navigator	psirt@us.ibm.com CWE-22 2024-07-15 CVE-2024-39741
CVE-2024-6398	4.3	July 15, 2024, 9:15 a.m.	SWG (Secure Web Gateway)	CWE-200 trellixpsirt@trellix.com 2024-07-15 CVE-2024-6398
CVE-2024-6746	4.3	July 15, 2024, 12:15 p.m.	NaiboWang EasySpider	cna@vuldb.com CWE-24 2024-07-15 CVE-2024-6746
CVE-2024-6716	4.3	July 15, 2024, 3:15 p.m.	libtiff	secalert@redhat.com CWE-400 2024-07-15 CVE-2024-6716
CVE-2024-39918	4.3	July 15, 2024, 8:15 p.m.	@jmondi/url-to-png	security-advisories@github.com CWE-22 2024-07-15 CVE-2024-39918
CVE-2024-40630	4.3	July 15, 2024, 8:15 p.m.	OpenImageIO	security-advisories@github.com CWE-125 2024-07-15 CVE-2024-40630
CVE-2024-39767	4.2	July 15, 2024, 9:15 a.m.	Mattermost Mobile Apps	CWE-287 responsibledisclosure@mattermost.com 2024-07-15 CVE-2024-39767
CVE-2024-40632	3.7	July 15, 2024, 10:15 p.m.	Linkerd	security-advisories@github.com CWE-918 2024-07-15 CVE-2024-40632
CVE-2024-39919	3.1	July 15, 2024, 8:15 p.m.	@jmondi/url-to-png	security-advisories@github.com CWE-200 2024-07-15 CVE-2024-39919
CVE-2024-32945	2.6	July 15, 2024, 9:15 a.m.	Mattermost Mobile Apps	responsibledisclosure@mattermost.com 2024-07-15 CVE-2024-32945 CWE-909
CVE-2024-5630	None	July 15, 2024, 6:15 a.m.	Insert or Embed Articulate Content into WordPress plugin	contact@wpscan.com 2024-07-15 CVE-2024-5630
CVE-2024-6072	None	July 15, 2024, 6:15 a.m.	wp-cart-for-digital-products WordPress plugin	contact@wpscan.com 2024-07-15 CVE-2024-6072
CVE-2024-6073	None	July 15, 2024, 6:15 a.m.	wp-cart-for-digital-products WordPress plugin	contact@wpscan.com 2024-07-15 CVE-2024-6073
CVE-2024-6074	None	July 15, 2024, 6:15 a.m.	wp-cart-for-digital-products WordPress plugin	contact@wpscan.com 2024-07-15 CVE-2024-6074
CVE-2024-6075	None	July 15, 2024, 6:15 a.m.	wp-cart-for-digital-products WordPress plugin	contact@wpscan.com 2024-07-15 CVE-2024-6075
CVE-2024-6076	None	July 15, 2024, 6:15 a.m.	wp-cart-for-digital-products WordPress plugin	contact@wpscan.com 2024-07-15 CVE-2024-6076
CVE-2024-6289	None	July 15, 2024, 6:15 a.m.	WPS Hide Login WordPress plugin	contact@wpscan.com 2024-07-15 CVE-2024-6289
CVE-2023-41916	None	July 15, 2024, 8:15 a.m.	Apache Linkis	security@apache.org CWE-552 2024-07-15 CVE-2023-41916
CVE-2023-46801	None	July 15, 2024, 8:15 a.m.	Apache Linkis	security@apache.org CWE-502 2024-07-15 CVE-2023-46801
CVE-2023-49566	None	July 15, 2024, 8:15 a.m.	Apache Linkis	security@apache.org CWE-502 2024-07-15 CVE-2023-49566
CVE-2024-41007	None	July 15, 2024, 9:15 a.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-07-15 CVE-2024-41007
CVE-2024-6721	None	July 15, 2024, 1:15 p.m.	UNKNOWN	security@wordfence.com 2024-07-15 CVE-2024-6721
CVE-2024-36455	None	July 15, 2024, 2:15 p.m.	PAM system	secure@symantec.com 2024-07-15 CVE-2024-36455
CVE-2024-36456	None	July 15, 2024, 2:15 p.m.	PAM system	secure@symantec.com 2024-07-15 CVE-2024-36456
CVE-2024-36457	None	July 15, 2024, 2:15 p.m.	Symantec PAM	secure@symantec.com 2024-07-15 CVE-2024-36457
CVE-2024-36458	None	July 15, 2024, 2:15 p.m.	UNKNOWN	secure@symantec.com 2024-07-15 CVE-2024-36458
CVE-2024-38491	None	July 15, 2024, 2:15 p.m.	UNKNOWN	secure@symantec.com 2024-07-15 CVE-2024-38491
CVE-2024-38492	None	July 15, 2024, 2:15 p.m.	PAM system	secure@symantec.com 2024-07-15 CVE-2024-38492
CVE-2024-38493	None	July 15, 2024, 2:15 p.m.	PAM UI	secure@symantec.com 2024-07-15 CVE-2024-38493
CVE-2024-38494	None	July 15, 2024, 2:15 p.m.	PAM (Privileged Access Management)	secure@symantec.com 2024-07-15 CVE-2024-38494
CVE-2024-38495	None	July 15, 2024, 3:15 p.m.	UNKNOWN	secure@symantec.com 2024-07-15 CVE-2024-38495
CVE-2024-38496	None	July 15, 2024, 3:15 p.m.	PAM (Pluggable Authentication Modules)	secure@symantec.com 2024-07-15 CVE-2024-38496
CVE-2024-40553	None	July 15, 2024, 4:15 p.m.	Tmall_demo	cve@mitre.org 2024-07-15 CVE-2024-40553
CVE-2024-40554	None	July 15, 2024, 4:15 p.m.	Tmall_demo	cve@mitre.org 2024-07-15 CVE-2024-40554
CVE-2024-40555	None	July 15, 2024, 4:15 p.m.	Tmall_demo	cve@mitre.org 2024-07-15 CVE-2024-40555
CVE-2024-40560	None	July 15, 2024, 4:15 p.m.	Tmall_demo	cve@mitre.org 2024-07-15 CVE-2024-40560
CVE-2024-40414	None	July 15, 2024, 5:15 p.m.	Tenda AX1806	cve@mitre.org 2024-07-15 CVE-2024-40414
CVE-2024-37016	None	July 15, 2024, 6:15 p.m.	Mengshen Wireless Door Alarm M70	cve@mitre.org 2024-07-15 CVE-2024-37016
CVE-2024-40415	None	July 15, 2024, 6:15 p.m.	Tenda AX1806	cve@mitre.org 2024-07-15 CVE-2024-40415
CVE-2024-40416	None	July 15, 2024, 6:15 p.m.	Tenda AX1806	cve@mitre.org 2024-07-15 CVE-2024-40416
CVE-2024-31946	None	July 15, 2024, 7:15 p.m.	Stormshield Network Security (SNS)	cve@mitre.org 2024-07-15 CVE-2024-31946
CVE-2024-36438	None	July 15, 2024, 7:15 p.m.	eLinkSmart Hidden Smart Cabinet Lock	cve@mitre.org 2024-07-15 CVE-2024-36438
CVE-2024-37386	None	July 15, 2024, 7:15 p.m.	Stormshield Network Security (SNS)	cve@mitre.org 2024-07-15 CVE-2024-37386
CVE-2024-4224	None	July 15, 2024, 9:15 p.m.	TP-Link TL-SG1016DE	CWE-79 2024-07-15 CVE-2024-4224 cve@takeonme.org
CVE-2024-4143	None	July 15, 2024, 10:15 p.m.	HP PC products using AMI BIOS	hp-security-alert@hp.com 2024-07-15 CVE-2024-4143
CVE-2024-40524	None	July 15, 2024, 11:15 p.m.	xmind2testcase	cve@mitre.org 2024-07-15 CVE-2024-40524

» Click here to see all Vulnerabilities «

Tag : 2024-07-15

Attack Reports

Vulnerabilities