SecuriTricks - 2024-08-02

Attack Reports

Title	Published	Tags	Description	Number of indicators
BITS and Bytes: Analyzing BITSLOTH, a newly identified backdoor	Aug. 2, 2024, 9:57 a.m.	backdoor espionage exfiltration persistence lateral movement 2024-08-02 bitsloth	Elastic Security Labs uncovered a new Windows backdoor called BITSLOTH that utilizes the Background Intelligent Transfer Service …	8
Brief Overview of the DeerStealer Distribution Campaign	Aug. 2, 2024, 8:50 a.m.	phishing stealer c2 deerstealer 2024-08-02 xfiles xor	A recent cybersecurity investigation uncovered a malware distribution campaign called DeerStealer. The malware was disseminated t…	28
BingoMod: The new android RAT that steals money and wipes data	Aug. 2, 2024, 8:46 a.m.	rat android fraud banking 2024-08-02 bingomod	In late May 2024, a new Android Remote Access Trojan (RAT) named BingoMod emerged, aiming to initiate fraudulent money transfers …	3
DNS Early Detection - Breaking the Black Basta Ransomware Kill Chain	Aug. 2, 2024, 8:43 a.m.	ransomware dns black basta 2024-08-02 threat intelligence	This intelligence analysis examines the Black Basta ransomware campaign, which has significantly impacted businesses and critical…	1
MirrorFace Attack against Japanese Organisations	Aug. 2, 2024, 8:41 a.m.	malware apt 2024-08-02 lodeinfo noopdoor ttp	The report provides in-depth details about the malware used by the threat actor MirrorFace in targeted attacks against Japanese o…	27
Detecting evolving threats: NetSupport RAT campaign	Aug. 2, 2024, 8:25 a.m.	obfuscation rat malvertising powershell persistence netsupport rat 2024-08-02	This analysis examines a recent malware campaign that utilizes the NetSupport RAT, a legitimate remote administration tool, for p…	3
Likely compromise of Taiwanese government-affiliated research institute with ShadowPad and Cobalt Strike	Aug. 2, 2024, 8:23 a.m.	apt cobalt strike credential theft cobaltstrike shadowpad data exfiltration 2024-08-02 poisonplug.shadow CVE-2018-0824 unmarshalpwn	A government-affiliated Taiwanese research institute specializing in computing technologies experienced a cyber intrusion likely …	13

» Click here to see all Attack Reports «

Vulnerabilities

CVE	CVSS	Published	Product impacted	Tags
CVE-2024-7314	9.8	Aug. 2, 2024, 5:16 p.m.	anji-plus AJ-Report	CWE-280 disclosure@vulncheck.com 2024-08-02 CVE-2024-7314
CVE-2024-42348	9.3	Aug. 2, 2024, 8:17 p.m.	FOG Project	security-advisories@github.com CWE-77 2024-08-02 CVE-2024-42348
CVE-2024-3238	8.8	Aug. 2, 2024, 7:16 a.m.	Superfly Responsive Menu plugin for WordPress	security@wordfence.com CWE-352 2024-08-02 CVE-2024-3238
CVE-2024-27181	8.8	Aug. 2, 2024, 10:15 a.m.	Apache Linkis	CWE-269 security@apache.org 2024-08-02 CVE-2024-27181
CVE-2024-40720	8.8	Aug. 2, 2024, 11:16 a.m.	TCBServiSign Windows Version	CWE-20 twcert@cert.org.tw 2024-08-02 CVE-2024-40720
CVE-2024-40721	8.8	Aug. 2, 2024, 11:16 a.m.	TCBServiSign Windows Version	CWE-20 twcert@cert.org.tw 2024-08-02 CVE-2024-40721
CVE-2024-7029	8.8	Aug. 2, 2024, 3:16 p.m.	UNKNOWN	ics-cert@hq.dhs.gov CWE-77 2024-08-02 CVE-2024-7029
CVE-2024-41127	8.3	Aug. 2, 2024, 3:16 p.m.	Monkeytype	security-advisories@github.com CWE-74 2024-08-02 CVE-2024-41127
CVE-2024-38877	8.2	Aug. 2, 2024, 11:16 a.m.	Omnivise T3000 Application Server	CWE-312 productcert@siemens.com 2024-08-02 CVE-2024-38877
CVE-2024-39392	7.8	Aug. 2, 2024, 7:16 a.m.	InDesign Desktop	CWE-122 psirt@adobe.com 2024-08-02 CVE-2024-39392
CVE-2024-38876	7.8	Aug. 2, 2024, 11:16 a.m.	Omnivise T3000 Application Server	CWE-552 productcert@siemens.com 2024-08-02 CVE-2024-38876
CVE-2024-7389	7.5	Aug. 2, 2024, 5:15 a.m.	Forminator plugin for WordPress	security@wordfence.com CWE-522 2024-08-02 CVE-2024-7389
CVE-2024-38879	7.5	Aug. 2, 2024, 11:16 a.m.	Omnivise T3000 Application Server	CWE-20 productcert@siemens.com 2024-08-02 CVE-2024-38879
CVE-2024-7319	7.4	Aug. 2, 2024, 9:16 p.m.	openstack-heat	secalert@redhat.com CWE-200 2024-08-02 CVE-2024-7319
CVE-2024-38878	7.2	Aug. 2, 2024, 11:16 a.m.	Omnivise T3000 Application Server	CWE-22 productcert@siemens.com 2024-08-02 CVE-2024-38878
CVE-2024-38776	7.1	Aug. 2, 2024, 8:15 a.m.	WP GoToWebinar	audit@patchstack.com CWE-352 2024-08-02 CVE-2024-38776
CVE-2024-38482	6.6	Aug. 2, 2024, 4:17 a.m.	CloudLink	security_alert@emc.com CWE-703 2024-08-02 CVE-2024-38482
CVE-2024-40719	6.5	Aug. 2, 2024, 10:16 a.m.	TCBServiSign Windows Version	twcert@cert.org.tw CWE-326 2024-08-02 CVE-2024-40719
CVE-2024-7323	6.5	Aug. 2, 2024, 11:16 a.m.	Digiwin EasyFlow .NET	CWE-36 twcert@cert.org.tw 2024-08-02 CVE-2024-7323
CVE-2024-3827	6.4	Aug. 2, 2024, 6:15 a.m.	Spectra Pro plugin for WordPress	CWE-79 security@wordfence.com 2024-08-02 CVE-2024-3827
CVE-2024-4643	6.4	Aug. 2, 2024, 10:16 a.m.	Element Pack Elementor Addons plugin for WordPress	CWE-79 security@wordfence.com 2024-08-02 CVE-2024-4643
CVE-2024-7372	6.3	Aug. 2, 2024, 12:15 a.m.	SourceCodester Simple Realtime Quiz System	CWE-89 cna@vuldb.com 2024-08-02 CVE-2024-7372
CVE-2024-7373	6.3	Aug. 2, 2024, 12:15 a.m.	SourceCodester Simple Realtime Quiz System	CWE-89 cna@vuldb.com 2024-08-02 CVE-2024-7373
CVE-2024-7374	6.3	Aug. 2, 2024, 1:16 a.m.	SourceCodester Simple Realtime Quiz System	CWE-89 cna@vuldb.com 2024-08-02 CVE-2024-7374
CVE-2024-7375	6.3	Aug. 2, 2024, 1:16 a.m.	SourceCodester Simple Realtime Quiz System	CWE-89 cna@vuldb.com 2024-08-02 CVE-2024-7375
CVE-2024-7376	6.3	Aug. 2, 2024, 2:15 a.m.	Simple Realtime Quiz System	CWE-89 cna@vuldb.com 2024-08-02 CVE-2024-7376
CVE-2024-7377	6.3	Aug. 2, 2024, 2:15 a.m.	SourceCodester Simple Realtime Quiz System	CWE-89 cna@vuldb.com 2024-08-02 CVE-2024-7377
CVE-2024-7378	6.3	Aug. 2, 2024, 3:15 a.m.	SourceCodester Simple Realtime Quiz System	CWE-89 cna@vuldb.com 2024-08-02 CVE-2024-7378
CVE-2024-7204	6.1	Aug. 2, 2024, 11:16 a.m.	Ai3 QbiBot	CWE-79 twcert@cert.org.tw 2024-08-02 CVE-2024-7204
CVE-2024-39396	5.5	Aug. 2, 2024, 7:16 a.m.	InDesign Desktop	psirt@adobe.com CWE-125 2024-08-02 CVE-2024-39396
CVE-2024-22278	5.4	Aug. 2, 2024, 1:15 a.m.	Harbor	CWE-269 security@vmware.com 2024-08-02 CVE-2024-22278
CVE-2024-5595	5.4	Aug. 2, 2024, 6:15 a.m.	Essential Blocks WordPress plugin	contact@wpscan.com 2024-08-02 CVE-2024-5595
CVE-2024-6567	5.3	Aug. 2, 2024, 2:15 a.m.	Ebook Store plugin for WordPress	CWE-200 security@wordfence.com 2024-08-02 CVE-2024-6567
CVE-2024-42459	5.3	Aug. 2, 2024, 7:16 a.m.	Node.js	cve@mitre.org CWE-347 2024-08-02 CVE-2024-42459
CVE-2024-42460	5.3	Aug. 2, 2024, 7:16 a.m.	Node.js Elliptic package	cve@mitre.org CWE-130 2024-08-02 CVE-2024-42460
CVE-2024-6704	5.3	Aug. 2, 2024, 11:16 a.m.	Comments - wpDiscuz plugin for WordPress	CWE-79 security@wordfence.com 2024-08-02 CVE-2024-6704
CVE-2024-42349	5.3	Aug. 2, 2024, 8:17 p.m.	FOG	security-advisories@github.com CWE-532 2024-08-02 CVE-2024-42349
CVE-2024-3056	4.8	Aug. 2, 2024, 9:16 p.m.	Podman	secalert@redhat.com CWE-400 2024-08-02 CVE-2024-3056
CVE-2024-40722	4.3	Aug. 2, 2024, 11:16 a.m.	TCBServiSign Windows Version	CWE-121 twcert@cert.org.tw 2024-08-02 CVE-2024-40722
CVE-2024-40723	4.3	Aug. 2, 2024, 11:16 a.m.	HWATAIServiSign	CWE-121 twcert@cert.org.tw 2024-08-02 CVE-2024-40723
CVE-2024-42458	None	Aug. 2, 2024, 4:17 a.m.	Neat VNC	cve@mitre.org 2024-08-02 CVE-2024-42458
CVE-2024-42461	None	Aug. 2, 2024, 7:16 a.m.	Node.js Elliptic package	cve@mitre.org 2024-08-02 CVE-2024-42461
CVE-2024-27182	None	Aug. 2, 2024, 10:16 a.m.	Apache Linkis	security@apache.org CWE-552 2024-08-02 CVE-2024-27182
CVE-2024-36268	None	Aug. 2, 2024, 10:16 a.m.	Apache InLong	security@apache.org CWE-94 2024-08-02 CVE-2024-36268
CVE-2024-38890	None	Aug. 2, 2024, 3:16 p.m.	Horizon Business Services Inc. Caterease Software	cve@mitre.org 2024-08-02 CVE-2024-38890
CVE-2024-41310	None	Aug. 2, 2024, 5:16 p.m.	AndServer	cve@mitre.org 2024-08-02 CVE-2024-41310
CVE-2024-41517	None	Aug. 2, 2024, 5:16 p.m.	Feripro	cve@mitre.org 2024-08-02 CVE-2024-41517
CVE-2024-41518	None	Aug. 2, 2024, 5:16 p.m.	Feripro	cve@mitre.org 2024-08-02 CVE-2024-41518
CVE-2024-41519	None	Aug. 2, 2024, 5:16 p.m.	Feripro	cve@mitre.org 2024-08-02 CVE-2024-41519
CVE-2024-33892	None	Aug. 2, 2024, 6:16 p.m.	Cosy+	cve@mitre.org 2024-08-02 CVE-2024-33892
CVE-2024-33893	None	Aug. 2, 2024, 6:16 p.m.	Cosy+	cve@mitre.org 2024-08-02 CVE-2024-33893
CVE-2024-33894	None	Aug. 2, 2024, 6:16 p.m.	Cosy+	cve@mitre.org 2024-08-02 CVE-2024-33894
CVE-2024-33895	None	Aug. 2, 2024, 6:16 p.m.	Cosy+	cve@mitre.org 2024-08-02 CVE-2024-33895
CVE-2024-33896	None	Aug. 2, 2024, 6:16 p.m.	Cosy+	cve@mitre.org 2024-08-02 CVE-2024-33896
CVE-2024-38881	None	Aug. 2, 2024, 6:16 p.m.	Caterease	cve@mitre.org 2024-08-02 CVE-2024-38881
CVE-2024-38882	None	Aug. 2, 2024, 6:16 p.m.	Caterease	cve@mitre.org 2024-08-02 CVE-2024-38882
CVE-2024-38883	None	Aug. 2, 2024, 6:16 p.m.	Caterease by Horizon Business Services Inc.	cve@mitre.org 2024-08-02 CVE-2024-38883
CVE-2024-38884	None	Aug. 2, 2024, 6:16 p.m.	Caterease	cve@mitre.org 2024-08-02 CVE-2024-38884
CVE-2024-38885	None	Aug. 2, 2024, 6:16 p.m.	Caterease	cve@mitre.org 2024-08-02 CVE-2024-38885
CVE-2024-38886	None	Aug. 2, 2024, 6:16 p.m.	Caterease	cve@mitre.org 2024-08-02 CVE-2024-38886
CVE-2024-22169	None	Aug. 2, 2024, 7:16 p.m.	WD Discovery	CWE-94 2024-08-02 CVE-2024-22169 psirt@wdc.com
CVE-2024-28297	None	Aug. 2, 2024, 7:16 p.m.	AzureSoft MyHorus	cve@mitre.org 2024-08-02 CVE-2024-28297
CVE-2024-28298	None	Aug. 2, 2024, 7:16 p.m.	BM SOFT BMPlanning	cve@mitre.org 2024-08-02 CVE-2024-28298
CVE-2024-38888	None	Aug. 2, 2024, 8:17 p.m.	Caterease	cve@mitre.org 2024-08-02 CVE-2024-38888
CVE-2024-38889	None	Aug. 2, 2024, 8:17 p.m.	Caterease	cve@mitre.org 2024-08-02 CVE-2024-38889
CVE-2024-38887	None	Aug. 2, 2024, 9:16 p.m.	Caterease	cve@mitre.org 2024-08-02 CVE-2024-38887
CVE-2024-38891	None	Aug. 2, 2024, 9:16 p.m.	Caterease	cve@mitre.org 2024-08-02 CVE-2024-38891

» Click here to see all Vulnerabilities «

Tag : 2024-08-02