Tag: 2024-08-07

5 Attack Reports | 112 Vulnerabilities

Attack reports

Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks

TrendMicro highlights the dangers of internet-facing routers and elaborates on Pawn Storm's exploitation of EdgeRouters, complementing the FBI's advisory from February 27, 2024. Cybercriminals and nation-state actors share an interest in compromised routers used as an anonymization layer, with cybe…

Published: August 7, 2024

Downloadable IOCs: 64

Hackers Leveraging OneDrive Or Google Drive To Hide Malicious Traffic

Cyber threat actors, including nation-state groups, are utilizing legitimate cloud services like Microsoft OneDrive and Google Drive for covert operations. These services evade detection by masquerading as trusted entities, enabling data exfiltration and tool deployment. A new Go-based backdoor, Go…

Published: August 7, 2024

Downloadable IOCs: 20

Cloud Cover: How Malicious Actors Are Leveraging Cloud Services

In recent times, there has been a notable rise in the exploitation of legitimate cloud services by threat actors, including nation-state groups. Attackers have realized the potential of these services to provide low-cost infrastructure, evading detection as communication to trusted platforms may no…

Published: August 7, 2024

Linked vulnerabilities : CVE-2024-21887, CVE-2024-21893

Downloadable IOCs: 20

New Widespread Extension Trojan Malware Campaign

This report discusses a widespread polymorphic malware campaign that forcefully installs malicious browser extensions on endpoints. The malware, originating from imitations of download websites, delivers various malicious payloads, including adware extensions, data stealing scripts, and commands to…

Published: August 7, 2024

Downloadable IOCs: 0

Unmasking Cronus: How Fake PayPal Documents Execute Fileless Ransomware via PowerShell

The analysis reveals a sophisticated campaign employing fake PayPal receipts as lures to distribute a new variant of the Cronus ransomware. The infection chain begins with a malicious Word document containing an obfuscated VBA macro that downloads a PowerShell loader from a remote server. This load…

Published: August 7, 2024

Downloadable IOCs: 8

Click here to see more Attack Reports

Vulnerabilities

CVE-2024-36130

EPMM

Published: August 7, 2024

CVE-2024-42005

Djangoproject

Django

Published: August 7, 2024

CVE-2024-7580

Alientechnology

Alr-F800 Firmware
Alr-F800

Published: August 7, 2024

CVE-2024-7581

A301 Firmware
A301

Published: August 7, 2024

CVE-2024-34479

SourceCodester Computer Laboratory Management System

Published: August 7, 2024

CVE-2024-20450

Cisco Small Business SPA300 Series IP Phones

Cisco Small Business SPA500 Series IP Phones

Published: August 7, 2024

CVE-2024-20454

Cisco Small Business SPA300 Series IP Phones

Cisco Small Business SPA500 Series IP Phones

Published: August 7, 2024

CVE-2024-41247

Published: August 7, 2024

CVE-2024-36131

EPMM

Published: August 7, 2024

CVE-2024-42062

Apache CloudStack

Published: August 7, 2024

CVE-2024-5290

wpa_supplicant

Published: August 7, 2024

CVE-2024-43199

Nagios NDOUtils

Published: August 7, 2024

CVE-2024-7582

Published: August 7, 2024

CVE-2024-7583

Published: August 7, 2024

CVE-2024-7584

Published: August 7, 2024

CVE-2024-7585

Published: August 7, 2024

CVE-2024-41240

Kashipara Responsive School Management System

Published: August 7, 2024

CVE-2024-6522

Modern Events Calendar plugin for WordPress

Published: August 7, 2024

CVE-2024-34620

SumeNNService

Published: August 7, 2024

CVE-2024-41308

IT Solutions Enjay CRM OS

Published: August 7, 2024

CVE-2024-36132

EPMM

Published: August 7, 2024

CVE-2024-34622

Samsung Notes

Published: August 7, 2024

CVE-2024-34623

Samsung Notes

Published: August 7, 2024

CVE-2024-34619

Published: August 7, 2024

CVE-2024-41989

Djangoproject

Django

Published: August 7, 2024

CVE-2024-41990

Djangoproject

Django

Published: August 7, 2024

CVE-2024-41991

Djangoproject

Django

Published: August 7, 2024

CVE-2024-41248

Kashipara Responsive School Management System

Published: August 7, 2024

CVE-2024-41249

Kashipara Responsive School Management System

Published: August 7, 2024

CVE-2024-20451

Cisco Small Business SPA300 Series IP Phones

Cisco Small Business SPA500 Series IP Phones

Published: August 7, 2024

CVE-2024-34612

Published: August 7, 2024

CVE-2024-34614

SMR (Samsung Monthly Release)

Published: August 7, 2024

CVE-2024-7553

MongoDB Server

MongoDB C Driver

MongoDB PHP Driver

Published: August 7, 2024

CVE-2024-7578

Alien Technology ALR-F800

Published: August 7, 2024

CVE-2024-7143

Pulp

Published: August 7, 2024

CVE-2024-7579

Alien Technology ALR-F800

Published: August 7, 2024

CVE-2024-34604

Samsung LedCoverService

Published: August 7, 2024

CVE-2024-34605

SamsungHealthService

Published: August 7, 2024

CVE-2024-34606

SmartThingsService

Published: August 7, 2024

CVE-2024-34607

SamsungNotesService

Published: August 7, 2024

CVE-2024-34608

Samsung PaymentManagerService

Published: August 7, 2024

CVE-2024-34609

Samsung VoiceNoteService

Published: August 7, 2024

CVE-2024-6494

WordPress File Upload WordPress plugin

Published: August 7, 2024

CVE-2024-41239

Kashipara Responsive School Management System

Published: August 7, 2024

CVE-2024-34621

Samsung Notes

Published: August 7, 2024

CVE-2024-34624

Samsung Notes

Published: August 7, 2024

CVE-2024-34625

Samsung Notes

Published: August 7, 2024

CVE-2024-34626

Samsung Notes

Published: August 7, 2024

CVE-2024-34627

Samsung Notes

Published: August 7, 2024

CVE-2024-34628

Samsung Notes

Published: August 7, 2024

CVE-2024-34629

Samsung Notes

Published: August 7, 2024

CVE-2024-34630

Samsung Notes

Published: August 7, 2024

CVE-2024-34631

Samsung Notes

Published: August 7, 2024

CVE-2024-7061

Okta Verify for Windows

Published: August 7, 2024

CVE-2024-41242

Kashipara Responsive School Management System

Published: August 7, 2024

CVE-2024-7353

Accept Stripe Payments plugin for WordPress

Published: August 7, 2024

CVE-2024-20443

Published: August 7, 2024

CVE-2024-34788

EPMM

Published: August 7, 2024

CVE-2024-41252

Kashipara Responsive School Management System

Published: August 7, 2024

CVE-2024-41432

Published: August 7, 2024

CVE-2024-34610

ExtControlDeviceService

Published: August 7, 2024

CVE-2024-34611

KnoxService

Published: August 7, 2024

CVE-2024-34615

Published: August 7, 2024

CVE-2024-34616

Samsung KnoxDualDARPolicy

Published: August 7, 2024

CVE-2024-37403

Ivanti Docs@Work for Android

Published: August 7, 2024

CVE-2024-7355

Organization chart plugin for WordPress

Published: August 7, 2024

CVE-2024-20479

Published: August 7, 2024

CVE-2024-34613

Galaxy Watch

Published: August 7, 2024

CVE-2024-34617

Published: August 7, 2024

CVE-2024-34618

Published: August 7, 2024

CVE-2024-34632

Samsung Notes

Published: August 7, 2024

CVE-2024-34633

Samsung Notes

Published: August 7, 2024

CVE-2024-34634

Samsung Notes

Published: August 7, 2024

CVE-2024-34635

Samsung Notes

Published: August 7, 2024

CVE-2024-34636

Samsung Email

Published: August 7, 2024

CVE-2024-3973

House Manager WordPress plugin

Published: August 7, 2024

CVE-2024-42222

Apache CloudStack

Published: August 7, 2024

CVE-2024-7265

Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy EZD RP

Published: August 7, 2024

CVE-2024-7266

Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy EZD RP

Published: August 7, 2024

CVE-2024-7267

Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy EZD RP

Published: August 7, 2024

CVE-2024-43044

Published: August 7, 2024

CVE-2024-43045

Published: August 7, 2024

CVE-2024-34480

SourceCodester Computer Laboratory Management System

Published: August 7, 2024

CVE-2024-41246

Kashipara Responsive School Management System

Published: August 7, 2024

CVE-2024-41251

Kashipara Responsive School Management System

Published: August 7, 2024

CVE-2024-41309

Enjay CRM OS

Published: August 7, 2024

CVE-2024-42232

Linux Kernel

Published: August 7, 2024

CVE-2024-42233

Linux Kernel

Published: August 7, 2024

CVE-2024-42234

Linux Kernel

Published: August 7, 2024

CVE-2024-42235

Linux Kernel

Published: August 7, 2024

CVE-2024-42236

Linux kernel

Published: August 7, 2024

CVE-2024-42237

Linux kernel

Published: August 7, 2024

CVE-2024-42238

Linux kernel

Published: August 7, 2024

CVE-2024-42239

Linux kernel

Published: August 7, 2024

CVE-2024-42240

Linux kernel

Published: August 7, 2024

CVE-2024-42241

Linux kernel

Published: August 7, 2024

CVE-2024-42242

Linux kernel

Published: August 7, 2024

CVE-2024-42243

Linux Kernel

Published: August 7, 2024

CVE-2024-42244

Linux kernel

Published: August 7, 2024

CVE-2024-42245

Linux Kernel

Published: August 7, 2024

CVE-2024-42246

Linux kernel

Published: August 7, 2024

CVE-2024-42247

Linux kernel

Published: August 7, 2024

CVE-2024-42248

Linux kernel

Published: August 7, 2024

CVE-2024-42249

Linux kernel

Published: August 7, 2024

CVE-2024-42250

Linux kernel

Published: August 7, 2024

CVE-2024-41243

Kashipara Responsive School Management System

Published: August 7, 2024

CVE-2024-41244

Kashipara Responsive School Management System

Published: August 7, 2024

CVE-2024-41245

Kashipara Responsive School Management System

Published: August 7, 2024

CVE-2024-41250

Kashipara Responsive School Management System

Published: August 7, 2024

CVE-2024-41241

Kashipara Responsive School Management System

Published: August 7, 2024

CVE-2024-41237

Kashipara Responsive School Management System

Published: August 7, 2024

CVE-2024-41912

Poly Clariti Manager

Published: August 7, 2024

Click here to see more Vulnerabilities