Tag: 2024-08-07

5 Attack Reports | 112 Vulnerabilities

Attack reports

Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks

TrendMicro highlights the dangers of internet-facing routers and elaborates on Pawn Storm's exploitation of EdgeRouters, complementing the FBI's advisory from February 27, 2024. Cybercriminals and nation-state actors share an interest in compromised routers used as an anonymization layer, with cybe…
espionage
botnet
cybercrime
proxy
2024-08-07
routers
ngioweb
sshdoor
Published: August 7, 2024
Downloadable IOCs: 64

Hackers Leveraging OneDrive Or Google Drive To Hide Malicious Traffic

Cyber threat actors, including nation-state groups, are utilizing legitimate cloud services like Microsoft OneDrive and Google Drive for covert operations. These services evade detection by masquerading as trusted entities, enabling data exfiltration and tool deployment. A new Go-based backdoor, Go…
backdoor
espionage
exfiltration
cloud
2024-08-07
gogra
moontag
api
trojan.grager
onedrivetools
whipweave
Published: August 7, 2024
Downloadable IOCs: 20

Cloud Cover: How Malicious Actors Are Leveraging Cloud Services

In recent times, there has been a notable rise in the exploitation of legitimate cloud services by threat actors, including nation-state groups. Attackers have realized the potential of these services to provide low-cost infrastructure, evading detection as communication to trusted platforms may no…
espionage
cloud
graphite
graphon
birdyclient
2024-08-07
gogra
grager
moontag
Published: August 7, 2024
Linked vulnerabilities : CVE-2024-21887, CVE-2024-21893
Downloadable IOCs: 20

New Widespread Extension Trojan Malware Campaign

This report discusses a widespread polymorphic malware campaign that forcefully installs malicious browser extensions on endpoints. The malware, originating from imitations of download websites, delivers various malicious payloads, including adware extensions, data stealing scripts, and commands to…
trojan
adware
hijacking
2024-08-07
polymorphic
browser
bankshot
extensions
Published: August 7, 2024
Downloadable IOCs: 0

Unmasking Cronus: How Fake PayPal Documents Execute Fileless Ransomware via PowerShell

The analysis reveals a sophisticated campaign employing fake PayPal receipts as lures to distribute a new variant of the Cronus ransomware. The infection chain begins with a malicious Word document containing an obfuscated VBA macro that downloads a PowerShell loader from a remote server. This load…
phishing
ransomware
powershell
fileless
2024-08-07
cronus
Published: August 7, 2024
Downloadable IOCs: 8
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-36130

9.8
    EPMM
  • Version(s): before 12.1.0.1
Published: August 7, 2024

CVE-2024-42005

9.8
    Djangoproject
  • Django
Published: August 7, 2024

CVE-2024-7580

9.8
    Alientechnology
  • Alr-F800 Firmware
  • Alr-F800
Published: August 7, 2024

CVE-2024-7581

9.8
    Tendacn
  • A301 Firmware
  • A301
Published: August 7, 2024

CVE-2024-34479

9.8
    SourceCodester Computer Laboratory Management System
  • Version(s): 1.0
Published: August 7, 2024

CVE-2024-20450

9.8
    Cisco Small Business SPA300 Series IP Phones
    Cisco Small Business SPA500 Series IP Phones
Published: August 7, 2024

CVE-2024-20454

9.8
    Cisco Small Business SPA300 Series IP Phones
    Cisco Small Business SPA500 Series IP Phones
Published: August 7, 2024

CVE-2024-41247

9.1
    Unknown
Published: August 7, 2024

CVE-2024-36131

8.8
    EPMM
  • Version(s): before 12.1.0.1
Published: August 7, 2024

CVE-2024-42062

8.8
    Apache CloudStack
  • Version(s): 4.10.0 up to 4.19.1.0
Published: August 7, 2024

CVE-2024-5290

8.8
    wpa_supplicant
Published: August 7, 2024

CVE-2024-43199

8.8
    Nagios NDOUtils
  • Version(s): before 2.1.4
Published: August 7, 2024

CVE-2024-7582

8.8
    Tenda i22
  • Version(s): 1.0.0.3(4687)
Published: August 7, 2024

CVE-2024-7583

8.8
    Tenda i22
  • Version(s): 1.0.0.3(4687)
Published: August 7, 2024

CVE-2024-7584

8.8
    Tenda i22
  • Version(s): 1.0.0.3(4687)
Published: August 7, 2024

CVE-2024-7585

8.8
    Tenda i22
  • Version(s): 1.0.0.3(4687)
Published: August 7, 2024

CVE-2024-41240

8.8
    Kashipara Responsive School Management System
  • Version(s): 3.2.0
Published: August 7, 2024

CVE-2024-6522

8.5
    Modern Events Calendar plugin for WordPress
  • Version(s): up to 7.12.1
Published: August 7, 2024

CVE-2024-34620

8.4
    SumeNNService
  • Version(s): prior to SMR Aug-2024 Release 1
Published: August 7, 2024

CVE-2024-41308

8.4
    IT Solutions Enjay CRM OS
  • Version(s): 1.0
Published: August 7, 2024

CVE-2024-36132

8.2
    EPMM
  • Version(s): before 12.1.0.1
Published: August 7, 2024

CVE-2024-34622

7.8
    Samsung Notes
  • Version(s): before 4.4.21.62
Published: August 7, 2024

CVE-2024-34623

7.8
    Samsung Notes
  • Version(s): before 4.4.21.62
Published: August 7, 2024

CVE-2024-34619

7.5
    UNKNOWN
Published: August 7, 2024

CVE-2024-41989

7.5
    Djangoproject
  • Django
Published: August 7, 2024

CVE-2024-41990

7.5
    Djangoproject
  • Django
Published: August 7, 2024

CVE-2024-41991

7.5
    Djangoproject
  • Django
Published: August 7, 2024

CVE-2024-41248

7.5
    Kashipara Responsive School Management System
  • Version(s): 3.2.0
Published: August 7, 2024

CVE-2024-41249

7.5
    Kashipara Responsive School Management System
  • Version(s): 3.2.0
Published: August 7, 2024

CVE-2024-20451

7.5
    Cisco Small Business SPA300 Series IP Phones
    Cisco Small Business SPA500 Series IP Phones
Published: August 7, 2024

CVE-2024-34612

7.3
    UNKNOWN
Published: August 7, 2024

CVE-2024-34614

7.3
    SMR (Samsung Monthly Release)
  • Version(s): before Aug-2024 Release 1
Published: August 7, 2024

CVE-2024-7553

7.3
    MongoDB Server
  • Version(s): 5.0 - 5.0.26, 6.0 - 6.0.15, 7.0 - 7.0.11, 7.3 - 7.3.2
    MongoDB C Driver
  • Version(s): before 1.26.2
    MongoDB PHP Driver
  • Version(s): before 1.18.1
Published: August 7, 2024

CVE-2024-7578

7.3
    Alien Technology ALR-F800
  • Version(s): up to 19.10.24.00
Published: August 7, 2024

CVE-2024-7143

6.7
    Pulp
Published: August 7, 2024

CVE-2024-7579

6.3
    Alien Technology ALR-F800
  • Version(s): up to 19.10.24.00
Published: August 7, 2024

CVE-2024-34604

6.2
    Samsung LedCoverService
  • Version(s): prior to SMR Aug-2024 Release 1
Published: August 7, 2024

CVE-2024-34605

6.2
    SamsungHealthService
  • Version(s): before SMR Aug-2024 Release 1
Published: August 7, 2024

CVE-2024-34606

6.2
    SmartThingsService
  • Version(s): before SMR Aug-2024 Release 1
Published: August 7, 2024

CVE-2024-34607

6.2
    SamsungNotesService
  • Version(s): before SMR Aug-2024 Release 1
Published: August 7, 2024

CVE-2024-34608

6.2
    Samsung PaymentManagerService
  • Version(s): before SMR Aug-2024 Release 1
Published: August 7, 2024

CVE-2024-34609

6.2
    Samsung VoiceNoteService
  • Version(s): before SMR Aug-2024 Release 1
Published: August 7, 2024

CVE-2024-6494

6.1
    WordPress File Upload WordPress plugin
  • Version(s): before 4.24.8
Published: August 7, 2024

CVE-2024-41239

5.9
    Kashipara Responsive School Management System
  • Version(s): 1.0
Published: August 7, 2024

CVE-2024-34621

5.5
    Samsung Notes
  • Version(s): before 4.4.21.62
Published: August 7, 2024

CVE-2024-34624

5.5
    Samsung Notes
  • Version(s): before 4.4.21.62
Published: August 7, 2024

CVE-2024-34625

5.5
    Samsung Notes
  • Version(s): before 4.4.21.62
Published: August 7, 2024

CVE-2024-34626

5.5
    Samsung Notes
  • Version(s): before 4.4.21.62
Published: August 7, 2024

CVE-2024-34627

5.5
    Samsung Notes
  • Version(s): before 4.4.21.62
Published: August 7, 2024

CVE-2024-34628

5.5
    Samsung Notes
  • Version(s): before 4.4.21.62
Published: August 7, 2024

CVE-2024-34629

5.5
    Samsung Notes
  • Version(s): before 4.4.21.62
Published: August 7, 2024

CVE-2024-34630

5.5
    Samsung Notes
  • Version(s): before 4.4.21.62
Published: August 7, 2024

CVE-2024-34631

5.5
    Samsung Notes
  • Version(s): before 4.4.21.62
Published: August 7, 2024

CVE-2024-7061

5.5
    Okta Verify for Windows
  • Version(s): 5.0.2
Published: August 7, 2024

CVE-2024-41242

5.5
    Kashipara Responsive School Management System
  • Version(s): 3.2.0
Published: August 7, 2024

CVE-2024-7353

5.4
    Accept Stripe Payments plugin for WordPress
  • Version(s): up to 2.0.86
Published: August 7, 2024

CVE-2024-20443

5.4
    Cisco ISE
Published: August 7, 2024

CVE-2024-34788

5.3
    EPMM
  • Version(s): prior to 12.1.0.1
Published: August 7, 2024

CVE-2024-41252

5.3
    Kashipara Responsive School Management System
  • Version(s): 3.2.0
Published: August 7, 2024

CVE-2024-41432

5.3
    Likeshop
  • Version(s): up to 2.5.7.20210811
Published: August 7, 2024

CVE-2024-34610

5.1
    ExtControlDeviceService
  • Version(s): before SMR Aug-2024 Release 1
Published: August 7, 2024

CVE-2024-34611

5.1
    KnoxService
  • Version(s): before SMR Aug-2024 Release 1
Published: August 7, 2024

CVE-2024-34615

5.1
    UNKNOWN
Published: August 7, 2024

CVE-2024-34616

5.1
    Samsung KnoxDualDARPolicy
  • Version(s): before SMR Aug-2024 Release 1
Published: August 7, 2024

CVE-2024-37403

5.0
    Ivanti Docs@Work for Android
  • Version(s): before 2.26.0
Published: August 7, 2024

CVE-2024-7355

4.9
    Organization chart plugin for WordPress
  • Version(s): up to 1.5.0
Published: August 7, 2024

CVE-2024-20479

4.8
    Cisco ISE
Published: August 7, 2024

CVE-2024-34613

4.0
    Galaxy Watch
  • Version(s): prior to SMR Aug-2024 Release 1
Published: August 7, 2024

CVE-2024-34617

4.0
    Telephony
  • Version(s): before SMR Aug-2024 Release 1
Published: August 7, 2024

CVE-2024-34618

4.0
    UNKNOWN
Published: August 7, 2024

CVE-2024-34632

4.0
    Samsung Notes
  • Version(s): before 4.4.21.62
Published: August 7, 2024

CVE-2024-34633

4.0
    Samsung Notes
  • Version(s): before 4.4.21.62
Published: August 7, 2024

CVE-2024-34634

4.0
    Samsung Notes
  • Version(s): before 4.4.21.62
Published: August 7, 2024

CVE-2024-34635

4.0
    Samsung Notes
  • Version(s): before 4.4.21.62
Published: August 7, 2024

CVE-2024-34636

4.0
    Samsung Email
  • Version(s): before 6.1.94.2
Published: August 7, 2024

CVE-2024-3973

None
    House Manager WordPress plugin
  • Version(s): through 1.0.8.4
Published: August 7, 2024

CVE-2024-42222

None
    Apache CloudStack
  • Version(s): 4.19.1.0
Published: August 7, 2024

CVE-2024-7265

None
    Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy EZD RP
  • Version(s): 15 - 15.83, 16 - 16.14, 17 - 17.1
Published: August 7, 2024

CVE-2024-7266

None
    Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy EZD RP
  • Version(s): 15 - 15.84, 16 - 16.15, 17 - 17.2
Published: August 7, 2024

CVE-2024-7267

None
    Naukowa i Akademicka Sieć Komputerowa - Państwowy Instytut Badawczy EZD RP
  • Version(s): before 19.6
Published: August 7, 2024

CVE-2024-43044

None
    Jenkins
  • Version(s): 2.470 and earlier, LTS 2.452.3 and earlier
Published: August 7, 2024

CVE-2024-43045

None
    Jenkins
  • Version(s): 2.470 and earlier, LTS 2.452.3 and earlier
Published: August 7, 2024

CVE-2024-34480

None
    SourceCodester Computer Laboratory Management System
  • Version(s): 1.0
Published: August 7, 2024

CVE-2024-41246

None
    Kashipara Responsive School Management System
  • Version(s): 3.2.0
Published: August 7, 2024

CVE-2024-41251

None
    Kashipara Responsive School Management System
  • Version(s): 3.2.0
Published: August 7, 2024

CVE-2024-41309

None
    Enjay CRM OS
  • Version(s): 1.0
Published: August 7, 2024

CVE-2024-42232

None
    Linux Kernel
Published: August 7, 2024

CVE-2024-42233

None
    Linux Kernel
Published: August 7, 2024

CVE-2024-42234

None
    Linux Kernel
  • Version(s): 6.7, 6.10-rc6
Published: August 7, 2024

CVE-2024-42235

None
    Linux Kernel
Published: August 7, 2024

CVE-2024-42236

None
    Linux kernel
Published: August 7, 2024

CVE-2024-42237

None
    Linux kernel
Published: August 7, 2024

CVE-2024-42238

None
    Linux kernel
Published: August 7, 2024

CVE-2024-42239

None
    Linux kernel
Published: August 7, 2024

CVE-2024-42240

None
    Linux kernel
Published: August 7, 2024

CVE-2024-42241

None
    Linux kernel
Published: August 7, 2024

CVE-2024-42242

None
    Linux kernel
Published: August 7, 2024

CVE-2024-42243

None
    Linux Kernel
Published: August 7, 2024

CVE-2024-42244

None
    Linux kernel
Published: August 7, 2024

CVE-2024-42245

None
    Linux Kernel
Published: August 7, 2024

CVE-2024-42246

None
    Linux kernel
Published: August 7, 2024

CVE-2024-42247

None
    Linux kernel
Published: August 7, 2024

CVE-2024-42248

None
    Linux kernel
Published: August 7, 2024

CVE-2024-42249

None
    Linux kernel
Published: August 7, 2024

CVE-2024-42250

None
    Linux kernel
Published: August 7, 2024

CVE-2024-41243

None
    Kashipara Responsive School Management System
  • Version(s): 3.2.0
Published: August 7, 2024

CVE-2024-41244

None
    Kashipara Responsive School Management System
  • Version(s): 3.2.0
Published: August 7, 2024

CVE-2024-41245

None
    Kashipara Responsive School Management System
  • Version(s): 3.2.0
Published: August 7, 2024

CVE-2024-41250

None
    Kashipara Responsive School Management System
  • Version(s): 3.2.0
Published: August 7, 2024

CVE-2024-41241

None
    Kashipara Responsive School Management System
  • Version(s): 3.2.0
Published: August 7, 2024

CVE-2024-41237

None
    Kashipara Responsive School Management System
  • Version(s): v1.0
Published: August 7, 2024

CVE-2024-41912

None
    Poly Clariti Manager
  • Version(s): up to 10.10.2.2
Published: August 7, 2024
Click here to see more Vulnerabilities