Tag: 2024-08-19

6 Attack Reports | 76 Vulnerabilities

Attack reports

SMS Spam Shipping Multi-Tool Targeting SaaS Credentials

Xeon Sender is a Python script that enables threat actors to conduct SMS spam and smishing campaigns by leveraging legitimate APIs from nine different SaaS providers. It was first observed in 2022 and has been rebranded by various threat actors. The tool facilitates bulk SMS spam attacks, taking ad…
smishing
2024-08-19
xeon sender
Published: August 19, 2024
Downloadable IOCs: 0

Ailurophile: G DATA has sighted a new info stealer in the wild

G DATA has detected a novel information-stealing malware, dubbed 'Ailurophile Stealer'. It is a PHP-based stealer offered through a subscription model on its dedicated website. Customers utilize a web panel to generate customized malware variants, specifying features such as the malware name, icon,…
infostealer
stealer
exfiltration
credential theft
2024-08-19
cryptocurrency theft
ailurophile stealer
Published: August 19, 2024
Downloadable IOCs: 2

Strike Ready: Introducing the Bitter APT Group

The report provides an in-depth analysis of the Bitter APT Group, a threat actor primarily focusing on cyber espionage activities in South Asia. It details the group's tactics, techniques, and procedures, including their ability to bypass security technologies by leveraging obscure file formats and…
espionage
persistence
infostealers
backdoors
2024-08-19
olmapi32.dll
scm.exe
stom.jpg
sparrow.jpg
schs.exe
orpcbackdoor
figlio.exe
sstn.exe
payloads
searchapp.jpg
Published: August 19, 2024
Downloadable IOCs: 82

TodoSwift Disguises Malware Download Behind Bitcoin PDF

This report details a macOS threat actor likely originating from North Korea that employs a dropper application written in Swift/SwiftUI. The dropper presents the user with a seemingly legitimate Bitcoin pricing PDF while simultaneously downloading and executing a malicious payload. The malware's t…
cryptocurrency
macos
dropper
2024-08-19
rustbucket
kandykorn
todoswift
Published: August 19, 2024
Downloadable IOCs: 7

The Abuse of ITarian RMM by Dolphin Loader

This report explores how the Dolphin Loader, a malware-as-a-service loader, abuses the legitimate ITarian Remote Monitoring and Management (RMM) software to distribute various malware payloads. The loader leverages the built-in functionality of RMM tools, such as remote command execution and system…
stealthy
python
lummac2
rhadamanthys
rmm
darkgate
redline
autoit
malware-as-a-service
sectoprat
2024-08-19
itarian
evade
dolphin loader
Published: August 19, 2024
Downloadable IOCs: 24

Exploring the D3F@ck Malware-as-a-Service Loader

This report analyzes the D3F@ck Loader, a malware-as-a-service (MaaS) offering orchestrated by an individual going by the alias Sergei Panteleevich. The loader utilizes various evasion techniques, including the use of Extended Validation certificates, Inno Setup installers with custom Pascal script…
malware
loader
obfuscation
stealer
danabot
metastealer
sectoprat
2024-08-19
raccoon stealer
certificates
d3f@ck loader
Published: August 19, 2024
Linked vulnerabilities : CVE-2024-7593 (CVSS 9.8)
Downloadable IOCs: 4
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-37099

10.0
    GiveWP
Published: August 19, 2024

CVE-2024-43242

10.0
    Wpindeed
  • Ultimate Membership Pro
Published: August 19, 2024

CVE-2024-7919

9.8
    Jielink\+ Jsotc2016 Project
  • Jielink\+ Jsotc2016
Published: August 19, 2024

CVE-2024-7920

9.8
    Jielink\+ Jsotc2016 Project
  • Jielink\+ Jsotc2016
Published: August 19, 2024

CVE-2024-44076

9.8
    Microcks
  • Microcks
Published: August 19, 2024

CVE-2024-7921

9.8
    Jielink\+ Jsotc2016 Project
  • Jielink\+ Jsotc2016
Published: August 19, 2024

CVE-2024-6330

9.8
    GEO my WP WordPress plugin
Published: August 19, 2024

CVE-2024-43399

9.8
    Opensecurity
  • Mobile Security Framework
Published: August 19, 2024

CVE-2024-7922

9.8
    Dell
  • Dns-120 Firmware
  • Dns-120
  • Dnr-202l Firmware
  • Dnr-202l
  • Dns-315l Firmware
  • Dns-315l
  • Dns-320 Firmware
  • Dns-320
  • Dns-320l Firmware
  • Dns-320l
  • Dns-320lw Firmware
  • Dns-320lw
  • Dns-321 Firmware
  • Dns-321
  • Dnr-322l Firmware
  • Dnr-322l
  • Dns-323 Firmware
  • Dns-323
  • Dns-325 Firmware
  • Dns-325
  • Dns-326 Firmware
  • Dns-326
  • Dns-327l Firmware
  • Dns-327l
  • Dnr-326 Firmware
  • Dnr-326
  • Dns-340l Firmware
  • Dns-340l
  • Dns-343 Firmware
  • Dns-343
  • Dns-345 Firmware
  • Dns-345
  • Dns-726-4 Firmware
  • Dns-726-4
  • Dns-1100-4 Firmware
  • Dns-1100-4
  • Dns-1200-05 Firmware
  • Dns-1200-05
  • Dns-1550-04 Firmware
  • Dns-1550-04
Published: August 19, 2024

CVE-2024-42658

9.8
    Nepstech
  • Ntpl-Xpon1gfevn Firmware
  • Ntpl-Xpon1gfevn
Published: August 19, 2024

CVE-2024-43240

9.8
    Wpindeed
  • Ultimate Membership Pro
Published: August 19, 2024

CVE-2024-43245

9.8
    eyecix JobSearch
Published: August 19, 2024

CVE-2024-42812

9.8
    Dlink
  • Dir-860l Firmware
  • Dir-860l
Published: August 19, 2024

CVE-2024-42813

9.8
    TRENDnet TEW-752DRU
Published: August 19, 2024

CVE-2024-42815

9.8
    TP-Link RE365
Published: August 19, 2024

CVE-2024-43311

9.8
    Login As Users
Published: August 19, 2024

CVE-2024-43354

9.8
    myCred
Published: August 19, 2024

CVE-2024-7933

9.8
    Project Expense Monitoring System Project
  • Project Expense Monitoring System
Published: August 19, 2024

CVE-2024-7934

9.8
    Project Expense Monitoring System Project
  • Project Expense Monitoring System
Published: August 19, 2024

CVE-2024-7935

9.8
    Project Expense Monitoring System Project
  • Project Expense Monitoring System
Published: August 19, 2024

CVE-2024-43261

9.6
    Compute Links
Published: August 19, 2024

CVE-2024-43248

9.1
    Bitapps
  • Bit Form
Published: August 19, 2024

CVE-2024-43252

9.0
    Crew HRM
Published: August 19, 2024

CVE-2024-42633

8.8
    Linksys
  • E1500 Firmware
  • E1500
Published: August 19, 2024

CVE-2024-43247

8.8
    WHMpress
Published: August 19, 2024

CVE-2024-43249

8.8
    Bitapps
  • Bit Form
Published: August 19, 2024

CVE-2024-7930

8.8
    Oretnom23
  • Clinic Patient Management System
Published: August 19, 2024

CVE-2024-7931

8.8
    Tamparongj 03
  • Online Graduate Tracer System
Published: August 19, 2024

CVE-2024-43221

8.5
    Crocoblock JetGridBuilder
Published: August 19, 2024

CVE-2024-43232

8.5
    WP OnlineSupport
    Essential Plugin Timeline and History slider
Published: August 19, 2024

CVE-2024-43271

8.5
    Themelocation Woo Products Widgets For Elementor
Published: August 19, 2024

CVE-2024-44067

8.4
    T-Head XuanTie C910 CPU in TH1520 SoC
    T-Head XuanTie C920 CPU in SOPHON SG2042
Published: August 19, 2024

CVE-2024-43328

8.3
    WPDeveloper EmbedPress
Published: August 19, 2024

CVE-2024-43401

8.0
    Xwiki
  • Xwiki
Published: August 19, 2024

CVE-2024-32927

7.8
    Google
  • Android
Published: August 19, 2024

CVE-2024-4785

7.6
    UNKNOWN
Published: August 19, 2024

CVE-2024-44070

7.5
    Frrouting
  • Frrouting
    Redhat
Published: August 19, 2024

CVE-2024-44073

7.5
    Rust-Bitcoin
  • Miniscript
Published: August 19, 2024

CVE-2024-44083

7.5
    Hex-Rays
  • Ida Pro
Published: August 19, 2024

CVE-2024-43380

7.5
    Floraison
  • Fugit
Published: August 19, 2024

CVE-2024-6348

7.5
    Nissan-Global
  • Blind Spot Protection Sensor Ecu Firmware
  • Altima
Published: August 19, 2024

CVE-2024-42657

7.5
    Nepstech
  • Ntpl-Xpon1gfevn Firmware
  • Ntpl-Xpon1gfevn
Published: August 19, 2024

CVE-2024-7924

7.5
    Zzcms
  • Zzcms
Published: August 19, 2024

CVE-2024-7925

7.5
    Zzcms
  • Zzcms
Published: August 19, 2024

CVE-2024-7592

7.5
    Python
  • Python
Published: August 19, 2024

CVE-2024-43345

7.5
    PluginOps Landing Page Builder
Published: August 19, 2024

CVE-2024-7926

7.5
    Zzcms
  • Zzcms
Published: August 19, 2024

CVE-2024-7927

7.5
    Zzcms
  • Zzcms
Published: August 19, 2024

CVE-2024-7928

7.5
    Fastadmin
  • Fastadmin
Published: August 19, 2024

CVE-2024-6451

7.2
    AI Engine WordPress plugin
Published: August 19, 2024

CVE-2024-43256

7.1
    Leopard - WordPress offload media
Published: August 19, 2024

CVE-2024-43250

6.5
    Bitapps
  • Bit Form
Published: August 19, 2024

CVE-2024-35539

6.5
    Typecho
Published: August 19, 2024

CVE-2024-6843

6.1
    Chatbot with ChatGPT WordPress plugin
Published: August 19, 2024

CVE-2024-23729

6.1
    Heytap
  • Internet Browser
Published: August 19, 2024

CVE-2024-7929

6.1
    Oretnom23
  • Simple Forum Website
Published: August 19, 2024

CVE-2024-32928

5.9
    Google
  • Nest Mini Firmware
  • Nest Mini
    Haxx
Published: August 19, 2024

CVE-2024-25582

5.4
    Open-Xchange
Published: August 19, 2024

CVE-2024-43400

5.4
    Xwiki
  • Xwiki
Published: August 19, 2024

CVE-2024-43326

5.4
    Jamie Bergen Plugin Notes Plus
Published: August 19, 2024

CVE-2024-43272

5.3
    Icegram
Published: August 19, 2024

CVE-2024-43281

5.3
    VOID CODERS Void Elementor Post Grid Addon for Elementor Page builder
Published: August 19, 2024

CVE-2024-35538

5.3
    Typecho
Published: August 19, 2024

CVE-2024-43236

4.7
    Easy PayPal Buy Now Button
Published: August 19, 2024

CVE-2024-43280

4.7
    Salon Booking System
Published: August 19, 2024

CVE-2024-43317

4.3
    RegistrationMagic
Published: August 19, 2024

CVE-2024-43379

3.1
    Trufflesecurity
  • Trufflehog
Published: August 19, 2024

CVE-2024-44069

None
    Pi-hole
Published: August 19, 2024

CVE-2024-42675

None
    UNKNOWN
Published: August 19, 2024

CVE-2024-39306

None
    UNKNOWN
Published: August 19, 2024

CVE-2024-43372

None
    UNKNOWN
Published: August 19, 2024

CVE-2022-1443

None
    UNKNOWN
Published: August 19, 2024

CVE-2022-4404

None
    UNKNOWN
Published: August 19, 2024

CVE-2022-4411

None
    UNKNOWN
Published: August 19, 2024

CVE-2022-4425

None
    UNKNOWN
Published: August 19, 2024

CVE-2024-7958

None
    UNKNOWN
Published: August 19, 2024
Click here to see more Vulnerabilities