Tag: 2024-08-27

2 attack reports | 65 vulnerabilities

Attack reports

HZ Rat backdoor for macOS harvests data from WeChat and DingTalk

Published: August 27, 2024

A version of the HZ Rat backdoor targeting users of China’s WeChat and DingTalk was uploaded to VirusTotal in July 2023 and was not detected by any vendor, research by Kaspersky suggests.

Downloadable IOCs 10

backdoor
macos
trojan
2024-08-27
instant messengers
hz rat
dingtalk
wechat
openvpn

BlackSuit Ransomware

Published: August 27, 2024

The report meticulously chronicles a sophisticated intrusion which began in December 2023 and culminated in the deployment of BlackSuit ransomware approximately 15 days later. The threat actor demonstrated an array of tactics, leveraging tools like Cobalt Strike, Sharphound, and SystemBC, alongside…

Downloadable IOCs 16

ransomware
cobalt strike
discovery
lateral movement
credential access
cobaltstrike
blacksuit
systembc
2024-08-27
sharphound
get-datainfo.ps1
rubeus

HZ Rat backdoor for macOS harvests data from WeChat and DingTalk

Published: August 27, 2024

A version of the HZ Rat backdoor targeting users of China’s WeChat and DingTalk was uploaded to VirusTotal in July 2023 and was not detected by any vendor, research by Kaspersky suggests.

Downloadable IOCs 10

backdoor
macos
trojan
2024-08-27
instant messengers
hz rat
dingtalk
wechat
openvpn

BlackSuit Ransomware

Published: August 27, 2024

The report meticulously chronicles a sophisticated intrusion which began in December 2023 and culminated in the deployment of BlackSuit ransomware approximately 15 days later. The threat actor demonstrated an array of tactics, leveraging tools like Cobalt Strike, Sharphound, and SystemBC, alongside…

Downloadable IOCs 16

ransomware
cobalt strike
discovery
lateral movement
credential access
cobaltstrike
blacksuit
systembc
2024-08-27
sharphound
get-datainfo.ps1
rubeus
» Click here to see all Attack Reports «

Vulnerabilities

CVE-2024-45321

9.8
App::cpanminus package for Perl
cve@mitre.org
CWE-94
CWE-494
2024-08-27
CVE-2024-45321
Published: August 27, 2024

CVE-2024-4872

9.8
UNKNOWN
CWE-89
cybersecurity@hitachienergy.com
2024-08-27
CVE-2024-4872
CWE-943
Published: August 27, 2024

CVE-2024-7940

9.8
UNKNOWN
CWE-306
cybersecurity@hitachienergy.com
2024-08-27
CVE-2024-7940
Published: August 27, 2024

CVE-2024-7071

9.8
Brain Low-Code
CWE-89
iletisim@usom.gov.tr
2024-08-27
CVE-2024-7071
Published: August 27, 2024

CVE-2024-6633

9.8
FileCatalyst Workflow
CWE-200
CWE-798
df4dee71-de3a-4139-9588-11b62fe6c0ff
2024-08-27
CVE-2024-6633
Published: August 27, 2024

CVE-2024-41622

9.8
D-Link DIR-846W A1
cve@mitre.org
CWE-78
2024-08-27
CVE-2024-41622
Published: August 27, 2024

CVE-2024-44341

9.8
D-Link DIR-846W A1
cve@mitre.org
CWE-78
2024-08-27
CVE-2024-44341
Published: August 27, 2024

CVE-2024-44342

9.8
D-Link DIR-846W
cve@mitre.org
CWE-78
2024-08-27
CVE-2024-44342
Published: August 27, 2024

CVE-2024-36068

9.8
Rubrik CDM
cve@mitre.org
CWE-284
NVD-CWE-Other
2024-08-27
CVE-2024-36068
Published: August 27, 2024

CVE-2024-7720

9.8
HP Security Manager
hp-security-alert@hp.com
CWE-94
NVD-CWE-noinfo
2024-08-27
CVE-2024-7720
Published: August 27, 2024

CVE-2024-8210

9.8
D-Link DNS-120
CWE-78
cna@vuldb.com
CWE-77
2024-08-27
CVE-2024-8210
Published: August 27, 2024

CVE-2024-8211

9.8
D-Link DNS-120
CWE-78
cna@vuldb.com
CWE-77
2024-08-27
CVE-2024-8211
Published: August 27, 2024

CVE-2024-8212

9.8
D-Link DNS-120
cna@vuldb.com
CWE-77
2024-08-27
CVE-2024-8212
Published: August 27, 2024

CVE-2024-8213

9.8
D-Link DNS-120
CWE-78
cna@vuldb.com
CWE-77
2024-08-27
CVE-2024-8213
Published: August 27, 2024

CVE-2024-8214

9.8
D-Link DNS-120
CWE-78
cna@vuldb.com
CWE-77
2024-08-27
CVE-2024-8214
Published: August 27, 2024

CVE-2024-8217

9.8
SourceCodester E-Commerce Website
CWE-89
cna@vuldb.com
2024-08-27
CVE-2024-8217
Published: August 27, 2024

CVE-2024-8218

9.8
online_quiz_site
CWE-89
cna@vuldb.com
2024-08-27
CVE-2024-8218
Published: August 27, 2024

CVE-2024-8219

9.8
code-projects Responsive Hotel Site
CWE-89
cna@vuldb.com
2024-08-27
CVE-2024-8219
Published: August 27, 2024

CVE-2024-8220

9.8
Tailoring Management System
CWE-89
cna@vuldb.com
2024-08-27
CVE-2024-8220
Published: August 27, 2024

CVE-2024-8221

9.8
SourceCodester Music Gallery Site
CWE-89
cna@vuldb.com
2024-08-27
CVE-2024-8221
Published: August 27, 2024

CVE-2024-8222

9.8
music_gallery_site
CWE-89
cna@vuldb.com
2024-08-27
CVE-2024-8222
Published: August 27, 2024

CVE-2024-8223

9.8
music_gallery_site
CWE-89
cna@vuldb.com
2024-08-27
CVE-2024-8223
Published: August 27, 2024

CVE-2024-8224

9.8
g3_firmware
CWE-787
CWE-121
cna@vuldb.com
2024-08-27
CVE-2024-8224
Published: August 27, 2024

CVE-2024-8225

9.8
g3
CWE-787
CWE-121
cna@vuldb.com
2024-08-27
CVE-2024-8225
Published: August 27, 2024

CVE-2024-41174

9.0
TwinCAT/BSD
CWE-79
info@cert.vde.com
2024-08-27
CVE-2024-41174
Published: August 27, 2024

CVE-2024-3980

8.8
UNKNOWN
CWE-22
CWE-88
cybersecurity@hitachienergy.com
2024-08-27
CVE-2024-3980
Published: August 27, 2024

CVE-2024-44340

8.8
D-Link DIR-846W A1
cve@mitre.org
CWE-78
2024-08-27
CVE-2024-44340
Published: August 27, 2024

CVE-2024-45264

8.8
SkySystem Arfa-CMS
cve@mitre.org
CWE-352
2024-08-27
CVE-2024-45264
Published: August 27, 2024

CVE-2024-3982

8.2
MicroSCADA X SYS600
cybersecurity@hitachienergy.com
CWE-294
2024-08-27
CVE-2024-3982
Published: August 27, 2024

CVE-2024-8181

8.1
Flowise
CWE-287
vulnreport@tenable.com
2024-08-27
CVE-2024-8181
Published: August 27, 2024

CVE-2022-39997

8.0
Teldat Router RS123
cve@mitre.org
CWE-521
2024-08-27
CVE-2022-39997
Published: August 27, 2024

CVE-2024-7125

7.8
Hitachi Ops Center Common Services
CWE-288
hirt@hitachi.co.jp
2024-08-27
CVE-2024-7125
Published: August 27, 2024

CVE-2024-41173

7.8
TwinCAT/BSD
info@cert.vde.com
CWE-288
NVD-CWE-Other
2024-08-27
CVE-2024-41173
Published: August 27, 2024

CVE-2024-42851

7.8
exiftags
cve@mitre.org
CWE-787
CWE-122
2024-08-27
CVE-2024-42851
Published: August 27, 2024

CVE-2024-8182

7.5
Flowise
CWE-400
vulnreport@tenable.com
NVD-CWE-noinfo
2024-08-27
CVE-2024-8182
Published: August 27, 2024

CVE-2024-43414

7.5
@apollo/query-planner
security-advisories@github.com
CWE-674
2024-08-27
CVE-2024-43414
Published: August 27, 2024

CVE-2024-43783

7.5
Apollo Router Core
security-advisories@github.com
CWE-770
2024-08-27
CVE-2024-43783
Published: August 27, 2024

CVE-2024-5991

7.5
wolfSSL
CWE-125
2024-08-27
facts@wolfssl.com
CVE-2024-5991
Published: August 27, 2024

CVE-2024-45038

7.5
Meshtastic device firmware
security-advisories@github.com
CWE-755
2024-08-27
CVE-2024-45038
Published: August 27, 2024

CVE-2024-45049

7.5
Hydra
security-advisories@github.com
CWE-306
2024-08-27
CVE-2024-45049
Published: August 27, 2024

CVE-2024-41176

7.3
TwinCAT/BSD
CWE-120
info@cert.vde.com
NVD-CWE-Other
2024-08-27
CVE-2024-41176
Published: August 27, 2024

CVE-2024-6632

7.2
FileCatalyst Workflow
CWE-89
df4dee71-de3a-4139-9588-11b62fe6c0ff
2024-08-27
CVE-2024-6632
Published: August 27, 2024

CVE-2024-8207

6.7
MongoDB Server
CWE-610
cna@mongodb.com
CWE-114
2024-08-27
CVE-2024-8207
Published: August 27, 2024

CVE-2024-6789

6.5
M-Files Server
CWE-22
security@m-files.com
2024-08-27
CVE-2024-6789
Published: August 27, 2024

CVE-2024-40395

6.5
PTC ThingWorx
cve@mitre.org
CWE-639
2024-08-27
CVE-2024-40395
Published: August 27, 2024

CVE-2024-8046

6.4
Logo Showcase Ultimate - Logo Carousel, Logo Slider & Logo Grid plugin for WordPress
CWE-79
security@wordfence.com
2024-08-27
CVE-2024-8046
Published: August 27, 2024

CVE-2024-7791

6.4
140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress
CWE-79
security@wordfence.com
2024-08-27
CVE-2024-7791
Published: August 27, 2024

CVE-2024-45037

6.4
AWS Cloud Development Kit (CDK)
security-advisories@github.com
CWE-863
2024-08-27
CVE-2024-45037
Published: August 27, 2024

CVE-2024-7941

6.1
UNKNOWN
CWE-601
cybersecurity@hitachienergy.com
2024-08-27
CVE-2024-7941
Published: August 27, 2024

CVE-2024-43788

6.1
Webpack
security-advisories@github.com
CWE-79
2024-08-27
CVE-2024-43788
Published: August 27, 2024

CVE-2024-8208

6.1
nafisulbari/itsourcecode Insurance Management System
CWE-79
cna@vuldb.com
2024-08-27
CVE-2024-8208
Published: August 27, 2024

CVE-2024-8209

6.1
nafisulbari/itsourcecode Insurance Management System
CWE-79
cna@vuldb.com
2024-08-27
CVE-2024-8209
Published: August 27, 2024

CVE-2024-7608

5.9
Trellix
trellixpsirt@trellix.com
CWE-35
2024-08-27
CVE-2024-7608
Published: August 27, 2024

CVE-2024-41175

5.5
TwinCAT/BSD
CWE-770
info@cert.vde.com
2024-08-27
CVE-2024-41175
Published: August 27, 2024

CVE-2024-6804

5.4
Jeg Elementor Kit plugin for WordPress
CWE-79
security@wordfence.com
2024-08-27
CVE-2024-6804
Published: August 27, 2024

CVE-2024-7304

5.4
Ninja Tables - Easiest Data Table Builder plugin for WordPress
CWE-79
security@wordfence.com
2024-08-27
CVE-2024-7304
Published: August 27, 2024

CVE-2024-8216

5.4
nafisulbari/itsourcecode Insurance Management System
CWE-284
cna@vuldb.com
NVD-CWE-noinfo
2024-08-27
CVE-2024-8216
Published: August 27, 2024

CVE-2024-5288

5.1
wolfSSL
CWE-922
2024-08-27
facts@wolfssl.com
CVE-2024-5288
Published: August 27, 2024

CVE-2022-39996

4.8
Teldat Router RS123
cve@mitre.org
CWE-79
2024-08-27
CVE-2022-39996
Published: August 27, 2024

CVE-2024-6688

4.3
Oxygen Builder plugin for WordPress
security@wordfence.com
CWE-862
2024-08-27
CVE-2024-6688
Published: August 27, 2024

CVE-2024-8199

4.3
Reviews Feed - Add Testimonials and Customer Reviews plugin for WordPress
security@wordfence.com
CWE-862
2024-08-27
CVE-2024-8199
Published: August 27, 2024

CVE-2024-8200

4.3
Reviews Feed - Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More plugin for WordPress
security@wordfence.com
CWE-352
2024-08-27
CVE-2024-8200
Published: August 27, 2024

CVE-2024-1544

4.1
wolfSSL
CWE-203
2024-08-27
CVE-2024-1544
facts@wolfssl.com
Published: August 27, 2024

CVE-2024-8197

None
Visual Sound plugin for WordPress
security@wordfence.com
CWE-352
2024-08-27
CVE-2024-8197
Published: August 27, 2024

CVE-2024-5814

None
wolfSSL
CWE-284
2024-08-27
facts@wolfssl.com
CVE-2024-5814
Published: August 27, 2024
» Click here to see all Vulnerabilities «