Tag: 2024-08-28

4 Attack Reports | 73 Vulnerabilities

Attack reports

Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations

This advisory outlines the activities of an Iran-based cyber threat group that has conducted numerous intrusions against organizations in the United States and other countries since 2017, with the goal of obtaining network access to facilitate ransomware attacks. The group, known by various names s…
ransomware
state-sponsored
credential-theft
blackcat
alphv
CVE-2024-3400
iran
CVE-2024-21887
CVE-2024-24919
noberus
2024-08-28
webshells
CVE-2022-1388
CVE-2023-3519
noescape
ransomhouse
CVE-2019-19781
Published: August 28, 2024
Downloadable IOCs: 33

BlackByte blends tried-and-true tradecraft with newly disclosed vulnerabilities to support ongoing attacks

The BlackByte ransomware group continues leveraging established tactics and vulnerable drivers to bypass security controls, while also incorporating newly disclosed vulnerabilities and using stolen credentials for propagation. A new iteration of their encryptor appends the 'blackbytent_h' extension…
ransomware
worm
CVE-2024-37085
authentication
2024-08-28
byovd
exbyte
blackbytent
Published: August 28, 2024
Downloadable IOCs: 4

A Comprehensive Analysis of Angry Stealer: Rage Stealer in a New Disguise

CYFIRMA's research team recently identified a sophisticated dropper binary designed to deploy an information stealer, dubbed 'Angry Stealer,' actively advertised on Telegram and other online platforms. The stealer targets sensitive data from browsers, cryptocurrency wallets, VPN credentials, and sy…
infostealer
exfiltration
dropper
rebranded
telegram
2024-08-28
rage stealer
angry stealer
stepasha.exe
motherrussia.exe
Published: August 28, 2024
Downloadable IOCs: 2

Sophisticated Malware Campaign Targets Czech Officials Using NATO-Themed Decoys

Seqrite Labs APT-Team discovered a sophisticated malware campaign targeting government and military officials in the Czech Republic. The campaign leveraged NATO-themed decoy documents to lure victims and employed a multistage attack chain involving a malicious batch script, a Rust-based loader, and…
evasion
persistence
injection
rust
2024-08-28
havoc
nato
czech republic
decoy
freeze
Published: August 28, 2024
Downloadable IOCs: 13
Click here to see more Attack Reports

Vulnerabilities

CVE-2021-22530

9.9
    Microfocus
  • Netiq Advanced Authentication
Published: August 28, 2024

CVE-2024-8226

9.8
    Tenda
  • O1 Firmware
  • O1
Published: August 28, 2024

CVE-2024-8227

9.8
    Tenda
  • O1 Firmware
  • O1
Published: August 28, 2024

CVE-2024-8228

9.8
    Tenda
  • O5 Firmware
  • O5
Published: August 28, 2024

CVE-2024-8229

9.8
    Tenda
  • O6 Firmware
  • O6
Published: August 28, 2024

CVE-2024-8230

9.8
    Tenda
  • O6 Firmware
  • O6
Published: August 28, 2024

CVE-2024-8030

9.8
    Ultimate Store Kit Elementor Addons
  • Version(s): up to 2.0.3
    Woocommerce Builder
  • Version(s): up to 2.0.3
    EDD Builder
  • Version(s): up to 2.0.3
    Elementor Store Builder
  • Version(s): up to 2.0.3
    Product Grid
  • Version(s): up to 2.0.3
    Product Table
  • Version(s): up to 2.0.3
    Woocommerce Slider plugin
  • Version(s): up to 2.0.3
Published: August 28, 2024

CVE-2023-26321

9.8
    Mi
  • File Manager
Published: August 28, 2024

CVE-2023-26322

9.8
    Mi
  • Getapps
Published: August 28, 2024

CVE-2023-26323

9.8
    Mi
  • App Market
Published: August 28, 2024

CVE-2023-26324

9.8
    Mi
  • Getapps
Published: August 28, 2024

CVE-2024-34198

9.8
    TOTOLINK AC1200 Wireless Router A3002RU
  • Version(s): V2.1.1-B20230720.1011
Published: August 28, 2024

CVE-2024-42905

9.8
    DCME-320
  • Version(s): 7.4.12.60
Published: August 28, 2024

CVE-2024-44761

9.8
    Gzequan
  • Eq Enterprise Management System
Published: August 28, 2024

CVE-2024-34195

9.8
    Totolink
  • A3002r Firmware
  • A3002r
Published: August 28, 2024

CVE-2024-8231

8.8
    Tenda O6
  • Version(s): 1.0.0.7(2054)
Published: August 28, 2024

CVE-2021-38121

8.8
    Microfocus
  • Netiq Advanced Authentication
Published: August 28, 2024

CVE-2024-45346

8.8
    Xiaomi Security Center
Published: August 28, 2024

CVE-2024-5546

8.8
    Zohocorp
  • Manageengine Pam360
  • Manageengine Password Manager Pro
Published: August 28, 2024

CVE-2024-45059

8.8
    Portabilis
  • I-Educar
Published: August 28, 2024

CVE-2024-8193

8.8
    Google
  • Chrome
Published: August 28, 2024

CVE-2024-8194

8.8
    Google
  • Chrome
Published: August 28, 2024

CVE-2024-8198

8.8
    Google
  • Chrome
Published: August 28, 2024

CVE-2024-20446

8.6
    Cisco NX-OS Software
Published: August 28, 2024

CVE-2024-39584

8.2
    Dell Client Platform BIOS
Published: August 28, 2024

CVE-2021-38122

8.2
    Microfocus
  • Netiq Advanced Authentication
Published: August 28, 2024

CVE-2024-7745

8.1
    Progress
  • Ws Ftp Server
Published: August 28, 2024

CVE-2024-45058

8.1
    Portabilis
  • I-Educar
Published: August 28, 2024

CVE-2024-42793

8.0
    Lopalopa
  • Music Management System
Published: August 28, 2024

CVE-2024-4555

7.5
    Microfocus
  • Netiq Access Manager
Published: August 28, 2024

CVE-2024-4556

7.5
    Microfocus
  • Netiq Access Manager
Published: August 28, 2024

CVE-2024-44760

7.5
    Sunmochina
  • Enterprise Management System
Published: August 28, 2024

CVE-2021-38120

7.2
    Microfocus
  • Netiq Advanced Authentication
Published: August 28, 2024

CVE-2024-6311

7.2
    Funnelforms
  • Funnelforms Free
Published: August 28, 2024

CVE-2024-41236

7.2
    Lopalopa
  • Responsive School Management System
Published: August 28, 2024

CVE-2024-39771

6.8
    Safie
  • Qbic Cloud Cc-2\/2l Firmware
  • Qbic Cloud Cc-2\/2l
  • Safie One Firmware
  • Safie One
Published: August 28, 2024

CVE-2023-43078

6.7
    Dell Client Platform
    Dell Dock Firmware
Published: August 28, 2024

CVE-2024-20411

6.7
    Cisco NX-OS Software
Published: August 28, 2024

CVE-2024-20413

6.7
    Cisco NX-OS Software
Published: August 28, 2024

CVE-2024-45054

6.7
    Hwameistor
  • Hwameistor
Published: August 28, 2024

CVE-2021-22509

6.5
    Microfocus
  • Netiq Advanced Authentication
Published: August 28, 2024

CVE-2024-6312

6.5
    Funnelforms
  • Funnelforms Free
Published: August 28, 2024

CVE-2024-6449

6.5
    Hyperview
  • Geoportal Toolkit
Published: August 28, 2024

CVE-2024-20478

6.5
    Cisco Application Policy Infrastructure Controller (APIC)
    Cisco Cloud Network Controller
Published: August 28, 2024

CVE-2024-7744

6.5
    Progress
  • Ws Ftp Server
Published: August 28, 2024

CVE-2024-45048

6.5
    Phpoffice
  • Phpspreadsheet
Published: August 28, 2024

CVE-2024-6450

6.1
    Hyperview
  • Geoportal Toolkit
Published: August 28, 2024

CVE-2024-42900

6.1
    Ruoyi
  • Version(s): 4.7.9 and before
Published: August 28, 2024

CVE-2024-43805

6.1
    Jupyter
  • Jupyterlab
  • Notebook
Published: August 28, 2024

CVE-2024-45057

6.1
    Portabilis
  • I-Educar
Published: August 28, 2024

CVE-2021-22529

5.5
    Microfocus
  • Netiq Advanced Authentication
Published: August 28, 2024

CVE-2024-44943

5.5
    Linux
  • Linux Kernel
Published: August 28, 2024

CVE-2024-44913

5.5
    Irfanview
  • Irfanview
Published: August 28, 2024

CVE-2024-44914

5.5
    Irfanview
  • Irfanview
Published: August 28, 2024

CVE-2024-44915

5.5
    Irfanview
  • Irfanview
Published: August 28, 2024

CVE-2024-4554

5.4
    Microfocus
  • Netiq Access Manager
Published: August 28, 2024

CVE-2024-7269

5.4
    Connx
  • Esp Hr Management
Published: August 28, 2024

CVE-2024-45046

5.4
    Phpoffice
  • Phpspreadsheet
Published: August 28, 2024

CVE-2024-7573

5.3
    Relevanssi Live Ajax Search plugin for WordPress
  • Version(s): up to 2.4
Published: August 28, 2024

CVE-2024-6448

5.3
    Mollie Payments for WooCommerce plugin
  • Version(s): up to 7.7.0
Published: August 28, 2024

CVE-2024-7447

5.3
    Funnelforms
  • Funnelforms Free
Published: August 28, 2024

CVE-2024-8195

5.3
    Permalink Manager Lite Project
  • Permalink Manager Lite
Published: August 28, 2024

CVE-2024-42698

5.3
    Shedaniel
  • Roughlyenoughitems
Published: August 28, 2024

CVE-2024-20284

5.3
    Cisco NX-OS Software
Published: August 28, 2024

CVE-2024-20285

5.3
    Cisco NX-OS Software
Published: August 28, 2024

CVE-2024-20286

5.3
    Cisco NX-OS Software
Published: August 28, 2024

CVE-2024-41564

5.3
    Emilyploszaj
  • Emi
Published: August 28, 2024

CVE-2024-41565

5.3
    Mezz
  • Justenoughitems
Published: August 28, 2024

CVE-2024-45043

5.3
    OpenTelemetry Collector
  • Version(s): v0.49.0 - v0.108.0
Published: August 28, 2024

CVE-2024-20289

4.4
    Cisco NX-OS Software
Published: August 28, 2024

CVE-2024-20279

4.3
    Cisco Application Policy Infrastructure Controller (APIC)
Published: August 28, 2024

CVE-2024-6053

4.3
    Teamviewer
  • Meeting
  • Teamviewer
    Apple
    Linux
    Microsoft
Published: August 28, 2024

CVE-2023-45896

None
    Linux Kernel
  • Version(s): before 6.5.11
Published: August 28, 2024
Click here to see more Vulnerabilities