SecuriTricks - 2024-09-02

Attack Reports

Title	Published	Tags	Description	Number of indicators
Spoofed GlobalProtect Used to Deliver Unique WikiLoader Variant	Sept. 2, 2024, 8:55 p.m.	globalprotect seo poisoning dll sideloading 2024-09-02 wikiloader wailingcrab loader-for-rent	A variant of WikiLoader loader for rent, also known as WailingCrab, is being delivered via SEO poisoning and spoofing of GlobalPr…	46
Head Mare: adventures of a unicorn in Russia and Belarus	Sept. 2, 2024, 8:52 p.m.	phishing ransomware russia belarus lockbit CVE-2023-38831 2024-09-02 babuk vasa locker phantomdl phantomcore babyk hacktivists	Head Mare is a hacktivist group targeting companies in Russia and Belarus since 2023. They use phishing campaigns exploiting the …	52
Stone Wolf employs Meduza Stealer to hack Russian companies	Sept. 2, 2024, 8:50 p.m.	phishing data theft meduza stealer 2024-09-02 industrial automation russian companies	A malicious campaign by a group called Stone Wolf has been targeting Russian companies using phishing emails impersonating a legi…	41
North Korean threat actor Citrine Sleet exploiting Chromium zero-day	Sept. 2, 2024, 8:46 p.m.	fudmodule CVE-2024-7971 2024-09-02 diamond sleet citrine sleet hidden cobra	Microsoft identified a North Korean threat actor exploiting a zero-day vulnerability in Chromium, now identified as CVE-2024-7971…	2
The Malware That Must Not Be Named: Suspected Espionage Campaign Delivers 'Voldemort'	Sept. 2, 2024, 8:33 p.m.	apt espionage cobalt strike 2024-09-02 tax authorities voldemort	Proofpoint researchers uncovered an unusual campaign delivering custom malware named "Voldemort". The activity impersonated tax a…	27
Ransomware Roundup - Underground	Sept. 2, 2024, 4:21 p.m.	windows encryption 2024-09-02 romcom data leak CVE-2023-36884 storm-0978 underground	The Underground ransomware, first observed in July 2023, targets Windows machines by encrypting files and demanding ransom. Attri…	4
The trojan horse that wanted to fly	Sept. 2, 2024, 4:18 p.m.	phishing remote access banking trojan brazil keylogging mobile malware 2024-09-02 device takeover hook rocinante ermac	Rocinante is a new strain of mobile malware originating from Brazil, capable of keylogging, stealing PII through phishing, and pe…	4
Exploring AsyncRAT and Infostealer Plugin Delivery Through…	Sept. 2, 2024, 4:14 p.m.	phishing powershell infostealer asyncrat vbscript 2024-09-02 process hollowing cryptocurrency wallets browser data theft	This analysis details an AsyncRAT infection observed in August 2024, delivered via email. The attack chain involves a Windows Scr…	8
Silent Intrusions: Godzilla Fileless Backdoors Targeting Atlassian Confluence	Sept. 2, 2024, 4:06 p.m.	godzilla remote code execution 2024-09-02 aes encryption CVE-2023-22527 atlassian confluence fileless backdoor in-memory	Trend Micro researchers have identified a new attack vector exploiting CVE-2023-22527 in older versions of Atlassian Confluence D…	0
The Emerging Dynamics of Deepfake Scam Campaigns on the Web	Sept. 2, 2024, 3:47 p.m.	phishing social engineering impersonation fraud ai scams 2024-08-29 genai deepfakes 2024-09-02 investment fraud infrastructure analysis	Researchers have uncovered dozens of scam campaigns utilizing deepfake videos featuring public figures like CEOs, news anchors, a…	428
Exploring Newly Released Top-Level Domains	Sept. 2, 2024, 3:40 p.m.	phishing dns cybersecurity 2024-09-02 domain abuse top-level domains graph-based detection redirection campaigns domain registration torrenting	An investigation into 19 new top-level domains (TLDs) released in the past year revealed various malicious activities, including …	22

» Click here to see all Attack Reports «

Vulnerabilities

CVE	CVSS	Published	Product impacted	Tags
CVE-2024-28100	8.9	Sept. 2, 2024, 6:15 p.m.	eLabFTW	security-advisories@github.com CWE-79 2024-09-02 CVE-2024-28100
CVE-2024-41157	8.8	Sept. 2, 2024, 5:15 a.m.	OpenHarmony	CWE-416 scy@openharmony.io 2024-09-02 CVE-2024-41157
CVE-2024-41160	8.8	Sept. 2, 2024, 5:15 a.m.	OpenHarmony	CWE-416 scy@openharmony.io 2024-09-02 CVE-2024-41160
CVE-2024-7932	8.7	Sept. 2, 2024, 12:15 p.m.	3DSwymer	CWE-79 3DS.Information-Security@3ds.com 2024-09-02 CVE-2024-7932
CVE-2024-7938	8.7	Sept. 2, 2024, 12:15 p.m.	3DDashboard	CWE-79 3DS.Information-Security@3ds.com 2024-09-02 CVE-2024-7938
CVE-2024-7939	8.7	Sept. 2, 2024, 12:15 p.m.	3DSwym	CWE-79 3DS.Information-Security@3ds.com 2024-09-02 CVE-2024-7939
CVE-2024-8004	8.7	Sept. 2, 2024, 12:15 p.m.	ENOVIA Collaborative Industry Innovator	CWE-79 3DS.Information-Security@3ds.com 2024-09-02 CVE-2024-8004
CVE-2024-38386	8.4	Sept. 2, 2024, 5:15 a.m.	OpenHarmony	CWE-787 scy@openharmony.io 2024-09-02 CVE-2024-38386
CVE-2024-39816	8.4	Sept. 2, 2024, 5:15 a.m.	OpenHarmony	CWE-787 scy@openharmony.io 2024-09-02 CVE-2024-39816
CVE-2024-23365	8.4	Sept. 2, 2024, 12:15 p.m.	UNKNOWN	CWE-416 product-security@qualcomm.com 2024-09-02 CVE-2024-23365
CVE-2024-33035	8.4	Sept. 2, 2024, 12:15 p.m.	Qualcomm Graphics Component	CWE-190 product-security@qualcomm.com 2024-09-02 CVE-2024-33035
CVE-2024-33045	8.4	Sept. 2, 2024, 12:15 p.m.	Qualcomm ADSP firmware	product-security@qualcomm.com 2024-09-02 CVE-2024-33045 CWE-562
CVE-2024-33047	8.4	Sept. 2, 2024, 12:15 p.m.	UNKNOWN	product-security@qualcomm.com CWE-126 2024-09-02 CVE-2024-33047
CVE-2024-33060	8.4	Sept. 2, 2024, 12:15 p.m.	UNKNOWN	CWE-416 product-security@qualcomm.com 2024-09-02 CVE-2024-33060
CVE-2024-23359	8.2	Sept. 2, 2024, 12:15 p.m.	Qualcomm chipset	product-security@qualcomm.com CWE-126 2024-09-02 CVE-2024-23359
CVE-2024-33038	7.8	Sept. 2, 2024, 12:15 p.m.	UNKNOWN	CWE-822 product-security@qualcomm.com 2024-09-02 CVE-2024-33038
CVE-2024-33042	7.8	Sept. 2, 2024, 12:15 p.m.	Qualcomm Chipset	CWE-120 product-security@qualcomm.com 2024-09-02 CVE-2024-33042
CVE-2024-33052	7.8	Sept. 2, 2024, 12:15 p.m.	UNKNOWN	CWE-120 product-security@qualcomm.com 2024-09-02 CVE-2024-33052
CVE-2024-33054	7.8	Sept. 2, 2024, 12:15 p.m.	UNKNOWN	CWE-120 product-security@qualcomm.com 2024-09-02 CVE-2024-33054
CVE-2024-38401	7.8	Sept. 2, 2024, 12:15 p.m.	Qualcomm Product	CWE-416 product-security@qualcomm.com 2024-09-02 CVE-2024-38401
CVE-2024-38402	7.8	Sept. 2, 2024, 12:15 p.m.	UNKNOWN	CWE-416 product-security@qualcomm.com 2024-09-02 CVE-2024-38402
CVE-2024-23358	7.5	Sept. 2, 2024, 12:15 p.m.	Qualcomm Modem	product-security@qualcomm.com CWE-126 2024-09-02 CVE-2024-23358
CVE-2024-23364	7.5	Sept. 2, 2024, 12:15 p.m.	Qualcomm WLAN firmware	product-security@qualcomm.com CWE-126 2024-09-02 CVE-2024-23364
CVE-2024-33048	7.5	Sept. 2, 2024, 12:15 p.m.	Qualcomm WiFi driver	product-security@qualcomm.com CWE-126 2024-09-02 CVE-2024-33048
CVE-2024-33050	7.5	Sept. 2, 2024, 12:15 p.m.	Qualcomm WLAN Driver	product-security@qualcomm.com CWE-126 2024-09-02 CVE-2024-33050
CVE-2024-33051	7.5	Sept. 2, 2024, 12:15 p.m.	Qualcomm WiFi Driver	product-security@qualcomm.com CWE-126 2024-09-02 CVE-2024-33051
CVE-2024-33057	7.5	Sept. 2, 2024, 12:15 p.m.	UNKNOWN	product-security@qualcomm.com CWE-126 2024-09-02 CVE-2024-33057
CVE-2024-5148	7.5	Sept. 2, 2024, 12:15 p.m.	gnome-remote-desktop	secalert@redhat.com CWE-488 2024-09-02 CVE-2024-5148
CVE-2024-45311	7.5	Sept. 2, 2024, 6:15 p.m.	Quinn	security-advisories@github.com CWE-670 2024-09-02 CVE-2024-45311
CVE-2024-45388	7.5	Sept. 2, 2024, 6:15 p.m.	Hoverfly	security-advisories@github.com CWE-200 2024-09-02 CVE-2024-45388
CVE-2024-42471	7.3	Sept. 2, 2024, 6:15 p.m.	GitHub Actions Toolkit	security-advisories@github.com CWE-22 2024-09-02 CVE-2024-42471
CVE-2024-23362	7.1	Sept. 2, 2024, 12:15 p.m.	UNKNOWN	CWE-20 product-security@qualcomm.com 2024-09-02 CVE-2024-23362
CVE-2024-33016	6.8	Sept. 2, 2024, 12:15 p.m.	Qualcomm chipset firmware	CWE-119 product-security@qualcomm.com 2024-09-02 CVE-2024-33016
CVE-2024-39775	6.5	Sept. 2, 2024, 5:15 a.m.	OpenHarmony	CWE-125 scy@openharmony.io 2024-09-02 CVE-2024-39775
CVE-2024-45308	6.5	Sept. 2, 2024, 6:15 p.m.	HedgeDoc	security-advisories@github.com 2024-09-02 CVE-2024-45308 CWE-1289
CVE-2024-43792	6.3	Sept. 2, 2024, 6:15 p.m.	Halo	security-advisories@github.com CWE-79 2024-09-02 CVE-2024-43792
CVE-2024-43797	6.3	Sept. 2, 2024, 6:15 p.m.	audiobookshelf	security-advisories@github.com CWE-22 2024-09-02 CVE-2024-43797
CVE-2024-8365	6.2	Sept. 2, 2024, 5:15 a.m.	Vault Community Edition	CWE-532 security@hashicorp.com 2024-09-02 CVE-2024-8365
CVE-2024-38382	5.5	Sept. 2, 2024, 5:15 a.m.	OpenHarmony	CWE-125 scy@openharmony.io 2024-09-02 CVE-2024-38382
CVE-2024-39612	5.5	Sept. 2, 2024, 5:15 a.m.	OpenHarmony	CWE-125 scy@openharmony.io 2024-09-02 CVE-2024-39612
CVE-2024-33043	5.5	Sept. 2, 2024, 12:15 p.m.	UNKNOWN	product-security@qualcomm.com CWE-126 2024-09-02 CVE-2024-33043
CVE-2024-45313	5.4	Sept. 2, 2024, 6:15 p.m.	Overleaf Server Pro	security-advisories@github.com CWE-1188 2024-09-02 CVE-2024-45313
CVE-2024-45312	5.3	Sept. 2, 2024, 6:15 p.m.	Overleaf Community Edition	security-advisories@github.com CWE-22 2024-09-02 CVE-2024-45312
CVE-2024-43801	4.6	Sept. 2, 2024, 6:15 p.m.	Jellyfin	security-advisories@github.com CWE-200 2024-09-02 CVE-2024-43801
CVE-2024-45306	4.5	Sept. 2, 2024, 6:15 p.m.	Vim	security-advisories@github.com CWE-122 2024-09-02 CVE-2024-45306
CVE-2020-36830	4.3	Sept. 2, 2024, 6:15 p.m.	nescalance urlregex	cna@vuldb.com CWE-1333 2024-09-02 CVE-2020-36830
CVE-2024-28044	3.3	Sept. 2, 2024, 5:15 a.m.	OpenHarmony	CWE-190 scy@openharmony.io 2024-09-02 CVE-2024-28044
CVE-2023-7279	2.6	Sept. 2, 2024, 6:15 p.m.	Secure Systems Engineering Connaisseur	cna@vuldb.com CWE-1333 2024-09-02 CVE-2023-7279
CVE-2024-45305	2.5	Sept. 2, 2024, 6:15 p.m.	gix-path	security-advisories@github.com CWE-706 2024-09-02 CVE-2024-45305
CVE-2024-45269	None	Sept. 2, 2024, 12:15 a.m.	WordPress plugin Carousel Slider	vultures@jpcert.or.jp 2024-09-02 CVE-2024-45269
CVE-2024-45270	None	Sept. 2, 2024, 12:15 a.m.	WordPress Carousel Slider plugin	vultures@jpcert.or.jp 2024-09-02 CVE-2024-45270
CVE-2024-45522	None	Sept. 2, 2024, 12:15 a.m.	UNKNOWN	cve@mitre.org 2024-09-02 CVE-2024-45522
CVE-2024-20084	None	Sept. 2, 2024, 5:15 a.m.	UNKNOWN	CWE-125 security@mediatek.com 2024-09-02 CVE-2024-20084
CVE-2024-20085	None	Sept. 2, 2024, 5:15 a.m.	UNKNOWN	CWE-125 security@mediatek.com 2024-09-02 CVE-2024-20085
CVE-2024-20086	None	Sept. 2, 2024, 5:15 a.m.	UNKNOWN	CWE-787 security@mediatek.com 2024-09-02 CVE-2024-20086
CVE-2024-20087	None	Sept. 2, 2024, 5:15 a.m.	UNKNOWN	CWE-787 security@mediatek.com 2024-09-02 CVE-2024-20087
CVE-2024-20088	None	Sept. 2, 2024, 5:15 a.m.	UNKNOWN	CWE-125 security@mediatek.com 2024-09-02 CVE-2024-20088
CVE-2024-20089	None	Sept. 2, 2024, 5:15 a.m.	MediaTek WLAN driver	security@mediatek.com CWE-703 2024-09-02 CVE-2024-20089
CVE-2024-43772	None	Sept. 2, 2024, 5:15 a.m.	Easytest Online Test Platform	CWE-89 ART@zuso.ai 2024-09-02 CVE-2024-43772
CVE-2024-43773	None	Sept. 2, 2024, 5:15 a.m.	Easytest Online Test Platform	CWE-89 ART@zuso.ai 2024-09-02 CVE-2024-43773
CVE-2024-43774	None	Sept. 2, 2024, 5:15 a.m.	Easytest Online Test Platform	CWE-89 ART@zuso.ai 2024-09-02 CVE-2024-43774
CVE-2024-43775	None	Sept. 2, 2024, 5:15 a.m.	Easytest Online Test Platform	CWE-89 ART@zuso.ai 2024-09-02 CVE-2024-43775
CVE-2024-43776	None	Sept. 2, 2024, 5:15 a.m.	Easytest Online Test Platform	CWE-89 ART@zuso.ai 2024-09-02 CVE-2024-43776
CVE-2024-45527	None	Sept. 2, 2024, 5:15 a.m.	REDCap	cve@mitre.org 2024-09-02 CVE-2024-45527
CVE-2024-45528	None	Sept. 2, 2024, 5:15 a.m.	CodeAstro MembershipM-PHP	cve@mitre.org 2024-09-02 CVE-2024-45528
CVE-2024-7871	None	Sept. 2, 2024, 5:15 a.m.	Easytest Online Test Platform	CWE-89 ART@zuso.ai 2024-09-02 CVE-2024-7871
CVE-2024-7354	None	Sept. 2, 2024, 8:15 a.m.	Ninja Forms WordPress plugin	contact@wpscan.com 2024-09-02 CVE-2024-7354
CVE-2024-7690	None	Sept. 2, 2024, 8:15 a.m.	DN Popup WordPress plugin	contact@wpscan.com 2024-09-02 CVE-2024-7690
CVE-2024-7691	None	Sept. 2, 2024, 8:15 a.m.	Flaming Forms WordPress plugin	contact@wpscan.com 2024-09-02 CVE-2024-7691
CVE-2024-7692	None	Sept. 2, 2024, 8:15 a.m.	Flaming Forms WordPress plugin	contact@wpscan.com 2024-09-02 CVE-2024-7692
CVE-2024-38858	None	Sept. 2, 2024, 12:15 p.m.	Checkmk	CWE-79 security@checkmk.com 2024-09-02 CVE-2024-38858
CVE-2024-44947	None	Sept. 2, 2024, 6:15 p.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-09-02 CVE-2024-44947
CVE-2024-6919	None	Sept. 2, 2024, 6:15 p.m.	NAC Telecommunication Systems Inc. NACPremium	CWE-89 iletisim@usom.gov.tr 2024-09-02 CVE-2024-6919
CVE-2024-6920	None	Sept. 2, 2024, 6:15 p.m.	NAC Telecommunication Systems Inc. NACPremium	CWE-79 iletisim@usom.gov.tr 2024-09-02 CVE-2024-6920
CVE-2024-6921	None	Sept. 2, 2024, 6:15 p.m.	NACPremium	CWE-312 iletisim@usom.gov.tr 2024-09-02 CVE-2024-6921
CVE-2024-45621	None	Sept. 2, 2024, 7:15 p.m.	Rocket.Chat Electron desktop application	cve@mitre.org 2024-09-02 CVE-2024-45621
CVE-2024-45622	None	Sept. 2, 2024, 7:15 p.m.	CodeIgniter	cve@mitre.org 2024-09-02 CVE-2024-45622
CVE-2024-1621	None	Sept. 2, 2024, 8:15 p.m.	uniFLOW Online	2024-09-02 CVE-2024-1621 4586e0a2-224d-4f8a-9cb4-8882b208c0b3 CWE-940
CVE-2024-45623	None	Sept. 2, 2024, 9:15 p.m.	D-Link DAP-2310 Hardware A Firmware	cve@mitre.org 2024-09-02 CVE-2024-45623

» Click here to see all Vulnerabilities «

Tag : 2024-09-02