Today > | 1 Medium vulnerabilities   -   You can now download lists of IOCs here!

Tag: 2024-09-05

4 attack reports | 66 vulnerabilities

Attack reports

BlindEagle Targets Colombian Insurance Sector with BlotchyQuasar

BlindEagle, an advanced persistent threat actor, has been observed targeting the Colombian insurance sector using the BlotchyQuasar Remote Access Trojan. The attack chain begins with phishing emails impersonating the Colombian tax authority, containing links to malware hosted on compromised Google …

phishing
remcosrat
asyncrat
credential theft
banking trojan
quasarrat
2024-09-05
blotchyquasar
Published: September 5, 2024

Downloadable IOCs 16

Predator Spyware Infrastructure Returns Following Exposure and Sanctions

Predator spyware's infrastructure has resurfaced with modifications to evade detection and anonymize users, despite previous exposure and sanctions. The spyware continues to pose significant risks, especially to high-profile individuals in countries like the Democratic Republic of the Congo and Ang…

python
2024-09-05
predator spyware
intellexa alliance
zero-click attacks
Published: September 5, 2024

Downloadable IOCs 16

Toneshell Backdoor Used to Target Attendees of the IISS Defence Summit

A cyber espionage campaign using the ToneShell backdoor, associated with Mustang Panda, has been detected targeting attendees of the 2024 IISS Defence Summit in Prague. The attack utilizes a malicious PIF file masquerading as summit documents, which drops SFFWallpaperCore.exe and libemb.dll. The ma…

phishing
dll sideloading
gh0st rat
2024-09-05
toneshell
pif file
Published: September 5, 2024

Downloadable IOCs 4

Tropic Trooper spies on government entities in the Middle East

Tropic Trooper, a Chinese-speaking APT group active since 2011, has expanded its operations to target government entities in the Middle East. The group deployed a new variant of the China Chopper web shell on a compromised Umbraco CMS server, along with other post-exploitation tools and backdoor im…

fscan
china chopper
2024-09-05
web shell
swor
bypassgodzilla
crowdoor
umbraco cms
neo-regeorg
Published: September 5, 2024

Downloadable IOCs 7

» Click here to see all Attack Reports «

Vulnerabilities

CVE-2024-43102

10.0
FreeBSD
Published: September 5, 2024

CVE-2024-44727

9.8
Sourcecodehero Event Management System
Published: September 5, 2024

CVE-2024-45158

9.8
Mbed TLS
Published: September 5, 2024

CVE-2024-45159

9.8
Mbed TLS
Published: September 5, 2024

CVE-2024-8395

9.8
FlyCASS CASS system
Published: September 5, 2024

CVE-2024-42885

9.1
ESAFENET CDG
Published: September 5, 2024

CVE-2024-24759

9.1
MindsDB
Published: September 5, 2024

CVE-2024-42416

8.8
bhyve
Published: September 5, 2024

CVE-2024-43110

8.8
FreeBSD
Published: September 5, 2024

CVE-2024-45063

8.8
FreeBSD
Published: September 5, 2024

CVE-2024-8178

8.8
bhyve
Published: September 5, 2024

CVE-2024-8463

8.8
PHPGurukul Job Portal
Published: September 5, 2024

CVE-2024-44587

8.8
Alton Management System
Published: September 5, 2024

CVE-2024-45173

8.8
C-MOR Video Surveillance
Published: September 5, 2024

CVE-2024-45171

8.8
za-internet C-MOR Video Surveillance
Published: September 5, 2024

CVE-2024-45175

8.8
C-MOR Video Surveillance
Published: September 5, 2024

CVE-2024-41928

8.4
bhyve
Published: September 5, 2024

CVE-2024-45288

8.4
FreeBSD
Published: September 5, 2024

CVE-2024-32668

8.2
FreeBSD Bhyve
Published: September 5, 2024

CVE-2024-7627

8.1
Bit File Manager plugin for WordPress
Published: September 5, 2024

CVE-2024-45098

8.1
IBM Aspera Faspex
Published: September 5, 2024

CVE-2024-45287

7.5
UNKNOWN
Published: September 5, 2024

CVE-2024-5957

7.5
UNKNOWN
Published: September 5, 2024

CVE-2024-7884

7.5
ic_cdk
Published: September 5, 2024

CVE-2024-8464

7.5
UNKNOWN
Published: September 5, 2024

CVE-2024-8465

7.5
UNKNOWN
Published: September 5, 2024

CVE-2024-8466

7.5
UNKNOWN
Published: September 5, 2024

CVE-2024-8467

7.5
Job Portal
Published: September 5, 2024

CVE-2024-8468

7.5
UNKNOWN
Published: September 5, 2024

CVE-2024-8469

7.5
UNKNOWN
Published: September 5, 2024

CVE-2024-8470

7.5
UNKNOWN
Published: September 5, 2024

CVE-2024-42495

7.5
fusion
Published: September 5, 2024

CVE-2024-7591

7.2
Progress LoadMaster
Published: September 5, 2024

CVE-2024-45178

7.1
C-MOR Video Surveillance
Published: September 5, 2024

CVE-2024-45097

7.1
IBM Aspera Faspex
Published: September 5, 2024

CVE-2024-45401

7.1
stripe-cli
Published: September 5, 2024

CVE-2024-6332

6.5
Booking for Appointments and Events Calendar - Amelia Premium plugin for WordPress
Published: September 5, 2024

CVE-2024-45096

6.5
IBM Aspera Faspex
Published: September 5, 2024

CVE-2024-8471

6.1
Unknown
Published: September 5, 2024

CVE-2024-8472

6.1
UNKNOWN
Published: September 5, 2024

CVE-2024-8473

6.1
jobportal
Published: September 5, 2024

CVE-2024-45176

6.1
C-MOR Video Surveillance
Published: September 5, 2024

CVE-2024-44728

6.1
Sourcecodehero Event Management System
Published: September 5, 2024

CVE-2024-8460

5.9
D-Link DNS-320
Published: September 5, 2024

CVE-2024-45589

5.9
RapidIdentity
Published: September 5, 2024

CVE-2024-8445

5.7
389-ds-base
Published: September 5, 2024

CVE-2024-42491

5.7
Asterisk
Published: September 5, 2024

CVE-2024-45107

5.5
Acrobat Reader
Published: September 5, 2024

CVE-2024-5309

5.4
Form Vibes - Database Manager for Forms plugin for WordPress
Published: September 5, 2024

CVE-2024-8363

5.4
Share This Image plugin for WordPress
Published: September 5, 2024

CVE-2024-6894

5.4
RD Station plugin for WordPress
Published: September 5, 2024

CVE-2024-6929

5.4
Dynamic Featured Image plugin for WordPress
Published: September 5, 2024

CVE-2024-6846

5.3
Chatbot with ChatGPT WordPress plugin
Published: September 5, 2024

CVE-2024-6835

5.3
Ivory Search - WordPress Search Plugin
Published: September 5, 2024

CVE-2022-4529

5.3
Security, Antivirus, Firewall - S.A.F plugin for WordPress
Published: September 5, 2024

CVE-2024-5956

5.3
Trellix IPS Manager
Published: September 5, 2024

CVE-2024-7381

5.3
Geo Controller plugin for WordPress
Published: September 5, 2024

CVE-2024-8461

5.3
D-Link DNS-320
Published: September 5, 2024

CVE-2024-45157

5.1
Mbed TLS
Published: September 5, 2024

CVE-2022-3556

4.8
Cab fare calculator plugin for WordPress
Published: September 5, 2024

CVE-2023-51712

4.7
Trusted Firmware-M
Published: September 5, 2024

CVE-2024-39278

4.6
fusion
Published: September 5, 2024

CVE-2024-7380

4.3
Geo Controller plugin for WordPress
Published: September 5, 2024

CVE-2024-7605

4.3
HelloAsso plugin for WordPress
Published: September 5, 2024

CVE-2024-45392

4.3
SuiteCRM
Published: September 5, 2024

CVE-2024-8462

3.7
Windmill
Published: September 5, 2024
» Click here to see all Vulnerabilities «