Tag: 2024-09-09

8 Attack Reports | 56 Vulnerabilities

Attack reports

Atomic macOS Stealer leads sensitive data theft on macOS

The report discusses the Atomic macOS Stealer (AMOS), an infostealer malware targeting macOS systems. It is designed to steal sensitive information like passwords, cookies, cryptocurrency wallets, and other data from infected machines. The malware is distributed through malvertising, SEO poisoning,…
malvertising
infostealer
cryptocurrency
macos
2024-09-09
amos
atomic macos stealer
passwords
Published: September 9, 2024
Downloadable IOCs: 17

LummaC2 Malware and Malicious Chrome Extension Delivered

In August 2024, eSentire's Threat Response Unit observed a sophisticated attack involving LummaC2 stealer malware and a malicious Google Chrome browser extension. The attack leveraged DLL side-loading to execute a loader delivering the malware and a PowerShell script that installed the extension. T…
malware
lummac2
stealer
credentials
browser
2024-09-09
crypto
remote
extension
control
Published: September 9, 2024
Downloadable IOCs: 7

Ailurophile Stealer

This analysis examines a newly identified threat dubbed 'Ailurophile Stealer,' a malware designed to compromise victims' systems by extracting sensitive browser data including stored credentials, cookies, and browsing history. The stealer utilizes various techniques like placing malicious files in …
malware
stealer
exfiltration
credential
browser
ailurophile stealer
2024-09-09
Published: September 9, 2024
Downloadable IOCs: 3

Loki: a new private agent for the popular Mythic framework

Kaspersky researchers discovered a previously unknown Loki backdoor, utilized in a series of targeted attacks. Analysis revealed that Loki is a private version of an agent compatible with the open-source Mythic framework. The malware employs techniques like memory encryption, indirect system API ca…
malware
backdoor
loader
2024-09-09
mythic
agent
hellokitty
Published: September 9, 2024
Downloadable IOCs: 7

Chinese APT Abuses VSCode to Target Government in Asia

The report details a campaign by the Chinese advanced persistent threat (APT) group Stately Taurus, which carried out cyberespionage operations against government entities in Southeast Asia. The group employed a novel technique that leveraged the reverse shell feature of Visual Studio Code to gain …
apt
exfiltration
cyberespionage
shadowpad
poisonplug.shadow
toneshell
2024-09-09
credentialtheft
reverseshell
visualstudiocode
Published: September 9, 2024
Downloadable IOCs: 17

Russian Military Cyber Actors Target US and Global Critical Infrastructure

The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and National Security Agency (NSA) assess that cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 161st Specialist Training Center (Unit 29155) are responsible…
2024-09-09
cadet blizzard
whispergate
ember bear
frozenvista
unc2589
uac-0056
gru unit 29155
Published: September 9, 2024
Linked vulnerabilities : CVE-2020-1472, CVE-2022-26134, CVE-2021-26084, CVE-2022-27666, CVE-2022-26138, CVE-2021-33045, CVE-2021-33044, CVE-2022-3236, CVE-2021-4034, CVE-2021-3156
Downloadable IOCs: 50

APT Lazarus: Eager Crypto Beavers, Video calls and Games

Group-ib explored the growing threats posed by the Lazarus Group's financially-driven campaign against developers. Group-ib examined their recent Python scripts, including the CivetQ and BeaverTail malware variants, along with their updated versions in Windows and Python releases. Additionally, the…
apt
lazarus
2024-09-09
beavertail
civetq
Published: September 9, 2024
Downloadable IOCs: 85

Enrichment Data: Keeping it Fresh

The article discusses the importance of keeping enrichment data up-to-date for analyzing honeypot attacks. Various sources like Internet Storm Center, URLhaus, SPUR, and VirusTotal are used to enrich data collected from honeypots. The author examines how frequently this data changes and its accurac…
threat intelligence
2024-09-09
data enrichment
Published: September 9, 2024
Downloadable IOCs: 5
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-8584

9.8
    Learningdigital
  • Orca Hcm
Published: September 9, 2024

CVE-2024-7015

9.8
    Profelis
  • Passbox
Published: September 9, 2024

CVE-2024-44721

9.8
    SeaCMS
Published: September 9, 2024

CVE-2024-44849

9.8
    Qualitor
Published: September 9, 2024

CVE-2024-44902

9.8
    Thinkphp
  • Thinkphp
Published: September 9, 2024

CVE-2024-6795

9.8
    Baxter
  • Connex Health Portal
Published: September 9, 2024

CVE-2024-44410

9.8
    Dlink
  • Di-8300 Firmware
  • Di-8300
Published: September 9, 2024

CVE-2024-44411

9.8
    D-Link DI-8300
Published: September 9, 2024

CVE-2024-8611

9.8
    Angeljudesuarez
  • Tailoring Management System
Published: September 9, 2024

CVE-2024-40643

9.6
    Joplin Project
  • Joplin
Published: September 9, 2024

CVE-2024-42500

9.3
    HPE HP-UX System's Network File System (NFSv4) services
Published: September 9, 2024

CVE-2024-6796

9.1
    Baxter
  • Connex Health Portal
Published: September 9, 2024

CVE-2024-37288

8.8
    Elastic
  • Kibana
Published: September 9, 2024

CVE-2024-45041

8.8
    External-Secrets
  • External Secrets Operator
Published: September 9, 2024

CVE-2024-44333

8.8
    D-Link DI-7003GV2
    D-Link DI-7100G+V2
    D-Link DI-7100GV2
    D-Link DI-7200GV2
    D-Link DI-7300G+V2
    D-Link DI-7400G+V2
Published: September 9, 2024

CVE-2024-44334

8.8
    D-Link DI-7003GV2
    D-Link DI-7100G+V2
    D-Link DI-7100GV2
    D-Link DI-7200GV2
    D-Link DI-7300G+V2
    D-Link DI-7400G+V2
Published: September 9, 2024

CVE-2024-44335

8.8
    D-Link DI-7003GV2
    D-Link DI-7100G+V2
    D-Link DI-7100GV2
    D-Link DI-7200GV2
    D-Link DI-7300G+V2
    D-Link DI-7400G+V2
    D-Link DI-7003G
Published: September 9, 2024

CVE-2024-45411

8.6
    Symfony
  • Twig
Published: September 9, 2024

CVE-2024-27383

7.8
    Samsung
  • Exynos 980 Firmware
  • Exynos 980
  • Exynos 850 Firmware
  • Exynos 850
  • Exynos 1080 Firmware
  • Exynos 1080
  • Exynos 1280 Firmware
  • Exynos 1280
  • Exynos 1330 Firmware
  • Exynos 1330
  • Exynos 1380 Firmware
  • Exynos 1380
  • Exynos 1480 Firmware
  • Exynos 1480
  • Exynos W920 Firmware
  • Exynos W920
  • Exynos W930 Firmware
  • Exynos W930
Published: September 9, 2024

CVE-2024-27387

7.8
    Samsung
  • Exynos 1080 Firmware
  • Exynos 1080
  • Exynos 1280 Firmware
  • Exynos 1280
  • Exynos 1330 Firmware
  • Exynos 1330
  • Exynos 1380 Firmware
  • Exynos 1380
  • Exynos 1480 Firmware
  • Exynos 1480
  • Exynos 850 Firmware
  • Exynos 850
  • Exynos 980 Firmware
  • Exynos 980
  • Exynos W920 Firmware
  • Exynos W920
  • Exynos W930 Firmware
  • Exynos W930
Published: September 9, 2024

CVE-2024-44375

7.5
    Dlink
  • Di-8100 Firmware
  • Di-8100
Published: September 9, 2024

CVE-2024-44720

7.5
    SeaCMS
Published: September 9, 2024

CVE-2024-45296

7.5
    path-to-regexp
Published: September 9, 2024

CVE-2024-6572

7.4
    Checkmk
Published: September 9, 2024

CVE-2024-44724

7.2
    AutoCMS
Published: September 9, 2024

CVE-2024-44725

7.2
    AutoCMS
Published: September 9, 2024

CVE-2024-7341

7.1
    Redhat
  • Keycloak
  • Single Sign-On
  • Enterprise Linux
  • Build Of Keycloak
Published: September 9, 2024

CVE-2024-8585

6.5
    Learningdigital
  • Orca Hcm
Published: September 9, 2024

CVE-2024-7688

6.5
    Azindex Project
  • Azindex
Published: September 9, 2024

CVE-2024-8601

6.5
    Techexcel
  • Back Office Software
Published: September 9, 2024

CVE-2024-42759

6.3
    Ellevo
Published: September 9, 2024

CVE-2024-8586

6.1
    Uniong
  • Webitr
Published: September 9, 2024

CVE-2024-45625

6.1
    Incsub
  • Forminator
Published: September 9, 2024

CVE-2024-8604

6.1
    Online Food Ordering System Project
  • Online Food Ordering System
Published: September 9, 2024

CVE-2024-7260

6.1
    Redhat
  • Build Of Keycloak
  • Keycloak
Published: September 9, 2024

CVE-2023-50883

6.1
    Onlyoffice
  • Document Server
Published: September 9, 2024

CVE-2024-44085

6.1
    ONLYOFFICE Docs
Published: September 9, 2024

CVE-2024-27364

5.5
    Samsung
  • Exynos 980 Firmware
  • Exynos 980
  • Exynos 850 Firmware
  • Exynos 850
  • Exynos 1080 Firmware
  • Exynos 1080
  • Exynos 1280 Firmware
  • Exynos 1280
  • Exynos 1380 Firmware
  • Exynos 1380
  • Exynos 1330 Firmware
  • Exynos 1330
  • Exynos 1480 Firmware
  • Exynos 1480
  • Exynos W920 Firmware
  • Exynos W920
  • Exynos W930 Firmware
  • Exynos W930
Published: September 9, 2024

CVE-2024-27366

5.5
    Samsung
  • Exynos 980 Firmware
  • Exynos 980
  • Exynos 850 Firmware
  • Exynos 850
  • Exynos 1080 Firmware
  • Exynos 1080
  • Exynos 1280 Firmware
  • Exynos 1280
  • Exynos 1380 Firmware
  • Exynos 1380
  • Exynos 1330 Firmware
  • Exynos 1330
  • Exynos 1480 Firmware
  • Exynos 1480
  • Exynos W920 Firmware
  • Exynos W920
  • Exynos W930 Firmware
  • Exynos W930
Published: September 9, 2024

CVE-2024-27367

5.5
    Samsung
  • Exynos 980 Firmware
  • Exynos 980
  • Exynos 850 Firmware
  • Exynos 850
  • Exynos 1080 Firmware
  • Exynos 1080
  • Exynos 1280 Firmware
  • Exynos 1280
  • Exynos 1380 Firmware
  • Exynos 1380
  • Exynos 1330 Firmware
  • Exynos 1330
  • Exynos 1480 Firmware
  • Exynos 1480
  • Exynos W920 Firmware
  • Exynos W920
  • Exynos W930 Firmware
  • Exynos W930
Published: September 9, 2024

CVE-2024-27368

5.5
    Samsung
  • Exynos 980 Firmware
  • Exynos 980
  • Exynos 850 Firmware
  • Exynos 850
  • Exynos 1080 Firmware
  • Exynos 1080
  • Exynos 1280 Firmware
  • Exynos 1280
  • Exynos 1380 Firmware
  • Exynos 1380
  • Exynos 1330 Firmware
  • Exynos 1330
  • Exynos 1480 Firmware
  • Exynos 1480
  • Exynos W920 Firmware
  • Exynos W920
  • Exynos W930 Firmware
  • Exynos W930
Published: September 9, 2024

CVE-2024-27365

5.5
    Samsung
  • Exynos 980 Firmware
  • Exynos 980
  • Exynos 850 Firmware
  • Exynos 850
  • Exynos 1080 Firmware
  • Exynos 1080
  • Exynos 1280 Firmware
  • Exynos 1280
  • Exynos 1380 Firmware
  • Exynos 1380
  • Exynos 1330 Firmware
  • Exynos 1330
  • Exynos 1480 Firmware
  • Exynos 1480
  • Exynos W920 Firmware
  • Exynos W920
  • Exynos W930 Firmware
  • Exynos W930
Published: September 9, 2024

CVE-2024-8605

5.4
    Code-Projects
  • Inventory Management
Published: September 9, 2024

CVE-2024-8610

5.4
    Mayurik
  • Best House Rental Management System
Published: September 9, 2024

CVE-2024-5561

4.8
    Code-Atlantic
  • Popup Maker
Published: September 9, 2024

CVE-2024-6910

4.8
    Myeventon
  • Eventon
Published: September 9, 2024

CVE-2024-7918

4.8
    Ronvalstar
  • Pocket Widget
Published: September 9, 2024

CVE-2024-45406

4.8
    Craftcms
  • Craft Cms
Published: September 9, 2024

CVE-2024-7318

4.8
    Redhat
  • Build Of Keycloak
Published: September 9, 2024

CVE-2024-7687

4.3
    Azindex Project
  • Azindex
Published: September 9, 2024

CVE-2024-7689

4.3
    Snapshot Backup Project
  • Snapshot Backup
Published: September 9, 2024

CVE-2024-45203

4.3
    Istyle
  • \@Cosme
Published: September 9, 2024

CVE-2024-8372

4.3
    Angularjs
  • Angular.Js
Published: September 9, 2024

CVE-2024-8373

4.3
    Angularjs
  • Angular.Js
Published: September 9, 2024

CVE-2024-8042

3.1
    Rapid7
  • Insight Platform
Published: September 9, 2024

CVE-2024-24510

None
    Alinto SOGo
Published: September 9, 2024
Click here to see more Vulnerabilities