SecuriTricks - 2024-09-11

Attack Reports

Title	Published	Tags	Description	Number of indicators
New RansomHub attack uses TDSKiller and LaZagne, disables EDR	Sept. 11, 2024, 8:33 p.m.	ransomware credential harvesting edr ransomhub byovd 2024-09-11 lazagne tdsskiller network segmentation	A recent analysis by the ThreatDown MDR team has uncovered a novel attack method employed by the RansomHub ransomware gang. The a…	2
Ransomware in the Cloud: Scattered Spider Targeting Insurance and Financial Industries	Sept. 11, 2024, 8:18 p.m.	phishing ransomware blackcat alphv persistence cloud noberus vidar stealer stealc redline stealer raccoon stealer 2024-09-11 sim swapping finance insurance	The Scattered Spider cybercriminal group is targeting cloud infrastructures in the insurance and financial sectors using advanced…	12
Threat Assessment: Repellent Scorpius, Distributors of Cicada3301 Ransomware	Sept. 11, 2024, 8:08 a.m.	ransomware extortion exfiltration encryption cybercrime 2024-09-11 cicada3301	Repellent Scorpius is a new ransomware-as-a-service group distributing Cicada3301 ransomware. It emerged in May 2024 and employs …	8
BLX STEALER	Sept. 11, 2024, 8:05 a.m.	cryptocurrency stealer persistence credential data exfiltration 2024-09-11 xlabb stealer blx stealer	Identified as a sophisticated dropper binary designed to deploy an information stealer dubbed BLX Stealer or XLABB Stealer, this …	5
There's Something About CryptBot: Yet Another Silly Stealer	Sept. 11, 2024, 8:02 a.m.	malware infostealer cryptbot stealer exfiltration netsupport downloader 2024-09-11 yass mustardsandwich	This report provides an in-depth technical analysis of a new variant of the CryptBot infostealer, dubbed Yet Another Silly Steale…	13

» Click here to see all Attack Reports «

Vulnerabilities

CVE	CVSS	Published	Product impacted	Tags
CVE-2024-8277	9.8	Sept. 11, 2024, 9:15 a.m.	WooCommerce Photo Reviews Premium plugin for WordPress	security@wordfence.com CWE-288 2024-09-11 CVE-2024-8277
CVE-2024-6091	9.8	Sept. 11, 2024, 1:15 p.m.	significant-gravitas/autogpt	CWE-78 security@huntr.dev 2024-09-11 CVE-2024-6091
CVE-2024-44466	9.8	Sept. 11, 2024, 4:15 p.m.	COMFAST CF-XR11	cve@mitre.org CWE-94 2024-09-11 CVE-2024-44466
CVE-2024-44541	9.8	Sept. 11, 2024, 7:15 p.m.	evilnapsis Inventio Lite	cve@mitre.org CWE-89 2024-09-11 CVE-2024-44541
CVE-2019-25212	9.1	Sept. 11, 2024, 9:15 a.m.	video carousel slider with lightbox plugin for WordPress	security@wordfence.com CWE-89 2024-09-11 CVE-2019-25212
CVE-2024-8253	8.8	Sept. 11, 2024, 4:15 a.m.	WordPress Post Grid and Gutenberg Blocks plugin	security@wordfence.com CWE-266 2024-09-11 CVE-2024-8253
CVE-2024-20381	8.8	Sept. 11, 2024, 5:15 p.m.	Cisco Crosswork Network Services Orchestrator (NSO)	CWE-285 ykramarz@cisco.com 2024-09-11 CVE-2024-20381
CVE-2024-20398	8.8	Sept. 11, 2024, 5:15 p.m.	Cisco IOS XR Software	ykramarz@cisco.com CWE-78 2024-09-11 CVE-2024-20398
CVE-2024-44570	8.8	Sept. 11, 2024, 5:15 p.m.	RELY-PCIe	cve@mitre.org CWE-77 2024-09-11 CVE-2024-44570
CVE-2024-44571	8.8	Sept. 11, 2024, 5:15 p.m.	RELY-PCIe	cve@mitre.org CWE-284 2024-09-11 CVE-2024-44571
CVE-2024-44572	8.8	Sept. 11, 2024, 5:15 p.m.	RELY-PCIe	cve@mitre.org CWE-77 2024-09-11 CVE-2024-44572
CVE-2024-44574	8.8	Sept. 11, 2024, 5:15 p.m.	RELY-PCIe	cve@mitre.org CWE-77 2024-09-11 CVE-2024-44574
CVE-2024-44577	8.8	Sept. 11, 2024, 5:15 p.m.	RELY-PCIe	cve@mitre.org CWE-77 2024-09-11 CVE-2024-44577
CVE-2024-20304	8.6	Sept. 11, 2024, 5:15 p.m.	Cisco IOS XR Software	ykramarz@cisco.com CWE-401 2024-09-11 CVE-2024-20304
CVE-2024-5760	8.4	Sept. 11, 2024, 4:15 p.m.	Samsung Universal Print Driver for Windows	hp-security-alert@hp.com CWE-269 2024-09-11 CVE-2024-5760
CVE-2024-20489	8.4	Sept. 11, 2024, 5:15 p.m.	Cisco IOS XR Software	ykramarz@cisco.com CWE-256 2024-09-11 CVE-2024-20489
CVE-2024-21529	8.2	Sept. 11, 2024, 5:15 a.m.	dset	CWE-1321 report@snyk.io 2024-09-11 CVE-2024-21529
CVE-2024-7626	8.1	Sept. 11, 2024, 8:15 a.m.	WP Delicious - Recipe Plugin for Food Bloggers (formerly Delicious Recipes) plugin for WordPress	security@wordfence.com CWE-73 2024-09-11 CVE-2024-7626
CVE-2024-43690	8.0	Sept. 11, 2024, 5:15 a.m.	Command Centre Server	CWE-829 disclosures@gallagher.com 2024-09-11 CVE-2024-43690
CVE-2024-40655	7.8	Sept. 11, 2024, 12:15 a.m.	Android	security@android.com 2024-09-11 CVE-2024-40655
CVE-2024-40657	7.8	Sept. 11, 2024, 12:15 a.m.	Android	CWE-269 security@android.com 2024-09-11 CVE-2024-40657
CVE-2024-40658	7.8	Sept. 11, 2024, 12:15 a.m.	UNKNOWN	CWE-269 security@android.com 2024-09-11 CVE-2024-40658
CVE-2024-40662	7.8	Sept. 11, 2024, 12:15 a.m.	Android	CWE-269 security@android.com 2024-09-11 CVE-2024-40662
CVE-2024-8306	7.8	Sept. 11, 2024, 3:15 p.m.	UNKNOWN	CWE-269 cybersecurity@se.com 2024-09-11 CVE-2024-8306
CVE-2024-39378	7.8	Sept. 11, 2024, 4:15 p.m.	Audition	CWE-787 psirt@adobe.com 2024-09-11 CVE-2024-39378
CVE-2024-45327	7.5	Sept. 11, 2024, 10:15 a.m.	FortiSOAR	CWE-307 psirt@fortinet.com 2024-09-11 CVE-2024-45327
CVE-2024-20317	7.4	Sept. 11, 2024, 5:15 p.m.	Cisco IOS XR Software	ykramarz@cisco.com CWE-684 2024-09-11 CVE-2024-20317
CVE-2024-20406	7.4	Sept. 11, 2024, 5:15 p.m.	Cisco IOS XR Software	CWE-20 ykramarz@cisco.com 2024-09-11 CVE-2024-20406
CVE-2024-40652	7.3	Sept. 11, 2024, 12:15 a.m.	Android Settings app	CWE-862 security@android.com 2024-09-11 CVE-2024-40652
CVE-2024-20483	7.2	Sept. 11, 2024, 5:15 p.m.	Cisco IOS XR Software	ykramarz@cisco.com CWE-78 2024-09-11 CVE-2024-20483
CVE-2024-24972	6.5	Sept. 11, 2024, 4:15 a.m.	Controller 6000	CWE-120 disclosures@gallagher.com 2024-09-11 CVE-2024-24972
CVE-2024-8096	6.5	Sept. 11, 2024, 10:15 a.m.	curl	CWE-295 2499f714-1537-4658-8207-48ae4bb9eae9 2024-09-11 CVE-2024-8096
CVE-2024-8440	6.4	Sept. 11, 2024, 7:15 a.m.	Essential Addons for Elementor	CWE-79 security@wordfence.com 2024-09-11 CVE-2024-8440
CVE-2024-8045	6.4	Sept. 11, 2024, 8:15 a.m.	Advanced WordPress Backgrounds plugin	CWE-79 security@wordfence.com 2024-09-11 CVE-2024-8045
CVE-2024-43793	6.3	Sept. 11, 2024, 3:15 p.m.	Halo	security-advisories@github.com CWE-79 2024-09-11 CVE-2024-43793
CVE-2024-23906	6.1	Sept. 11, 2024, 4:15 a.m.	Controller 6000	CWE-79 disclosures@gallagher.com 2024-09-11 CVE-2024-23906
CVE-2024-8646	6.1	Sept. 11, 2024, 2:15 p.m.	Eclipse Glassfish	CWE-601 emo@eclipse.org 2024-09-11 CVE-2024-8646
CVE-2024-4465	6.0	Sept. 11, 2024, 3:15 p.m.	Guardian/CMC	CWE-863 prodsec@nozominetworks.com 2024-09-11 CVE-2024-4465
CVE-2024-41868	5.5	Sept. 11, 2024, 4:15 p.m.	Audition	psirt@adobe.com CWE-125 2024-09-11 CVE-2024-41868
CVE-2024-20343	5.5	Sept. 11, 2024, 5:15 p.m.	Cisco IOS XR Software	CWE-284 ykramarz@cisco.com 2024-09-11 CVE-2024-20343
CVE-2024-5416	5.4	Sept. 11, 2024, 12:15 p.m.	Elementor Website Builder plugin for WordPress	CWE-79 security@wordfence.com 2024-09-11 CVE-2024-5416
CVE-2024-44851	5.4	Sept. 11, 2024, 4:15 p.m.	Perfex CRM	cve@mitre.org CWE-79 2024-09-11 CVE-2024-44851
CVE-2024-7727	5.3	Sept. 11, 2024, 5:15 a.m.	HTML5 Video Player - mp4 Video Player Plugin and Block plugin for WordPress	security@wordfence.com CWE-862 2024-09-11 CVE-2024-7727
CVE-2024-20390	5.3	Sept. 11, 2024, 5:15 p.m.	Cisco IOS XR Software	ykramarz@cisco.com CWE-940 2024-09-11 CVE-2024-20390
CVE-2024-8692	5.3	Sept. 11, 2024, 7:15 p.m.	TDuckCloud TDuckPro	CWE-640 cna@vuldb.com 2024-09-11 CVE-2024-8692
CVE-2024-3899	4.8	Sept. 11, 2024, 6:15 a.m.	WordPress Gallery Plugin	contact@wpscan.com 2024-09-11 CVE-2024-3899
CVE-2024-7716	4.8	Sept. 11, 2024, 6:15 a.m.	Logo Slider WordPress plugin	CWE-79 contact@wpscan.com 2024-09-11 CVE-2024-7716
CVE-2024-39808	4.6	Sept. 11, 2024, 4:15 a.m.	Controller 6000	CWE-131 disclosures@gallagher.com 2024-09-11 CVE-2024-39808
CVE-2024-7721	4.3	Sept. 11, 2024, 5:15 a.m.	HTML5 Video Player - mp4 Video Player Plugin and Block plugin for WordPress	security@wordfence.com CWE-862 2024-09-11 CVE-2024-7721
CVE-2024-8694	3.8	Sept. 11, 2024, 9:15 p.m.	JFinalCMS	CWE-22 cna@vuldb.com 2024-09-11 CVE-2024-8694
CVE-2024-1656	2.6	Sept. 11, 2024, 5:15 a.m.	Octopus Server	security@octopus.com 2024-09-11 CVE-2024-1656
CVE-2024-8693	2.4	Sept. 11, 2024, 8:15 p.m.	Kaon CG3000	CWE-79 cna@vuldb.com 2024-09-11 CVE-2024-8693
CVE-2024-23716	None	Sept. 11, 2024, 12:15 a.m.	Linux Kernel	security@android.com 2024-09-11 CVE-2024-23716
CVE-2024-31336	None	Sept. 11, 2024, 12:15 a.m.	UNKNOWN	security@android.com 2024-09-11 CVE-2024-31336
CVE-2024-40650	None	Sept. 11, 2024, 12:15 a.m.	Android	security@android.com 2024-09-11 CVE-2024-40650
CVE-2024-40654	None	Sept. 11, 2024, 12:15 a.m.	Android	security@android.com 2024-09-11 CVE-2024-40654
CVE-2024-40656	None	Sept. 11, 2024, 12:15 a.m.	Android	security@android.com 2024-09-11 CVE-2024-40656
CVE-2024-40659	None	Sept. 11, 2024, 12:15 a.m.	Android OS	security@android.com 2024-09-11 CVE-2024-40659
CVE-2024-45786	None	Sept. 11, 2024, 12:15 p.m.	Reedos aiM-Star	CWE-639 vdisclose@cert-in.org.in 2024-09-11 CVE-2024-45786
CVE-2024-45787	None	Sept. 11, 2024, 12:15 p.m.	Reedos aiM-Star	vdisclose@cert-in.org.in CWE-359 2024-09-11 CVE-2024-45787
CVE-2024-45788	None	Sept. 11, 2024, 12:15 p.m.	Reedos aiM-Star	vdisclose@cert-in.org.in CWE-799 2024-09-11 CVE-2024-45788
CVE-2024-45789	None	Sept. 11, 2024, 12:15 p.m.	Reedos aiM-Star	CWE-354 vdisclose@cert-in.org.in 2024-09-11 CVE-2024-45789
CVE-2024-7609	None	Sept. 11, 2024, 12:15 p.m.	Vidco Software VOC TESTER	CWE-22 iletisim@usom.gov.tr 2024-09-11 CVE-2024-7609
CVE-2024-45790	None	Sept. 11, 2024, 1:15 p.m.	Reedos aiM-Star	vdisclose@cert-in.org.in CWE-307 2024-09-11 CVE-2024-45790
CVE-2024-27112	None	Sept. 11, 2024, 2:15 p.m.	SO Planning	CWE-89 csirt@divd.nl 2024-09-11 CVE-2024-27112
CVE-2024-27113	None	Sept. 11, 2024, 2:15 p.m.	SO Planning tool	CWE-200 csirt@divd.nl 2024-09-11 CVE-2024-27113
CVE-2024-27114	None	Sept. 11, 2024, 2:15 p.m.	SO Planning	CWE-367 csirt@divd.nl 2024-09-11 CVE-2024-27114
CVE-2024-27115	None	Sept. 11, 2024, 2:15 p.m.	SO Planning	CWE-434 csirt@divd.nl 2024-09-11 CVE-2024-27115
CVE-2024-7805	None	Sept. 11, 2024, 2:15 p.m.	UNKNOWN	security@huntr.dev 2024-09-11 CVE-2024-7805
CVE-2024-8636	None	Sept. 11, 2024, 2:15 p.m.	Google Chrome	chrome-cve-admin@google.com CWE-122 2024-09-11 CVE-2024-8636
CVE-2024-8637	None	Sept. 11, 2024, 2:15 p.m.	Google Chrome	chrome-cve-admin@google.com CWE-416 2024-09-11 CVE-2024-8637
CVE-2024-8638	None	Sept. 11, 2024, 2:15 p.m.	Google Chrome	chrome-cve-admin@google.com CWE-843 2024-09-11 CVE-2024-8638
CVE-2024-8639	None	Sept. 11, 2024, 2:15 p.m.	Google Chrome	chrome-cve-admin@google.com CWE-416 2024-09-11 CVE-2024-8639
CVE-2024-8642	None	Sept. 11, 2024, 2:15 p.m.	Eclipse Dataspace Components	CWE-303 emo@eclipse.org 2024-09-11 CVE-2024-8642
CVE-2024-45009	None	Sept. 11, 2024, 4:15 p.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-09-11 CVE-2024-45009
CVE-2024-45010	None	Sept. 11, 2024, 4:15 p.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-09-11 CVE-2024-45010
CVE-2024-45011	None	Sept. 11, 2024, 4:15 p.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-09-11 CVE-2024-45011
CVE-2024-45012	None	Sept. 11, 2024, 4:15 p.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-09-11 CVE-2024-45012
CVE-2024-45013	None	Sept. 11, 2024, 4:15 p.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-09-11 CVE-2024-45013
CVE-2024-45014	None	Sept. 11, 2024, 4:15 p.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-09-11 CVE-2024-45014
CVE-2024-45015	None	Sept. 11, 2024, 4:15 p.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-09-11 CVE-2024-45015
CVE-2024-45016	None	Sept. 11, 2024, 4:15 p.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-09-11 CVE-2024-45016
CVE-2024-45017	None	Sept. 11, 2024, 4:15 p.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-09-11 CVE-2024-45017
CVE-2024-45018	None	Sept. 11, 2024, 4:15 p.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-09-11 CVE-2024-45018
CVE-2024-45019	None	Sept. 11, 2024, 4:15 p.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-09-11 CVE-2024-45019
CVE-2024-45020	None	Sept. 11, 2024, 4:15 p.m.	Linux Kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-09-11 CVE-2024-45020
CVE-2024-45021	None	Sept. 11, 2024, 4:15 p.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-09-11 CVE-2024-45021
CVE-2024-45022	None	Sept. 11, 2024, 4:15 p.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-09-11 CVE-2024-45022
CVE-2024-45023	None	Sept. 11, 2024, 4:15 p.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-09-11 CVE-2024-45023
CVE-2024-45024	None	Sept. 11, 2024, 4:15 p.m.	Linux Kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-09-11 CVE-2024-45024
CVE-2024-45025	None	Sept. 11, 2024, 4:15 p.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-09-11 CVE-2024-45025
CVE-2024-45026	None	Sept. 11, 2024, 4:15 p.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-09-11 CVE-2024-45026
CVE-2024-45027	None	Sept. 11, 2024, 4:15 p.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-09-11 CVE-2024-45027
CVE-2024-45028	None	Sept. 11, 2024, 4:15 p.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-09-11 CVE-2024-45028
CVE-2024-45029	None	Sept. 11, 2024, 4:15 p.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-09-11 CVE-2024-45029
CVE-2024-45030	None	Sept. 11, 2024, 4:15 p.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-09-11 CVE-2024-45030
CVE-2024-46672	None	Sept. 11, 2024, 4:15 p.m.	Linux kernel	416baaa9-dc9f-4396-8d5f-8c081fb06d67 2024-09-11 CVE-2024-46672
CVE-2024-7312	None	Sept. 11, 2024, 4:15 p.m.	Payara Platform Payara Server	CWE-601 2024-09-11 CVE-2024-7312 769c9ae7-73c3-4e47-ae19-903170fc3eb8
CVE-2024-44573	None	Sept. 11, 2024, 5:15 p.m.	RELY-PCIe	cve@mitre.org 2024-09-11 CVE-2024-44573
CVE-2024-44575	None	Sept. 11, 2024, 5:15 p.m.	RELY-PCIe	cve@mitre.org 2024-09-11 CVE-2024-44575
CVE-2024-8097	None	Sept. 11, 2024, 5:15 p.m.	Payara Platform Payara Server	CWE-200 2024-09-11 769c9ae7-73c3-4e47-ae19-903170fc3eb8 CVE-2024-8097
CVE-2024-8686	None	Sept. 11, 2024, 5:15 p.m.	Palo Alto Networks PAN-OS	CWE-78 psirt@paloaltonetworks.com 2024-09-11 CVE-2024-8686
CVE-2024-8687	None	Sept. 11, 2024, 5:15 p.m.	Palo Alto Networks PAN-OS software	CWE-497 psirt@paloaltonetworks.com 2024-09-11 CVE-2024-8687
CVE-2024-8688	None	Sept. 11, 2024, 5:15 p.m.	Palo Alto Networks PAN-OS	psirt@paloaltonetworks.com 2024-09-11 CVE-2024-8688 CWE-155
CVE-2024-8689	None	Sept. 11, 2024, 5:15 p.m.	Cortex XSOAR	CWE-312 psirt@paloaltonetworks.com 2024-09-11 CVE-2024-8689
CVE-2024-8690	None	Sept. 11, 2024, 5:15 p.m.	Palo Alto Networks Cortex XDR agent	CWE-440 psirt@paloaltonetworks.com 2024-09-11 CVE-2024-8690
CVE-2024-8691	None	Sept. 11, 2024, 5:15 p.m.	Palo Alto Networks PAN-OS software	CWE-863 psirt@paloaltonetworks.com 2024-09-11 CVE-2024-8691
CVE-2024-42760	None	Sept. 11, 2024, 7:15 p.m.	Ellevo	cve@mitre.org 2024-09-11 CVE-2024-42760

» Click here to see all Vulnerabilities «

Tag : 2024-09-11