Tag: 2024-09-11

5 Attack Reports | 111 Vulnerabilities

Attack reports

New RansomHub attack uses TDSKiller and LaZagne, disables EDR

A recent analysis by the ThreatDown MDR team has uncovered a novel attack method employed by the RansomHub ransomware gang. The attackers are utilizing two tools: TDSSKiller, a legitimate Kaspersky rootkit removal utility, to disable endpoint detection and response (EDR) systems, and LaZagne, a cre…
ransomware
credential harvesting
edr
ransomhub
byovd
2024-09-11
lazagne
tdsskiller
network segmentation
Published: September 11, 2024
Downloadable IOCs: 2

Ransomware in the Cloud: Scattered Spider Targeting Insurance and Financial Industries

The Scattered Spider cybercriminal group is targeting cloud infrastructures in the insurance and financial sectors using advanced techniques. They exploit leaked authentication tokens, conduct phishing and smishing campaigns, and leverage SIM swapping to bypass multi-factor authentication. The grou…
phishing
ransomware
blackcat
alphv
persistence
cloud
noberus
vidar stealer
stealc
redline stealer
raccoon stealer
2024-09-11
sim swapping
finance
insurance
Published: September 11, 2024
Downloadable IOCs: 12

Threat Assessment: Repellent Scorpius, Distributors of Cicada3301 Ransomware

Repellent Scorpius is a new ransomware-as-a-service group distributing Cicada3301 ransomware. It emerged in May 2024 and employs double extortion tactics involving data theft. The report covers a technical analysis of the Cicada3301 ransomware, the group's tactics, connections to historical inciden…
ransomware
extortion
exfiltration
encryption
cybercrime
2024-09-11
cicada3301
Published: September 11, 2024
Linked vulnerabilities : CVE-2024-1709, CVE-2024-1708
Downloadable IOCs: 8

BLX STEALER

Identified as a sophisticated dropper binary designed to deploy an information stealer dubbed BLX Stealer or XLABB Stealer, this malware has been actively promoted on Telegram and Discord platforms. It targets credentials, browser data, cryptocurrency wallets, and other sensitive personal informati…
cryptocurrency
stealer
persistence
credential
data exfiltration
2024-09-11
xlabb stealer
blx stealer
Published: September 11, 2024
Downloadable IOCs: 5

There's Something About CryptBot: Yet Another Silly Stealer

This report provides an in-depth technical analysis of a new variant of the CryptBot infostealer, dubbed Yet Another Silly Stealer (YASS). It details the delivery chain, involving the MustardSandwich downloader, and dissects the YASS payload's functionalities, including its data gathering, encrypti…
malware
infostealer
cryptbot
stealer
exfiltration
netsupport
downloader
2024-09-11
yass
mustardsandwich
Published: September 11, 2024
Downloadable IOCs: 13
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-8277

9.8
    Villatheme
  • Woocommerce Photo Reviews
Published: September 11, 2024

CVE-2024-45790

9.8
    Reedos
  • Aim-Star
Published: September 11, 2024

CVE-2024-6091

9.8
    Agpt
  • Autogpt
Published: September 11, 2024

CVE-2024-27112

9.8
    Soplanning
  • Soplanning
Published: September 11, 2024

CVE-2024-27113

9.8
    Soplanning
  • Soplanning
Published: September 11, 2024

CVE-2024-27114

9.8
    Soplanning
  • Soplanning
Published: September 11, 2024

CVE-2024-27115

9.8
    Soplanning
  • Soplanning
Published: September 11, 2024

CVE-2024-44466

9.8
    Comfast
  • Cf-Xr11 Firmware
  • Cf-Xr11
Published: September 11, 2024

CVE-2024-44541

9.8
    evilnapsis Inventio Lite
Published: September 11, 2024

CVE-2024-8692

9.8
    Tduckcloud
  • Tduckpro
Published: September 11, 2024

CVE-2024-8253

8.8
    Pickplugins
  • Post Grid
Published: September 11, 2024

CVE-2024-8636

8.8
    Google
  • Chrome
Published: September 11, 2024

CVE-2024-8637

8.8
    Google
  • Chrome
  • Android
Published: September 11, 2024

CVE-2024-8638

8.8
    Google
  • Chrome
Published: September 11, 2024

CVE-2024-8639

8.8
    Google
  • Chrome
  • Android
Published: September 11, 2024

CVE-2024-20381

8.8
    Cisco
  • Ios Xr
  • Network Services Orchestrator
  • Small Business Rv Series Router Firmware
Published: September 11, 2024

CVE-2024-44570

8.8
    RELY-PCIe
Published: September 11, 2024

CVE-2024-44571

8.8
    RELY-PCIe
Published: September 11, 2024

CVE-2024-44572

8.8
    RELY-PCIe
Published: September 11, 2024

CVE-2024-44574

8.8
    RELY-PCIe
Published: September 11, 2024

CVE-2024-44577

8.8
    RELY-PCIe
Published: September 11, 2024

CVE-2024-31336

8.4
    UNKNOWN
Published: September 11, 2024

CVE-2024-21529

8.2
    dset
Published: September 11, 2024

CVE-2024-7626

8.1
    Wpdelicious
  • Wp Delicious
Published: September 11, 2024

CVE-2024-8642

8.1
    Eclipse
  • Eclipse Dataspace Components
Published: September 11, 2024

CVE-2024-43690

8.0
    Command Centre Server
    Command Centre Workstations
Published: September 11, 2024

CVE-2024-40650

7.8
    Android
Published: September 11, 2024

CVE-2024-40655

7.8
    Android
Published: September 11, 2024

CVE-2024-40657

7.8
    Android
Published: September 11, 2024

CVE-2024-40658

7.8
    UNKNOWN
Published: September 11, 2024

CVE-2024-40662

7.8
    Android
Published: September 11, 2024

CVE-2024-8306

7.8
    Schneider-Electric
  • Vijeo Designer
  • Vijeo Designer Embedded In Ecostruxure Machine Expert
Published: September 11, 2024

CVE-2024-39378

7.8
    Adobe
  • Audition
    Apple
    Microsoft
Published: September 11, 2024

CVE-2024-45026

7.8
    Linux
  • Linux Kernel
Published: September 11, 2024

CVE-2024-5760

7.8
    Samsung
  • Universal Print Driver
    Microsoft
Published: September 11, 2024

CVE-2024-20398

7.8
    Cisco
  • Ios Xr
Published: September 11, 2024

CVE-2024-45327

7.5
    FortiSOAR
Published: September 11, 2024

CVE-2024-45788

7.5
    Reedos
  • Aim-Star
Published: September 11, 2024

CVE-2024-7609

7.5
    Vidco
  • Voc Tester
Published: September 11, 2024

CVE-2024-20304

7.5
    Cisco
  • Ios Xr
Published: September 11, 2024

CVE-2024-42760

7.5
    Ellevo
Published: September 11, 2024

CVE-2024-23716

7.4
    Linux Kernel
Published: September 11, 2024

CVE-2024-20317

7.4
    Cisco
  • Ios Xr
Published: September 11, 2024

CVE-2024-20406

7.4
    Cisco
  • Ios Xr
Published: September 11, 2024

CVE-2024-40652

7.3
    Android Settings app
Published: September 11, 2024

CVE-2019-25212

7.2
    I13websolution
  • Video Carousel Slider With Lightbox
Published: September 11, 2024

CVE-2024-20483

7.2
    Cisco
  • Ios Xr
Published: September 11, 2024

CVE-2024-8686

7.2
    Paloaltonetworks
  • Pan-Os
Published: September 11, 2024

CVE-2024-45023

7.1
    Linux
  • Linux Kernel
Published: September 11, 2024

CVE-2024-8687

7.1
    Paloaltonetworks
  • Pan-Os
  • Globalprotect
  • Prisma Access
Published: September 11, 2024

CVE-2024-24972

6.5
    Controller 6000
    Controller 7000
Published: September 11, 2024

CVE-2024-8096

6.5
    curl
Published: September 11, 2024

CVE-2024-45786

6.5
    Reedos
  • Aim-Star
Published: September 11, 2024

CVE-2024-45787

6.5
    Reedos
  • Aim-Star
Published: September 11, 2024

CVE-2024-43793

6.4
    Halo
  • Halo
Published: September 11, 2024

CVE-2024-8705

6.3
    UNKNOWN
Published: September 11, 2024

CVE-2024-23906

6.1
    Controller 6000
    Controller 7000
Published: September 11, 2024

CVE-2024-8646

6.1
    Eclipse
  • Glassfish
Published: September 11, 2024

CVE-2024-7312

6.1
    Payara
  • Payara
Published: September 11, 2024

CVE-2024-41868

5.5
    Adobe
  • Audition
    Apple
    Microsoft
Published: September 11, 2024

CVE-2024-45009

5.5
    Linux
  • Linux Kernel
Published: September 11, 2024

CVE-2024-45010

5.5
    Linux
  • Linux Kernel
Published: September 11, 2024

CVE-2024-45011

5.5
    Linux
  • Linux Kernel
Published: September 11, 2024

CVE-2024-45012

5.5
    Linux
  • Linux Kernel
Published: September 11, 2024

CVE-2024-45013

5.5
    Linux
  • Linux Kernel
Published: September 11, 2024

CVE-2024-45014

5.5
    Linux
  • Linux Kernel
Published: September 11, 2024

CVE-2024-45015

5.5
    Linux
  • Linux Kernel
Published: September 11, 2024

CVE-2024-45016

5.5
    Linux
  • Linux Kernel
Published: September 11, 2024

CVE-2024-45017

5.5
    Linux
  • Linux Kernel
Published: September 11, 2024

CVE-2024-45018

5.5
    Linux
  • Linux Kernel
Published: September 11, 2024

CVE-2024-45019

5.5
    Linux
  • Linux Kernel
Published: September 11, 2024

CVE-2024-45020

5.5
    Linux
  • Linux Kernel
Published: September 11, 2024

CVE-2024-45021

5.5
    Linux
  • Linux Kernel
Published: September 11, 2024

CVE-2024-45022

5.5
    Linux
  • Linux Kernel
Published: September 11, 2024

CVE-2024-45024

5.5
    Linux
  • Linux Kernel
Published: September 11, 2024

CVE-2024-45025

5.5
    Linux
  • Linux Kernel
Published: September 11, 2024

CVE-2024-45027

5.5
    Linux
  • Linux Kernel
Published: September 11, 2024

CVE-2024-45028

5.5
    Linux
  • Linux Kernel
Published: September 11, 2024

CVE-2024-45029

5.5
    Linux
  • Linux Kernel
Published: September 11, 2024

CVE-2024-45030

5.5
    Linux
  • Linux Kernel
Published: September 11, 2024

CVE-2024-46672

5.5
    Linux
  • Linux Kernel
Published: September 11, 2024

CVE-2024-20343

5.5
    Cisco
  • Ios Xr
    Linux
Published: September 11, 2024

CVE-2024-20489

5.5
    Cisco
  • Ios Xr
Published: September 11, 2024

CVE-2024-8440

5.4
    Wpdeveloper
  • Essential Addons For Elementor
Published: September 11, 2024

CVE-2024-8045

5.4
    Wpbackgrounds
  • Advanced Wordpress Backgrounds
Published: September 11, 2024

CVE-2024-5416

5.4
    Elementor
  • Website Builder
Published: September 11, 2024

CVE-2024-44851

5.4
    Perfexcrm
  • Perfex Crm
Published: September 11, 2024

CVE-2024-7727

5.3
    Bplugins
  • Html5 Video Player
Published: September 11, 2024

CVE-2024-20390

5.3
    Cisco
  • Ios Xr
Published: September 11, 2024

CVE-2024-4465

5.0
    Nozominetworks
  • Cmc
  • Guardian
Published: September 11, 2024

CVE-2024-3899

4.8
    Enviragallery
  • Envira Gallery
Published: September 11, 2024

CVE-2024-7716

4.8
    Gsplugins
  • Gs Logo Slider
Published: September 11, 2024

CVE-2024-39808

4.6
    Controller 6000
    Controller 7000
    Controller 6000
    Controller 7000
    Controller 6000
    Controller 7000
    Controller 6000
    Controller 7000
    Controller 6000
    Controller 7000
Published: September 11, 2024

CVE-2024-8688

4.4
    Paloaltonetworks
  • Pan-Os
Published: September 11, 2024

CVE-2024-8690

4.4
    Paloaltonetworks
  • Cortex Xdr Agent
    Microsoft
Published: September 11, 2024

CVE-2024-7721

4.3
    Bplugins
  • Html5 Video Player
Published: September 11, 2024

CVE-2024-45789

4.3
    Reedos
  • Aim-Star
Published: September 11, 2024

CVE-2024-8694

3.8
    JFinalCMS
Published: September 11, 2024

CVE-2024-1656

2.6
    Octopus Server
Published: September 11, 2024

CVE-2024-8693

2.4
    Kaon CG3000
Published: September 11, 2024

CVE-2024-40654

None
    Android
Published: September 11, 2024

CVE-2024-40656

None
    Android
Published: September 11, 2024

CVE-2024-40659

None
    Android OS
Published: September 11, 2024

CVE-2024-7805

None
    UNKNOWN
Published: September 11, 2024

CVE-2024-44573

None
    RELY-PCIe
Published: September 11, 2024

CVE-2024-44575

None
    RELY-PCIe
Published: September 11, 2024

CVE-2024-8097

None
    Payara Platform Payara Server
Published: September 11, 2024

CVE-2024-8689

None
    Cortex XSOAR
    Cortex XSIAM
Published: September 11, 2024

CVE-2024-8691

None
    Palo Alto Networks PAN-OS software
Published: September 11, 2024

CVE-2024-7889

None
    Citrix Workspace app for Windows
Published: September 11, 2024

CVE-2024-7890

None
    Citrix Workspace app for Windows
Published: September 11, 2024
Click here to see more Vulnerabilities