Tag: 2024-09-12

4 Attack Reports | 120 Vulnerabilities

Attack reports

DragonRank, a Chinese-speaking SEO manipulator service provider

Cisco Talos is disclosing a new threat called “DragonRank” that primarily targets countries in Asia and a few in Europe, operating PlugX and BadIIS for search engine optimization (SEO) rank manipulation.
plugx
black
mimikatz
badpotato
metasploit
2024-09-12
illusion
dragonrank
plugx loader
badiis malware
c cd
Published: September 12, 2024
Downloadable IOCs: 35

Phishing Via Typosquatting and Brand Impersonation: Trends and Tactics

From February to July 2024, an analysis of over 500 popular domains revealed more than 10,000 malicious lookalike domains employing typosquatting and brand impersonation techniques. Google, Microsoft, and Amazon were the most targeted brands, accounting for nearly 75% of phishing domains. Almost ha…
phishing
typosquatting
credential theft
scams
domain abuse
2024-09-12
brand impersonation
certificate abuse
Published: September 12, 2024
Downloadable IOCs: 10

Targeted Iranian Attacks Against Iraqi Government Infrastructure

Check Point Research uncovered a new malware campaign targeting Iraqi government entities, employing custom tools named Veaty and Spearal. The attack utilizes various techniques including passive IIS backdoors, DNS tunneling, and C2 communication via compromised email accounts. The malware shows co…
backdoor
iran
government
dns tunneling
infrastructure
2024-09-12
spearal
email c2
veaty
cachehttp
iis module
iraq
Published: September 12, 2024
Downloadable IOCs: 16

19 Websites Identified as Part of an Iranian Global Influence Operation

An investigation has uncovered a network of 19 websites created by Iran as part of a global influence operation. These sites, presenting themselves as independent sources of opinion and analysis, target audiences across the United States, Europe, the Middle East, the Caucasus, and South America. Tw…
disinformation
2024-09-12
election interference
influence operation
political manipulation
Published: September 12, 2024
Downloadable IOCs: 19
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-29847

9.8
    Ivanti
  • Endpoint Manager
Published: September 12, 2024

CVE-2021-38132

9.8
    Microfocus
  • Edirectory
Published: September 12, 2024

CVE-2024-28990

9.8
    Solarwinds
  • Access Rights Manager
Published: September 12, 2024

CVE-2024-45824

9.8
    UNKNOWN
Published: September 12, 2024

CVE-2024-45823

9.8
    Rockwellautomation
  • Factorytalk Batch View
Published: September 12, 2024

CVE-2024-8695

9.8
    Docker
  • Desktop
Published: September 12, 2024

CVE-2024-8696

9.8
    Docker
  • Desktop
Published: September 12, 2024

CVE-2024-7961

9.8
    Rockwellautomation
  • Pavilion8
Published: September 12, 2024

CVE-2021-22533

9.1
    Microfocus
  • Edirectory
Published: September 12, 2024

CVE-2024-40457

9.1
    No-IP Dynamic Update Client (DUC) v3.x
Published: September 12, 2024

CVE-2024-2743

9.1
    Gitlab
  • Gitlab
Published: September 12, 2024

CVE-2024-7960

9.1
    Rockwellautomation
  • Pavilion8
Published: September 12, 2024

CVE-2024-8709

8.8
    Mayurik
  • Best House Rental Management System
Published: September 12, 2024

CVE-2024-8710

8.8
    Code-Projects
  • Inventory Management
Published: September 12, 2024

CVE-2024-45846

8.8
    Mindsdb
  • Mindsdb
Published: September 12, 2024

CVE-2024-45847

8.8
    Mindsdb
  • Mindsdb
Published: September 12, 2024

CVE-2024-45848

8.8
    Mindsdb
  • Mindsdb
Published: September 12, 2024

CVE-2024-45849

8.8
    Mindsdb
  • Mindsdb
Published: September 12, 2024

CVE-2024-45850

8.8
    Mindsdb
  • Mindsdb
Published: September 12, 2024

CVE-2024-45851

8.8
    Mindsdb
  • Mindsdb
Published: September 12, 2024

CVE-2024-45852

8.8
    Mindsdb
  • Mindsdb
Published: September 12, 2024

CVE-2024-28991

8.8
    Solarwinds
  • Access Rights Manager
Published: September 12, 2024

CVE-2024-45826

8.8
    Rockwellautomation
  • Thinmanager
Published: September 12, 2024

CVE-2024-8640

8.8
    Gitlab
  • Gitlab
Published: September 12, 2024

CVE-2024-6678

8.8
    Gitlab
  • Gitlab
Published: September 12, 2024

CVE-2024-8641

8.8
    Gitlab
  • Gitlab
Published: September 12, 2024

CVE-2024-8533

8.8
    Rockwellautomation
  • 2800c Optixpanel Compact Firmware
  • 2800c Optixpanel Compact
  • 2800s Optixpanel Standard Firmware
  • 2800s Optixpanel Standard
  • Embedded Edge Compute Module Firmware
  • Embedded Edge Compute Module
Published: September 12, 2024

CVE-2024-28981

8.5
    Hitachi Vantara Pentaho Data Integration & Analytics
Published: September 12, 2024

CVE-2024-6658

8.4
    LoadMaster
    Multi-Tenant Hypervisor
    ECS
Published: September 12, 2024

CVE-2024-37397

8.2
    Ivanti EPM
Published: September 12, 2024

CVE-2024-8754

8.1
    Gitlab
  • Gitlab
Published: September 12, 2024

CVE-2024-27320

7.8
    Refuel
  • Autolabel
Published: September 12, 2024

CVE-2024-27321

7.8
    Refuel
  • Autolabel
Published: September 12, 2024

CVE-2024-45857

7.8
    Cleanlab project
Published: September 12, 2024

CVE-2024-6510

7.8
    Avg
  • Internet Security
Published: September 12, 2024

CVE-2024-45181

7.8
    Wibu
  • Wibukey
    Microsoft
Published: September 12, 2024

CVE-2024-8711

7.5
    Oretnom23
  • Food Ordering Management System
Published: September 12, 2024

CVE-2024-45624

7.5
    Pgpool-II
Published: September 12, 2024

CVE-2024-8522

7.5
    Thimpress
  • Learnpress
Published: September 12, 2024

CVE-2024-8529

7.5
    Thimpress
  • Learnpress
Published: September 12, 2024

CVE-2024-8749

7.5
    I-Doit
  • I-Doit
Published: September 12, 2024

CVE-2021-22532

7.5
    Microfocus
  • Edirectory
Published: September 12, 2024

CVE-2022-26322

7.5
    Netiq
  • Identity Manager Rest Driver
Published: September 12, 2024

CVE-2024-3305

7.5
    Utarit
  • Soliclub
Published: September 12, 2024

CVE-2024-3306

7.5
    Utarit
  • Soliclub
Published: September 12, 2024

CVE-2024-45853

7.5
    Mindsdb
  • Mindsdb
Published: September 12, 2024

CVE-2024-45854

7.5
    Mindsdb
  • Mindsdb
Published: September 12, 2024

CVE-2024-45855

7.5
    Mindsdb
  • Mindsdb
Published: September 12, 2024

CVE-2024-45825

7.5
    Rockwellautomation
  • 5015-U8ihft Firmware
  • 5015-U8ihft
Published: September 12, 2024

CVE-2024-4660

7.5
    Gitlab
  • Gitlab
Published: September 12, 2024

CVE-2024-8124

7.5
    Gitlab
  • Gitlab
Published: September 12, 2024

CVE-2024-34334

7.5
    Ordat
  • Ordat.Erp
Published: September 12, 2024

CVE-2024-44459

7.5
    Octavolabs
  • Vernemq
Published: September 12, 2024

CVE-2024-44460

7.5
    Emqx
  • Nanomq
Published: September 12, 2024

CVE-2024-6077

7.5
    Rockwellautomation
  • Compactlogix 5380 Firmware
  • Compactlogix 5380
  • Compact Guardlogix 5380 Sil 2 Firmware
  • Compact Guardlogix 5380 Sil 2
  • Compact Guardlogix 5380 Sil 3 Firmware
  • Compact Guardlogix 5380 Sil 3
  • Compactlogix 5480 Firmware
  • Compactlogix 5480
  • Controllogix 5580 Firmware
  • Controllogix 5580
  • Guardlogix 5580 Firmware
  • Guardlogix 5580
  • 1756-En4 Firmware
  • 1756-En4
Published: September 12, 2024

CVE-2024-8751

7.5
    MSC800
    MSC800 LFT
Published: September 12, 2024

CVE-2024-20430

7.3
    Cisco
  • Meraki Systems Manager
Published: September 12, 2024

CVE-2024-32840

7.2
    Ivanti
  • Endpoint Manager
Published: September 12, 2024

CVE-2024-32842

7.2
    Ivanti
  • Endpoint Manager
Published: September 12, 2024

CVE-2024-32843

7.2
    Ivanti
  • Endpoint Manager
Published: September 12, 2024

CVE-2024-32845

7.2
    Ivanti
  • Endpoint Manager
Published: September 12, 2024

CVE-2024-32846

7.2
    Ivanti
  • Endpoint Manager
Published: September 12, 2024

CVE-2024-32848

7.2
    Ivanti
  • Endpoint Manager
Published: September 12, 2024

CVE-2024-34779

7.2
    Ivanti
  • Endpoint Manager
Published: September 12, 2024

CVE-2024-34783

7.2
    Ivanti
  • Endpoint Manager
Published: September 12, 2024

CVE-2024-34785

7.2
    Ivanti
  • Endpoint Manager
Published: September 12, 2024

CVE-2024-7766

7.2
    Erichamby
  • Adicon Server
Published: September 12, 2024

CVE-2024-8631

7.2
    Gitlab
  • Gitlab
Published: September 12, 2024

CVE-2024-6840

6.6
    Ansible Automation Controller
Published: September 12, 2024

CVE-2024-38222

6.5
    Microsoft
  • Edge
Published: September 12, 2024

CVE-2024-7817

6.5
    Michalaugustyniak
  • Misiek Photo Album
Published: September 12, 2024

CVE-2024-7820

6.5
    Elliot
  • Ilc Thickbox
Published: September 12, 2024

CVE-2024-7859

6.5
    Visual Sound Project
  • Visual Sound
Published: September 12, 2024

CVE-2024-7862

6.5
    Kimhuebel
  • Blogintroduction-Wordpress-Plugin
Published: September 12, 2024

CVE-2021-38133

6.5
    Microfocus
  • Edirectory
Published: September 12, 2024

CVE-2024-42483

6.5
    Espressif
  • Esp-Now
Published: September 12, 2024

CVE-2024-42484

6.5
    ESP-NOW Component
Published: September 12, 2024

CVE-2024-5435

6.5
    Gitlab
  • Gitlab
Published: September 12, 2024

CVE-2024-8635

6.5
    Gitlab
  • Gitlab
Published: September 12, 2024

CVE-2024-8311

6.5
    Gitlab
  • Gitlab
Published: September 12, 2024

CVE-2024-8708

6.1
    Mayurik
  • Best House Rental Management System
Published: September 12, 2024

CVE-2024-6017

6.1
    Scriptonite
  • Music Request Manager
Published: September 12, 2024

CVE-2024-6018

6.1
    Scriptonite
  • Music Request Manager
Published: September 12, 2024

CVE-2024-6019

6.1
    Scriptonite
  • Music Request Manager
Published: September 12, 2024

CVE-2024-7816

6.1
    Adeelraza
  • Gixaw Chat
Published: September 12, 2024

CVE-2024-7818

6.1
    Michalaugustyniak
  • Misiek Photo Album
Published: September 12, 2024

CVE-2024-7822

6.1
    Gwycon
  • Quick Code
Published: September 12, 2024

CVE-2024-7860

6.1
    Outtolunchproductions
  • Simple Headline Rotator
Published: September 12, 2024

CVE-2024-7861

6.1
    Michalaugustyniak
  • Misiek Paypal
Published: September 12, 2024

CVE-2024-8054

6.1
    Mm-Breaking News Project
  • Mm-Breaking News
Published: September 12, 2024

CVE-2024-8056

6.1
    Mm-Breaking News Project
  • Mm-Breaking News
Published: September 12, 2024

CVE-2024-2010

6.1
    Tebilisim
  • V5
Published: September 12, 2024

CVE-2024-8622

6.1
    Amcharts
  • Amcharts\
Published: September 12, 2024

CVE-2024-8750

6.1
    I-Doit
  • I-Doit
Published: September 12, 2024

CVE-2021-22503

6.1
    Microfocus
  • Edirectory
Published: September 12, 2024

CVE-2021-38131

6.1
    Microfocus
  • Edirectory
Published: September 12, 2024

CVE-2024-4612

6.1
    Gitlab
  • Gitlab
Published: September 12, 2024

CVE-2024-34335

6.1
    Ordat
  • Ordat.Erp
Published: September 12, 2024

CVE-2024-45303

6.1
    Discourse
  • Calendar
Published: September 12, 2024

CVE-2021-22518

5.5
    Opentext
  • Identity Manager Azuread Driver
Published: September 12, 2024

CVE-2024-41629

5.5
    Ti
  • Fusion Digital Power Designer
Published: September 12, 2024

CVE-2024-45182

5.5
    Wibu
  • Wibukey
    Microsoft
Published: September 12, 2024

CVE-2024-4472

5.5
    Gitlab
  • Gitlab
Published: September 12, 2024

CVE-2024-45856

5.4
    Mindsdb
  • Mindsdb
Published: September 12, 2024

CVE-2024-34336

5.3
    Ordat
  • Ordat.Erp
Published: September 12, 2024

CVE-2024-45607

5.3
    Secreto31126
  • Whatsapp-Api-Js
Published: September 12, 2024

CVE-2024-45383

5.0
    Microsoft
  • High Definition Audio Bus Driver
Published: September 12, 2024

CVE-2024-5799

4.8
    Cminds
  • Cm Popup
Published: September 12, 2024

CVE-2024-6887

4.8
    Seedprod
  • Rafflepress
Published: September 12, 2024

CVE-2024-6700

4.8
    Pega
  • Infinity
Published: September 12, 2024

CVE-2024-6701

4.8
    Pega
  • Infinity
Published: September 12, 2024

CVE-2024-6702

4.8
    Pega
  • Infinity
Published: September 12, 2024

CVE-2024-8706

4.3
    JFinalCMS
Published: September 12, 2024

CVE-2024-8707

4.3
    云课网络科技有限公司 Yunke Online School System
Published: September 12, 2024

CVE-2024-3163

4.3
    Realestateconnected
  • Easy Property Listings
Published: September 12, 2024

CVE-2024-6389

4.3
    Gitlab
  • Gitlab
Published: September 12, 2024

CVE-2020-24061

4.3
    Kasdanet
  • Kw5515 Firmware
  • Kw5515
Published: September 12, 2024

CVE-2024-25270

4.3
    Mirapolis
  • Lms
Published: September 12, 2024

CVE-2024-6446

3.5
    Gitlab
  • Gitlab
Published: September 12, 2024

CVE-2024-36066

3.1
    Keyfactor
  • Ejbca
Published: September 12, 2024
Click here to see more Vulnerabilities