Tag: 2024-09-19

3 Attack Reports | 52 Vulnerabilities

Attack reports

WebDAV-as-a-Service: Uncovering the infrastructure behind Emmenhtal loader distribution - Sekoia.io Blog

The Emmenhtal loader, also known as PeakLight, operates in a memory-only manner, making it difficult to detect and analyse. It is primarily used to distribute other malicious payloads, including well-known infostealers that target sensitive information.
darkgate
dcrat
webdav
2024-09-19
marko polo
zgrat
google cloud
clearfake
emmenhtal
peaklight
selfau3
Published: September 19, 2024
Downloadable IOCs: 120

SambaSpy – a new RAT targeting Italian users

A campaign exclusively targeting Italian users was detected in May 2024, delivering a new Remote Access Trojan (RAT) dubbed SambaSpy. The infection chain involves phishing emails impersonating a legitimate Italian real estate company, redirecting victims to a malicious website. The campaign employs…
rat
phishing
java
2024-09-19
credential stealing
sambaspy
Published: September 19, 2024
Downloadable IOCs: 24

Gleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS Backdoors

Unit 42 researchers have uncovered an ongoing campaign involving poisoned Python packages that deliver Linux and macOS backdoors. The attackers, believed to be the North Korean-affiliated group Gleaming Pisces, uploaded malicious packages to PyPI. The campaign's objective appears to be gaining acce…
rat
cryptocurrency
macos
poolrat
pondrat
2024-09-19
applejeus
Published: September 19, 2024
Linked vulnerabilities : CVE-2024-3400, CVE-2024-3094
Downloadable IOCs: 16
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-46946

9.8
    LangChain Experimental
Published: September 19, 2024

CVE-2024-47088

9.8
    Apexsoftcell
  • Ld Geo
  • Ld Dp Back Office
Published: September 19, 2024

CVE-2024-31570

9.8
    Freeimage Project
  • Freeimage
Published: September 19, 2024

CVE-2024-33109

9.8
    Ergophone
  • Tiptel Ip 286 Firmware
  • Tiptel Ip 286
    Yealink
Published: September 19, 2024

CVE-2024-40125

9.8
    Closed-Loop
  • Cless Server
Published: September 19, 2024

CVE-2024-9004

9.8
    Dlink
  • Dar-7000 Firmware
  • Dar-7000
Published: September 19, 2024

CVE-2023-27584

9.8
    D7y
  • Dragonfly
Published: September 19, 2024

CVE-2024-46983

9.8
    Antfin
  • Sofa-Hessian
Published: September 19, 2024

CVE-2024-46984

9.8
    Gematik
  • Reference Validator
Published: September 19, 2024

CVE-2024-9008

9.8
    Best Online News Portal Project
  • Best Online News Portal
Published: September 19, 2024

CVE-2024-8963

9.1
    Ivanti
  • Endpoint Manager Cloud Services Appliance
Published: September 19, 2024

CVE-2024-46394

8.8
    Frogcms Project
  • Frogcms
Published: September 19, 2024

CVE-2024-9001

8.8
    Totolink
  • T10 Firmware
  • T10
Published: September 19, 2024

CVE-2024-43489

8.8
    Microsoft
  • Edge Chromium
Published: September 19, 2024

CVE-2024-43496

8.8
    Microsoft
  • Edge Chromium
Published: September 19, 2024

CVE-2024-9006

8.8
    Jeanmarc77
  • 123solar
Published: September 19, 2024

CVE-2024-7736

8.7
    ENOVIA Collaborative Industry Innovator
Published: September 19, 2024

CVE-2024-7737

8.7
    3DSwym
Published: September 19, 2024

CVE-2024-38016

7.8
    Microsoft
  • 365 Apps
  • Office
  • Office Long Term Servicing Channel
  • Visio
Published: September 19, 2024

CVE-2024-8698

7.7
    Keycloak
Published: September 19, 2024

CVE-2024-46382

7.5
    Linlinjava
  • Litemall
Published: September 19, 2024

CVE-2024-45861

7.5
    Kastle
  • Access Control System Firmware
  • Access Control System
Published: September 19, 2024

CVE-2024-45862

7.5
    Kastle
  • Access Control System Firmware
  • Access Control System
Published: September 19, 2024

CVE-2024-45410

7.5
    Traefik
  • Traefik
Published: September 19, 2024

CVE-2024-45752

7.3
    Pixlone
  • Logiops
Published: September 19, 2024

CVE-2024-47085

6.5
    Apexsoftcell
  • Ld Geo
  • Ld Dp Back Office
Published: September 19, 2024

CVE-2024-47086

6.5
    Apexsoftcell
  • Ld Geo
  • Ld Dp Back Office
Published: September 19, 2024

CVE-2024-47087

6.5
    Apexsoftcell
  • Ld Geo
  • Ld Dp Back Office
Published: September 19, 2024

CVE-2024-47089

6.5
    Apexsoftcell
  • Ld Geo
  • Ld Dp Back Office
Published: September 19, 2024

CVE-2024-8850

6.1
    Ibericode
  • Mailchimp
Published: September 19, 2024

CVE-2024-8883

6.1
    Redhat
  • Build Of Keycloak
  • Openshift Container Platform
  • Openshift Container Platform For Ibm Z
  • Openshift Container Platform For Linuxone
  • Openshift Container Platform For Power
  • Single Sign-On
Published: September 19, 2024

CVE-2024-8652

6.1
    Netcat
  • Netcat Content Management System
Published: September 19, 2024

CVE-2024-8653

6.1
    Netcat
  • Netcat Content Management System
Published: September 19, 2024

CVE-2024-25673

6.1
    Couchbase
  • Couchbase Server
Published: September 19, 2024

CVE-2024-45769

5.5
    Performance Co-Pilot (PCP)
Published: September 19, 2024

CVE-2024-8354

5.5
    Qemu
  • Qemu
    Redhat
Published: September 19, 2024

CVE-2024-8364

5.4
    Webhammer
  • Wp Custom Fields Search
Published: September 19, 2024

CVE-2024-45614

5.4
    Puma
  • Puma
Published: September 19, 2024

CVE-2024-9007

5.4
    Jeanmarc77
  • 123solar
Published: September 19, 2024

CVE-2022-4533

5.3
    Felixmoira
  • Limit Login Attempts Plus
Published: September 19, 2024

CVE-2024-8651

5.3
    Netcat
  • Netcat Content Management System
Published: September 19, 2024

CVE-2024-47160

5.3
    Jetbrains
  • Youtrack
Published: September 19, 2024

CVE-2024-47162

5.3
    Jetbrains
  • Youtrack
Published: September 19, 2024

CVE-2024-9003

5.3
    Jflow Project
  • Jflow
Published: September 19, 2024

CVE-2024-45770

4.4
    Performance Co-Pilot (PCP)
Published: September 19, 2024

CVE-2024-47159

4.3
    Jetbrains
  • Youtrack
Published: September 19, 2024

CVE-2024-38221

4.3
    Microsoft
  • Edge Chromium
Published: September 19, 2024

CVE-2024-7254

None
    Protocol Buffers
Published: September 19, 2024

CVE-2024-8986

None
    Grafana
Published: September 19, 2024

CVE-2024-7785

None
    Electronic Ticket System
Published: September 19, 2024

CVE-2024-8375

None
    Reverb
Published: September 19, 2024

CVE-2024-7207

None
    UNKNOWN
Published: September 19, 2024
Click here to see more Vulnerabilities