Today > vulnerabilities   -   You can now download lists of IOCs here!

Tag: 2024-09-19

3 attack reports | 52 vulnerabilities

Attack reports

WebDAV-as-a-Service: Uncovering the infrastructure behind Emmenhtal loader distribution - Sekoia.io Blog

The Emmenhtal loader, also known as PeakLight, operates in a memory-only manner, making it difficult to detect and analyse. It is primarily used to distribute other malicious payloads, including well-known infostealers that target sensitive information.

darkgate
dcrat
webdav
2024-09-19
marko polo
zgrat
google cloud
clearfake
emmenhtal
peaklight
selfau3
Published: September 19, 2024

Downloadable IOCs 120

SambaSpy – a new RAT targeting Italian users

A campaign exclusively targeting Italian users was detected in May 2024, delivering a new Remote Access Trojan (RAT) dubbed SambaSpy. The infection chain involves phishing emails impersonating a legitimate Italian real estate company, redirecting victims to a malicious website. The campaign employs…

rat
phishing
java
2024-09-19
credential stealing
sambaspy
Published: September 19, 2024

Downloadable IOCs 24

Gleaming Pisces Poisoned Python Packages Campaign Delivers PondRAT Linux and MacOS Backdoors

Unit 42 researchers have uncovered an ongoing campaign involving poisoned Python packages that deliver Linux and macOS backdoors. The attackers, believed to be the North Korean-affiliated group Gleaming Pisces, uploaded malicious packages to PyPI. The campaign's objective appears to be gaining acce…

rat
cryptocurrency
macos
poolrat
pondrat
2024-09-19
applejeus
Published: September 19, 2024

Downloadable IOCs 16

» Click here to see all Attack Reports «

Vulnerabilities

CVE-2024-46946

9.8
LangChain Experimental
Published: September 19, 2024

CVE-2024-47088

9.8
Apex Softcell LD Geo
Published: September 19, 2024

CVE-2024-31570

9.8
FreeImage
Published: September 19, 2024

CVE-2024-33109

9.8
Tiptel IP 286
Published: September 19, 2024

CVE-2024-40125

9.8
Closed-Loop Technology CLESS Server
Published: September 19, 2024

CVE-2024-9004

9.8
D-Link DAR-7000
Published: September 19, 2024

CVE-2023-27584

9.8
dragonfly
Published: September 19, 2024

CVE-2024-46983

9.8
sofa-hessian
Published: September 19, 2024

CVE-2024-46984

9.8
reference_validator
Published: September 19, 2024

CVE-2024-9008

9.8
best_online_news_portal
Published: September 19, 2024

CVE-2024-8963

9.1
Ivanti CSA
Published: September 19, 2024

CVE-2024-46394

8.8
FrogCMS
Published: September 19, 2024

CVE-2024-9001

8.8
TOTOLINK T10
Published: September 19, 2024

CVE-2024-43489

8.8
Microsoft Edge (Chromium-based)
Published: September 19, 2024

CVE-2024-43496

8.8
Microsoft Edge
Published: September 19, 2024

CVE-2024-9006

8.8
123solar
Published: September 19, 2024

CVE-2024-7736

8.7
ENOVIA Collaborative Industry Innovator
Published: September 19, 2024

CVE-2024-7737

8.7
3DSwym
Published: September 19, 2024

CVE-2024-38016

7.8
Microsoft Office Visio
Published: September 19, 2024

CVE-2024-8698

7.7
Keycloak
Published: September 19, 2024

CVE-2024-46382

7.5
linlinjava litemall
Published: September 19, 2024

CVE-2024-45861

7.5
Kastle Systems firmware
Published: September 19, 2024

CVE-2024-45862

7.5
Kastle Systems firmware
Published: September 19, 2024

CVE-2024-45410

7.5
traefik
Published: September 19, 2024

CVE-2024-45752

7.3
logiops
Published: September 19, 2024

CVE-2024-47085

6.5
LD DP Back Office
Published: September 19, 2024

CVE-2024-47086

6.5
LD DP Back Office
Published: September 19, 2024

CVE-2024-47087

6.5
Apex Softcell LD Geo
Published: September 19, 2024

CVE-2024-47089

6.5
Apex Softcell LD Geo
Published: September 19, 2024

CVE-2024-8850

6.1
MC4WP: Mailchimp for WordPress plugin
Published: September 19, 2024

CVE-2024-8883

6.1
Keycloak
Published: September 19, 2024

CVE-2024-8652

6.1
NetCat CMS
Published: September 19, 2024

CVE-2024-8653

6.1
NetCat CMS
Published: September 19, 2024

CVE-2024-25673

6.1
Couchbase Server
Published: September 19, 2024

CVE-2024-45769

5.5
Performance Co-Pilot (PCP)
Published: September 19, 2024

CVE-2024-8354

5.5
QEMU
Published: September 19, 2024

CVE-2024-8364

5.4
WP Custom Fields Search plugin for WordPress
Published: September 19, 2024

CVE-2024-45614

5.4
puma
Published: September 19, 2024

CVE-2024-9007

5.4
123solar
Published: September 19, 2024

CVE-2022-4533

5.3
Limit Login Attempts Plus plugin for WordPress
Published: September 19, 2024

CVE-2024-8651

5.3
NetCat CMS
Published: September 19, 2024

CVE-2024-47160

5.3
JetBrains YouTrack
Published: September 19, 2024

CVE-2024-47162

5.3
JetBrains YouTrack
Published: September 19, 2024

CVE-2024-9003

5.3
JFlow
Published: September 19, 2024

CVE-2024-45770

4.4
Performance Co-Pilot (PCP)
Published: September 19, 2024

CVE-2024-47159

4.3
JetBrains YouTrack
Published: September 19, 2024

CVE-2024-38221

4.3
Microsoft Edge (Chromium-based)
Published: September 19, 2024

CVE-2024-7254

None
Protocol Buffers
Published: September 19, 2024

CVE-2024-8986

None
Grafana
Published: September 19, 2024

CVE-2024-7785

None
Electronic Ticket System
Published: September 19, 2024

CVE-2024-8375

None
Reverb
Published: September 19, 2024

CVE-2024-7207

None
UNKNOWN
Published: September 19, 2024
» Click here to see all Vulnerabilities «