Attack Reports
| Title | Published | Tags | Description | Number of indicators |
|---|---|---|---|---|
| Security Brief: Actor Uses Compromised Accounts, Customized Social Engineering to Target Transport and Logistics Firms with Malware | Sept. 24, 2024, 5:44 p.m. | A threat actor is targeting transportation and logistics companies in North America with malware campaigns. The actor uses compro… | 23 | |
| Analysis of APT-C-00 (OceanLotus) Double Loader and Related VMP Loader | Sept. 24, 2024, 2:46 p.m. | The report discusses recent attacks by APT-C-00 (OceanLotus), a state-sponsored hacking group. It analyzes two types of loaders u… | 1 | |
| Kryptina RaaS - From Unsellable Cast-Off to Enterprise Ransomware | Sept. 24, 2024, 2:42 p.m. | This analysis examines the evolution of Kryptina, a ransomware-as-a-service platform, from a free tool on public forums to being … | 21 | |
| How Ransomhub Ransomware Uses EDRKillShifter to Disable EDR and Antivirus Protections | Sept. 24, 2024, 2:26 p.m. | The RansomHub ransomware, attributed to a group tracked as Water Bakunawa, employs sophisticated anti-EDR techniques to evade sec… | 9 | |
| ReadText34 Ransomware Incident | Sept. 24, 2024, 2:22 p.m. | A ransomware attack was observed in September 2024, targeting an endpoint with limited visibility. The threat actor used stolen A… | 6 | |
| Uncovering ICICI Phishing Campaign: New Fraud App Found | Sept. 24, 2024, 2:09 p.m. | A malicious host mimicking ICICI Bank has been discovered, along with a fraudulent app disguised as ICICI Helpdesk. The phishing … | 3 | |
| Behind the CAPTCHA: A Clever Gateway of Malware | Sept. 24, 2024, 2:07 p.m. | A sophisticated infection chain dubbed ClickFix has been observed using fake CAPTCHA pages to distribute Lumma Stealer malware. T… | 7 | |
| Unmasking MuddyWater's Multiple RMM Software Attacks | Sept. 24, 2024, 1:20 p.m. | MuddyWater, a threat group active since 2017, has been utilizing various Remote Monitoring and Management (RMM) software for atta… | 49 | |
| Necro Trojan infiltrates Google Play and Spotify and WhatsApp mods | Sept. 24, 2024, 1:15 p.m. | A new version of the Necro Trojan has infected various popular applications, including game mods and apps on Google Play, potenti… | 6 | |
| Inside SnipBot: The Latest RomCom Malware Variant | Sept. 24, 2024, 12:39 p.m. | A novel version of the RomCom malware family called SnipBot has been discovered, revealing post-infection activity from attackers… | 38 |
Vulnerabilities
| CVE | CVSS | Published | Product impacted | Tags |
|---|---|---|---|---|
| CVE-2024-8624 | 9.9 | Sept. 24, 2024, 3:15 a.m. |  MDTF – Meta Data and Taxonomies Filter plugin for WordPress |
|
| CVE-2024-8791 | 9.8 | Sept. 24, 2024, 3:15 a.m. | Donation Forms by Charitable - Donations Plugin & Fundraising Platform for WordPress |
|
| CVE-2024-8671 | 9.1 | Sept. 24, 2024, 3:15 a.m. | WooEvents - Calendar and Event Booking plugin for WordPress |
|
| CVE-2024-8795 | 8.8 | Sept. 24, 2024, 2:15 a.m. | BA Book Everything plugin for WordPress |
|
| CVE-2024-8623 | 7.3 | Sept. 24, 2024, 3:15 a.m. | MDTF - Meta Data and Taxonomies Filter plugin for WordPress |
|
| CVE-2022-2439 | 7.2 | Sept. 24, 2024, 3:15 a.m. | Easy Digital Downloads - Simple eCommerce for Selling Digital Files plugin for WordPress |
|
| CVE-2024-8657 | 6.4 | Sept. 24, 2024, 2:15 a.m. | WordPress Garden Gnome Package plugin |
|
| CVE-2024-8544 | 6.1 | Sept. 24, 2024, 2:15 a.m. | Pixel Cat - Conversion Pixel Manager plugin for WordPress |
|
| CVE-2024-8662 | 6.1 | Sept. 24, 2024, 2:15 a.m. | Koko Analytics plugin for WordPress |
|
| CVE-2024-8716 | 6.1 | Sept. 24, 2024, 2:15 a.m. | XT Ajax Add To Cart for WooCommerce plugin |
|
| CVE-2024-8738 | 6.1 | Sept. 24, 2024, 2:15 a.m. | Seriously Simple Stats plugin for WordPress |
|
| CVE-2024-8628 | 5.4 | Sept. 24, 2024, 3:15 a.m. | Popup, Optin Form & Email Newsletters for Mailchimp, HubSpot, AWeber – MailOptin plugin for WordPress |
|
| CVE-2024-8794 | 5.3 | Sept. 24, 2024, 3:15 a.m. | BA Book Everything plugin for WordPress |
|
| CVE-2024-38266 | 4.9 | Sept. 24, 2024, 2:15 a.m. | Zyxel VMG8825-T50K |
|
| CVE-2024-38267 | 4.9 | Sept. 24, 2024, 2:15 a.m. | Zyxel VMG8825-T50K firmware |
|
| CVE-2024-38268 | 4.9 | Sept. 24, 2024, 2:15 a.m. | Zyxel VMG8825-T50K firmware |
|
| CVE-2024-38269 | 4.9 | Sept. 24, 2024, 2:15 a.m. | Zyxel VMG8825-T50K firmware |
|
| CVE-2024-8432 | 4.3 | Sept. 24, 2024, 2:15 a.m. | Appointment & Event Booking Calendar Plugin - Webba Booking plugin for WordPress |