Attack Reports
| Title | Published | Tags | Description | Number of indicators |
|---|---|---|---|---|
| Analyzing the Newest Turla Backdoor | Sept. 27, 2024, 5:23 p.m. | The Russian APT group Turla has launched a new campaign using shortcut files to infect systems with a fileless backdoor. The malw… | 5 | |
| Cyberespionage the Gamaredon way: Analysis of toolset used to spy on Ukraine in 2022 and 2023 | Sept. 27, 2024, 5:15 p.m. | This report provides a comprehensive analysis of the toolset used by the Russia-aligned Gamaredon APT group to conduct cyberespio… | 50 | |
| MimiStick — imitators of Sticky Werewolf | Sept. 27, 2024, 5:05 p.m. | F.A.C.C.T. Threat Intelligence discovered a malicious file targeting Russian defense industry enterprises. Initially thought to b… | 14 | |
| Unraveling SloppyLemming’s Operations Across South Asia | Sept. 27, 2024, 1:49 p.m. | An investigation reveals SloppyLemming, an advanced threat actor targeting South and East Asian countries, particularly Pakistan.… | 96 | |
| Inside the Dragon: DragonForce Ransomware Group | Sept. 27, 2024, 1:43 p.m. | In this blog, Group-IB delves into the inner workings of the DragonForce ransomware group. Discovered in August 2023, DragonForce… | 5 | |
| Infrastructure linking PandorahVNC and Mesh Central | Sept. 27, 2024, 1:22 p.m. | This analysis investigates PandorahVNC, a sophisticated Hidden Virtual Network Computing tool, and its connections to a new servi… | 11 | |
| LummaC2: Obfuscation Through Indirect Control Flow | Sept. 27, 2024, 1:18 p.m. | This analysis examines a control flow obfuscation technique used by recent LummaC2 stealer samples. The malware employs customize… | 0 | |
| Wallet Scam: A Case Study in Crypto Drainer Tactics | Sept. 27, 2024, 9:17 a.m. | A malicious app on Google Play, posing as WalletConnect, targeted mobile users to steal cryptocurrency. The app evaded detection … | 8 |
Vulnerabilities
| CVE | CVSS | Published | Product impacted | Tags |
|---|---|---|---|---|
| CVE-2024-8922 | 8.8 | Sept. 27, 2024, 6:15 a.m. |  Product Enquiry for WooCommerce |
|
| CVE-2024-39431 | 8.3 | Sept. 27, 2024, 8:15 a.m. | UNKNOWN |
|
| CVE-2024-39432 | 8.3 | Sept. 27, 2024, 8:15 a.m. | UNKNOWN |
|
| CVE-2024-9029 | 7.5 | Sept. 27, 2024, 7:15 a.m. | FreeImage |
|
| CVE-2024-9130 | 7.2 | Sept. 27, 2024, 6:15 a.m. | GiveWP Donation Plugin and Fundraising Platform |
|
| CVE-2024-6931 | 7.2 | Sept. 27, 2024, 9:15 a.m. | WordPress The Events Calendar plugin |
|
| CVE-2024-7714 | 6.5 | Sept. 27, 2024, 6:15 a.m. | AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin |
|
| CVE-2024-39435 | 6.5 | Sept. 27, 2024, 8:15 a.m. | Logmanager service |
|
| CVE-2024-8965 | 6.4 | Sept. 27, 2024, 6:15 a.m. | Absolute Reviews plugin for WordPress |
|
| CVE-2024-8681 | 6.4 | Sept. 27, 2024, 7:15 a.m. | Premium Addons for Elementor plugin for WordPress |
|
| CVE-2024-8991 | 6.4 | Sept. 27, 2024, 7:15 a.m. | OSM – OpenStreetMap plugin for WordPress |
|
| CVE-2024-9049 | 6.4 | Sept. 27, 2024, 7:15 a.m. | Beaver Builder - WordPress Page Builder plugin |
|
| CVE-2024-39433 | 6.2 | Sept. 27, 2024, 8:15 a.m. | UNKNOWN |
|
| CVE-2024-39434 | 6.2 | Sept. 27, 2024, 8:15 a.m. | UNKNOWN |
|
| CVE-2024-47291 | 5.6 | Sept. 27, 2024, 11:15 a.m. | UNKNOWN |
|
| CVE-2024-47290 | 5.5 | Sept. 27, 2024, 11:15 a.m. | Huawei USB service module |
|
| CVE-2024-7011 | None | Sept. 27, 2024, 3:15 a.m. | Sharp NEC Projectors |
|
| CVE-2024-7713 | None | Sept. 27, 2024, 6:15 a.m. | AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin |
|
| CVE-2024-7400 | None | Sept. 27, 2024, 7:15 a.m. | ESET Antivirus |
|
| CVE-2024-38861 | None | Sept. 27, 2024, 9:15 a.m. | MikroTik |
|
| CVE-2024-41930 | None | Sept. 27, 2024, 9:15 a.m. | MF Teacher Performance Management System |
|
| CVE-2024-6654 | None | Sept. 27, 2024, 9:15 a.m. | ESET security product for macOS |
|
| CVE-2024-9202 | None | Sept. 27, 2024, 10:15 a.m. | Eclipse Dataspace Components |