Tag: 2024-09-30

6 Attack Reports | 67 Vulnerabilities

Attack reports

Iranian Cyber Actors Targeting Personal Accounts to Support Operations

Cyber actors working for Iran's Islamic Revolutionary Guard Corps (IRGC) are targeting individuals connected to Iranian and Middle Eastern affairs, including government officials, think tank personnel, journalists, activists, and lobbyists. They use social engineering techniques, impersonating cont…
phishing
social engineering
impersonation
iran
credential theft
2024-09-30
two-factor authentication
political campaigns
Published: September 30, 2024
Downloadable IOCs: 65

OSINT Investigation: Hunting Malicious Infrastructure Linked to Transparent Tribe

This investigation tracked infrastructure linked to the APT group Transparent Tribe, identifying 15 malicious hosts on DigitalOcean serving as command-and-control servers for the Mythic exploitation framework. The group employs Linux desktop entry files as an attack vector, targeting individuals in…
linux
india
c2
poseidon
mythic
2024-09-30
apt36
desktop entry
osint
digitalocean
jarm
Published: September 30, 2024
Downloadable IOCs: 19

Aiming at domestic government and enterprises! Deeply revealed ransomware operator Rast gang

A new ransomware threat, dubbed Rast, has emerged targeting Chinese government and enterprises since December 2023. Written in Rust, Rast has infected over 6,800 terminals, successfully encrypting more than 5,700. The Rast gang, named after the ransomware, operates primarily between 20:00 and 05:00…
ransomware
china
government
rust
rdp
phobos
2024-09-30
globeimposter
mysql
gandcrab
buran
nday
rast
enterprises
Published: September 30, 2024
Downloadable IOCs: 21

Storm-0501: Ransomware attacks expanding to hybrid cloud environments

Microsoft has observed Storm-0501, a financially motivated cybercriminal group, conducting multi-staged attacks targeting hybrid cloud environments. The group compromises on-premises networks, performs lateral movement to cloud environments, exfiltrates data, steals credentials, creates persistent …
backdoor
ransomware
credential-theft
cobalt strike
rclone
impacket
data-exfiltration
lateral-movement
2024-09-30
CVE-2022-47966
CVE-2023-4966
hybrid-cloud
embargo
aadinternals
CVE-2023-38203
CVE-2023-29300
Published: September 30, 2024
Linked vulnerabilities : CVE-2023-4966, CVE-2023-38203, CVE-2023-29300, CVE-2022-47966
Downloadable IOCs: 14

North Korea Still Attacking Developers via npm

Recent weeks have seen a resurgence of North Korean-aligned groups targeting developers through npm packages. The campaign, which began on August 12, 2024, involves multiple groups using various publication patterns and attack types. The malicious packages contain obfuscated JavaScript that downloa…
malware
obfuscation
python
cryptocurrency
exfiltration
persistence
javascript
moonstone sleet
npm
2024-09-30
contagious interview
multi-stage attack
Published: September 30, 2024
Downloadable IOCs: 12

A Measure of Motive: How Attackers Weaponize Digital Analytics Tools

Threat actors are repurposing digital analytics and advertising tools to evade detection and enhance their malicious campaigns. The report explores how link shorteners, IP geolocation utilities, CAPTCHA systems, and advertising intelligence platforms are being weaponized. It provides insights into …
phishing
malvertising
captcha
2024-09-30
azorult
sockrat
adwind
jsocket
jrat
jfrutas
jbifrost
alienspy
trojan.maljava
frutas
unrecom
geolocation
evasion techniques
kraken ransomware
turkeydrop
friendspeak
dancefloor
link shorteners
digital analytics
advertising tools
mixlabel
Published: September 30, 2024
Downloadable IOCs: 10
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-42017

10.0
    Atos Eviden iCare
Published: September 30, 2024

CVE-2024-8450

9.8
    Planet
  • Gs-4210-24p2s Firmware
  • Gs-4210-24p2s
  • Gs-4210-24pl4c Firmware
  • Gs-4210-24pl4c
Published: September 30, 2024

CVE-2024-8456

9.8
    Planet
  • Gs-4210-24p2s Firmware
  • Gs-4210-24p2s
  • Gs-4210-24pl4c Firmware
  • Gs-4210-24pl4c
Published: September 30, 2024

CVE-2024-46293

9.8
    Online Medicine Ordering System
Published: September 30, 2024

CVE-2024-8448

8.8
    Planet
  • Gs-4210-24p2s Firmware
  • Gs-4210-24p2s
  • Gs-4210-24pl4c Firmware
  • Gs-4210-24pl4c
Published: September 30, 2024

CVE-2024-8458

8.8
    Planet
  • Gs-4210-24p2s Firmware
  • Gs-4210-24p2s
  • Gs-4210-24pl4c Firmware
  • Gs-4210-24pl4c
Published: September 30, 2024

CVE-2024-46280

8.8
    PIX-LINK LV-WR22 RE3002-P1-01_V117.0
Published: September 30, 2024

CVE-2024-28809

8.8
    Infinera hiT 7300
Published: September 30, 2024

CVE-2024-28812

8.8
    Infinera hiT 7300
Published: September 30, 2024

CVE-2024-28813

8.4
    Infinera hiT 7300
Published: September 30, 2024

CVE-2024-45772

8.0
    Apache
  • Lucene
Published: September 30, 2024

CVE-2024-46313

8.0
    TP-Link WR941ND
Published: September 30, 2024

CVE-2024-7670

7.8
    Autodesk
  • Navisworks
Published: September 30, 2024

CVE-2024-7671

7.8
    Autodesk
  • Navisworks
Published: September 30, 2024

CVE-2024-7672

7.8
    Autodesk
  • Navisworks
Published: September 30, 2024

CVE-2024-7673

7.8
    Autodesk
  • Navisworks
Published: September 30, 2024

CVE-2024-7674

7.8
    Autodesk
  • Navisworks
Published: September 30, 2024

CVE-2024-7675

7.8
    Autodesk
  • Navisworks
Published: September 30, 2024

CVE-2024-46510

7.6
    ESAFENET CDG
Published: September 30, 2024

CVE-2024-46549

7.6
    TP-Link Kasa KP125M
Published: September 30, 2024

CVE-2024-8451

7.5
    Planet
  • Gs-4210-24p2s Firmware
  • Gs-4210-24p2s
  • Gs-4210-24pl4c Firmware
  • Gs-4210-24pl4c
Published: September 30, 2024

CVE-2024-8452

7.5
    Planet
  • Gs-4210-24p2s Firmware
  • Gs-4210-24p2s
  • Gs-4210-24pl4c Firmware
  • Gs-4210-24pl4c
Published: September 30, 2024

CVE-2024-6394

7.5
    parisneo/lollms-webui
Published: September 30, 2024

CVE-2024-8454

7.5
    Planet
  • Gs-4210-24p2s Firmware
  • Gs-4210-24p2s
  • Gs-4210-24pl4c Firmware
  • Gs-4210-24pl4c
Published: September 30, 2024

CVE-2024-46511

7.5
    LoadZilla LLC LoadLogic
Published: September 30, 2024

CVE-2024-8379

7.2
    Stylemixthemes
  • Cost Calculator Builder
Published: September 30, 2024

CVE-2024-8449

6.8
    Planet
  • Gs-4210-24p2s Firmware
  • Gs-4210-24p2s
  • Gs-4210-24pl4c Firmware
  • Gs-4210-24pl4c
Published: September 30, 2024

CVE-2024-41999

6.8
    Smart-tab Android app
Published: September 30, 2024

CVE-2024-28810

6.6
    Infinera hiT 7300
Published: September 30, 2024

CVE-2024-47641

6.5
    Confetti Fall Animation
Published: September 30, 2024

CVE-2024-45993

6.5
    Giflib
Published: September 30, 2024

CVE-2024-28807

6.5
    Infinera hiT 7300
Published: September 30, 2024

CVE-2024-45200

6.3
    Nintendo Mario Kart 8 Deluxe
Published: September 30, 2024

CVE-2024-46540

6.3
    Emlog Pro
Published: September 30, 2024

CVE-2024-46548

6.3
    TP-Link Tapo P125M
    Kasa KP125M
Published: September 30, 2024

CVE-2024-9329

6.1
    Eclipse
  • Glassfish
Published: September 30, 2024

CVE-2024-8455

5.9
    Planet
  • Gs-4210-24p2s Firmware
  • Gs-4210-24p2s
  • Gs-4210-24pl4c Firmware
  • Gs-4210-24pl4c
  • Igs-5225-4up1t2s Firmware
  • Igs-5225-4up1t2s
Published: September 30, 2024

CVE-2024-8239

5.4
    Squirrly
  • Starbox
Published: September 30, 2024

CVE-2024-8536

5.4
    Dotcamp
  • Ultimate Blocks
Published: September 30, 2024

CVE-2024-45920

5.4
    Solvait
Published: September 30, 2024

CVE-2024-47172

5.4
    Computer Vision Annotation Tool (CVAT)
Published: September 30, 2024

CVE-2024-47530

5.4
    Scout
Published: September 30, 2024

CVE-2024-8453

4.9
    Planet
  • Gs-4210-24p2s Firmware
  • Gs-4210-24p2s
  • Gs-4210-24pl4c Firmware
  • Gs-4210-24pl4c
Published: September 30, 2024

CVE-2024-8459

4.9
    Planet
  • Gs-4210-24p2s Firmware
  • Gs-4210-24p2s
  • Gs-4210-24pl4c Firmware
  • Gs-4210-24pl4c
Published: September 30, 2024

CVE-2024-3635

4.8
    Radiustheme
  • The Post Grid
Published: September 30, 2024

CVE-2024-8283

4.8
    10web
  • Slider
Published: September 30, 2024

CVE-2024-8457

4.8
    Planet
  • Gs-4210-24p2s Firmware
  • Gs-4210-24p2s
  • Gs-4210-24pl4c Firmware
  • Gs-4210-24pl4c
Published: September 30, 2024

CVE-2024-46475

4.8
    Metronic Admin Dashboard Template
Published: September 30, 2024

CVE-2024-45073

4.8
    IBM WebSphere Application Server
Published: September 30, 2024

CVE-2024-47531

4.6
    Scout
Published: September 30, 2024

CVE-2024-9158

4.6
    Tenable
  • Nessus Network Monitor
Published: September 30, 2024

CVE-2024-9194

4.3
    Linux Octopus Server
    Microsoft Windows Octopus Server
Published: September 30, 2024

CVE-2024-42496

2.4
    Smart-tab Android app
Published: September 30, 2024

CVE-2024-6051

None
    Redlink SDK by Vercom S.A.
Published: September 30, 2024

CVE-2024-45792

None
    Mantis Bug Tracker
Published: September 30, 2024

CVE-2024-47063

None
    Computer Vision Annotation Tool (CVAT)
Published: September 30, 2024

CVE-2024-47064

None
    Computer Vision Annotation Tool (CVAT)
Published: September 30, 2024

CVE-2024-46869

None
    Linux kernel
Published: September 30, 2024

CVE-2024-47067

None
    AList
Published: September 30, 2024

CVE-2024-47178

None
    basic-auth-connect
Published: September 30, 2024

CVE-2024-47532

None
    RestrictedPython
Published: September 30, 2024

CVE-2024-47536

None
    MediaWiki Citizen Skin
Published: September 30, 2024

CVE-2024-35495

None
    TP-Link Kasa KP125M
    Tapo P125M
Published: September 30, 2024

CVE-2024-46635

None
    INROAD
Published: September 30, 2024

CVE-2024-28811

None
    Infinera hiT 7300
Published: September 30, 2024

CVE-2024-28808

None
    Infinera hiT 7300
Published: September 30, 2024

CVE-2024-46503

None
    Simple-Spellchecker
Published: September 30, 2024
Click here to see more Vulnerabilities