Back

Tag : 2024-09-30

6 attack reports | 66 vulnerabilities

Attack Reports

Title Published Tags Description Number of indicators
Iranian Cyber Actors Targeting Personal Accounts to Support Operations Sept. 30, 2024, 10:45 a.m.
phishing
social engineering
impersonation
iran
credential theft
2024-09-30
two-factor authentication
political campaigns
Cyber actors working for Iran's Islamic Revolutionary Guard Corps (IRGC) are targeting individuals connected to Iranian and Middl… 65
OSINT Investigation: Hunting Malicious Infrastructure Linked to Transparent Tribe Sept. 30, 2024, 10:42 a.m.
linux
india
c2
poseidon
mythic
2024-09-30
apt36
desktop entry
osint
digitalocean
jarm
This investigation tracked infrastructure linked to the APT group Transparent Tribe, identifying 15 malicious hosts on DigitalOce… 19
Aiming at domestic government and enterprises! Deeply revealed ransomware operator Rast gang Sept. 30, 2024, 10:39 a.m.
ransomware
china
government
rust
rdp
phobos
2024-09-30
globeimposter
mysql
gandcrab
buran
nday
rast
enterprises
A new ransomware threat, dubbed Rast, has emerged targeting Chinese government and enterprises since December 2023. Written in Ru… 21
Storm-0501: Ransomware attacks expanding to hybrid cloud environments Sept. 30, 2024, 10:37 a.m.
backdoor
ransomware
credential-theft
cobalt strike
rclone
impacket
data-exfiltration
lateral-movement
2024-09-30
CVE-2022-47966
CVE-2023-4966
hybrid-cloud
embargo
aadinternals
CVE-2023-38203
CVE-2023-29300
Microsoft has observed Storm-0501, a financially motivated cybercriminal group, conducting multi-staged attacks targeting hybrid … 14
North Korea Still Attacking Developers via npm Sept. 30, 2024, 10:02 a.m.
malware
obfuscation
python
cryptocurrency
exfiltration
persistence
javascript
moonstone sleet
npm
2024-09-30
contagious interview
multi-stage attack
Recent weeks have seen a resurgence of North Korean-aligned groups targeting developers through npm packages. The campaign, which… 12
A Measure of Motive: How Attackers Weaponize Digital Analytics Tools Sept. 30, 2024, 9:47 a.m.
phishing
malvertising
captcha
2024-09-30
azorult
sockrat
adwind
jsocket
jrat
jfrutas
jbifrost
alienspy
trojan.maljava
frutas
unrecom
geolocation
evasion techniques
kraken ransomware
turkeydrop
friendspeak
dancefloor
link shorteners
digital analytics
advertising tools
mixlabel
Threat actors are repurposing digital analytics and advertising tools to evade detection and enhance their malicious campaigns. T… 10
» Click here to see all Attack Reports «

Vulnerabilities

CVE CVSS Published Product impacted Tags
CVE-2024-42017 10.0 Sept. 30, 2024, 6:15 p.m. LOGO-VULNERABLEAtos Eviden iCare
cve@mitre.org
2024-09-30
CVE-2024-42017
CVE-2024-8456 9.8 Sept. 30, 2024, 8:15 a.m. LOGO-VULNERABLEPLANET Technology Switches
CWE-306
twcert@cert.org.tw
2024-09-30
CVE-2024-8456
CVE-2024-46293 9.8 Sept. 30, 2024, 3:15 p.m. LOGO-VULNERABLEOnline Medicine Ordering System
cve@mitre.org
CWE-306
2024-09-30
CVE-2024-46293
CVE-2024-8448 8.8 Sept. 30, 2024, 7:15 a.m. LOGO-VULNERABLEPlanet Technology switch models
CWE-798
twcert@cert.org.tw
2024-09-30
CVE-2024-8448
CVE-2024-8458 8.8 Sept. 30, 2024, 8:15 a.m. LOGO-VULNERABLEPLANET Technology switch models
CWE-352
twcert@cert.org.tw
2024-09-30
CVE-2024-8458
CVE-2024-46280 8.8 Sept. 30, 2024, 3:15 p.m. LOGO-VULNERABLEPIX-LINK LV-WR22 RE3002-P1-01_V117.0
cve@mitre.org
CWE-284
2024-09-30
CVE-2024-46280
CVE-2024-28809 8.8 Sept. 30, 2024, 6:15 p.m. LOGO-VULNERABLEInfinera hiT 7300
cve@mitre.org
CWE-312
2024-09-30
CVE-2024-28809
CVE-2024-28812 8.8 Sept. 30, 2024, 7:15 p.m. LOGO-VULNERABLEInfinera hiT 7300
cve@mitre.org
CWE-798
2024-09-30
CVE-2024-28812
CVE-2024-8450 8.6 Sept. 30, 2024, 7:15 a.m. LOGO-VULNERABLEPLANET Technology switch models
CWE-798
twcert@cert.org.tw
2024-09-30
CVE-2024-8450
CVE-2024-9158 8.4 Sept. 30, 2024, 5:15 p.m. LOGO-VULNERABLENessus Network Monitor
CWE-79
vulnreport@tenable.com
2024-09-30
CVE-2024-9158
CVE-2024-28813 8.4 Sept. 30, 2024, 7:15 p.m. LOGO-VULNERABLEInfinera hiT 7300
cve@mitre.org
CWE-269
2024-09-30
CVE-2024-28813
CVE-2024-8455 8.1 Sept. 30, 2024, 8:15 a.m. LOGO-VULNERABLEPLANET Technology devices
twcert@cert.org.tw
CWE-261
2024-09-30
CVE-2024-8455
CVE-2024-46313 8.0 Sept. 30, 2024, 3:15 p.m. LOGO-VULNERABLETP-Link WR941ND
cve@mitre.org
CWE-121
2024-09-30
CVE-2024-46313
CVE-2024-7670 7.8 Sept. 30, 2024, 9:15 p.m. LOGO-VULNERABLEAutodesk Navisworks
CWE-125
psirt@autodesk.com
2024-09-30
CVE-2024-7670
CVE-2024-7671 7.8 Sept. 30, 2024, 9:15 p.m. LOGO-VULNERABLEAutodesk Navisworks
CWE-787
psirt@autodesk.com
2024-09-30
CVE-2024-7671
CVE-2024-7672 7.8 Sept. 30, 2024, 9:15 p.m. LOGO-VULNERABLEAutodesk Navisworks
CWE-787
psirt@autodesk.com
2024-09-30
CVE-2024-7672
CVE-2024-7673 7.8 Sept. 30, 2024, 9:15 p.m. LOGO-VULNERABLEAutodesk Navisworks
CWE-122
psirt@autodesk.com
2024-09-30
CVE-2024-7673
CVE-2024-7674 7.8 Sept. 30, 2024, 9:15 p.m. LOGO-VULNERABLEAutodesk Navisworks
CWE-122
psirt@autodesk.com
2024-09-30
CVE-2024-7674
CVE-2024-7675 7.8 Sept. 30, 2024, 9:15 p.m. LOGO-VULNERABLEAutodesk Navisworks
CWE-416
psirt@autodesk.com
2024-09-30
CVE-2024-7675
CVE-2024-46510 7.6 Sept. 30, 2024, 4:15 p.m. LOGO-VULNERABLEESAFENET CDG
cve@mitre.org
CWE-89
2024-09-30
CVE-2024-46510
CVE-2024-46549 7.6 Sept. 30, 2024, 5:15 p.m. LOGO-VULNERABLETP-Link Kasa KP125M
cve@mitre.org
CWE-269
2024-09-30
CVE-2024-46549
CVE-2024-8451 7.5 Sept. 30, 2024, 7:15 a.m. LOGO-VULNERABLEUNKNOWN
CWE-280
twcert@cert.org.tw
2024-09-30
CVE-2024-8451
CVE-2024-8452 7.5 Sept. 30, 2024, 7:15 a.m. LOGO-VULNERABLEPLANET Technology switch models
CWE-327
twcert@cert.org.tw
2024-09-30
CVE-2024-8452
CVE-2024-6394 7.5 Sept. 30, 2024, 8:15 a.m. LOGO-VULNERABLEparisneo/lollms-webui
security@huntr.dev
CWE-29
2024-09-30
CVE-2024-6394
CVE-2024-46511 7.5 Sept. 30, 2024, 6:15 p.m. LOGO-VULNERABLELoadZilla LLC LoadLogic
cve@mitre.org
CWE-266
2024-09-30
CVE-2024-46511
CVE-2024-8459 7.2 Sept. 30, 2024, 8:15 a.m. LOGO-VULNERABLEPLANET Technology switch models
CWE-312
twcert@cert.org.tw
2024-09-30
CVE-2024-8459
CVE-2024-8449 6.8 Sept. 30, 2024, 7:15 a.m. LOGO-VULNERABLEPLANET Technology Switches
CWE-798
twcert@cert.org.tw
2024-09-30
CVE-2024-8449
CVE-2024-41999 6.8 Sept. 30, 2024, 8:15 a.m. LOGO-VULNERABLESmart-tab Android app
vultures@jpcert.or.jp
CWE-489
2024-09-30
CVE-2024-41999
CVE-2024-28810 6.6 Sept. 30, 2024, 7:15 p.m. LOGO-VULNERABLEInfinera hiT 7300
cve@mitre.org
CWE-312
2024-09-30
CVE-2024-28810
CVE-2024-47641 6.5 Sept. 30, 2024, 1:15 p.m. LOGO-VULNERABLEConfetti Fall Animation
CWE-79
audit@patchstack.com
2024-09-30
CVE-2024-47641
CVE-2024-45993 6.5 Sept. 30, 2024, 5:15 p.m. LOGO-VULNERABLEGiflib
cve@mitre.org
CWE-122
2024-09-30
CVE-2024-45993
CVE-2024-28807 6.5 Sept. 30, 2024, 9:15 p.m. LOGO-VULNERABLEInfinera hiT 7300
cve@mitre.org
CWE-312
2024-09-30
CVE-2024-28807
CVE-2024-45200 6.3 Sept. 30, 2024, 8:15 a.m. LOGO-VULNERABLENintendo Mario Kart 8 Deluxe
cve@mitre.org
CWE-94
2024-09-30
CVE-2024-45200
CVE-2024-46540 6.3 Sept. 30, 2024, 5:15 p.m. LOGO-VULNERABLEEmlog Pro
cve@mitre.org
CWE-266
2024-09-30
CVE-2024-46540
CVE-2024-46548 6.3 Sept. 30, 2024, 5:15 p.m. LOGO-VULNERABLETP-Link Tapo P125M
cve@mitre.org
CWE-200
2024-09-30
CVE-2024-46548
CVE-2024-45920 5.4 Sept. 30, 2024, 1:15 p.m. LOGO-VULNERABLESolvait
cve@mitre.org
CWE-79
2024-09-30
CVE-2024-45920
CVE-2024-47172 5.4 Sept. 30, 2024, 3:15 p.m. LOGO-VULNERABLEComputer Vision Annotation Tool (CVAT)
security-advisories@github.com
CWE-863
2024-09-30
CVE-2024-47172
CVE-2024-47530 5.4 Sept. 30, 2024, 4:15 p.m. LOGO-VULNERABLEScout
security-advisories@github.com
CWE-601
2024-09-30
CVE-2024-47530
CVE-2024-8454 5.3 Sept. 30, 2024, 8:15 a.m. LOGO-VULNERABLEPLANET Technology devices
CWE-400
twcert@cert.org.tw
2024-09-30
CVE-2024-8454
CVE-2024-45772 5.1 Sept. 30, 2024, 9:15 a.m. LOGO-VULNERABLEApache Lucene Replicator
security@apache.org
CWE-502
2024-09-30
CVE-2024-45772
CVE-2024-8453 4.9 Sept. 30, 2024, 8:15 a.m. LOGO-VULNERABLEPLANET Technology switches
twcert@cert.org.tw
2024-09-30
CVE-2024-8453
CWE-328
CVE-2024-3635 4.8 Sept. 30, 2024, 6:15 a.m. LOGO-VULNERABLEPost Grid WordPress plugin
contact@wpscan.com
2024-09-30
CVE-2024-3635
CVE-2024-8457 4.8 Sept. 30, 2024, 8:15 a.m. LOGO-VULNERABLEPLANET Technology switch models
CWE-79
twcert@cert.org.tw
2024-09-30
CVE-2024-8457
CVE-2024-46475 4.8 Sept. 30, 2024, 4:15 p.m. LOGO-VULNERABLEMetronic Admin Dashboard Template
cve@mitre.org
CWE-79
2024-09-30
CVE-2024-46475
CVE-2024-45073 4.8 Sept. 30, 2024, 10:15 p.m. LOGO-VULNERABLEIBM WebSphere Application Server
CWE-79
psirt@us.ibm.com
2024-09-30
CVE-2024-45073
CVE-2024-47531 4.6 Sept. 30, 2024, 4:15 p.m. LOGO-VULNERABLEScout
security-advisories@github.com
CWE-116
2024-09-30
CVE-2024-47531
CVE-2024-42496 2.4 Sept. 30, 2024, 8:15 a.m. LOGO-VULNERABLESmart-tab Android app
vultures@jpcert.or.jp
CWE-256
2024-09-30
CVE-2024-42496
CVE-2024-8239 None Sept. 30, 2024, 6:15 a.m. LOGO-VULNERABLEStarbox WordPress plugin
contact@wpscan.com
2024-09-30
CVE-2024-8239
CVE-2024-8283 None Sept. 30, 2024, 6:15 a.m. LOGO-VULNERABLESlider by 10Web WordPress plugin
contact@wpscan.com
2024-09-30
CVE-2024-8283
CVE-2024-8379 None Sept. 30, 2024, 6:15 a.m. LOGO-VULNERABLECost Calculator Builder WordPress plugin
contact@wpscan.com
2024-09-30
CVE-2024-8379
CVE-2024-8536 None Sept. 30, 2024, 6:15 a.m. LOGO-VULNERABLEUltimate Blocks WordPress plugin
contact@wpscan.com
2024-09-30
CVE-2024-8536
CVE-2024-9329 None Sept. 30, 2024, 8:15 a.m. LOGO-VULNERABLEEclipse Glassfish
emo@eclipse.org
2024-09-30
CVE-2024-9329
CWE-233
CVE-2024-6051 None Sept. 30, 2024, 1:15 p.m. LOGO-VULNERABLERedlink SDK by Vercom S.A.
cvd@cert.pl
CWE-99
2024-09-30
CVE-2024-6051
CVE-2024-45792 None Sept. 30, 2024, 3:15 p.m. LOGO-VULNERABLEMantis Bug Tracker
security-advisories@github.com
CWE-200
2024-09-30
CVE-2024-45792
CVE-2024-47063 None Sept. 30, 2024, 3:15 p.m. LOGO-VULNERABLEComputer Vision Annotation Tool (CVAT)
security-advisories@github.com
CWE-79
2024-09-30
CVE-2024-47063
CVE-2024-47064 None Sept. 30, 2024, 3:15 p.m. LOGO-VULNERABLEComputer Vision Annotation Tool (CVAT)
security-advisories@github.com
CWE-79
2024-09-30
CVE-2024-47064
CVE-2024-46869 None Sept. 30, 2024, 4:15 p.m. LOGO-VULNERABLELinux kernel
416baaa9-dc9f-4396-8d5f-8c081fb06d67
2024-09-30
CVE-2024-46869
CVE-2024-47067 None Sept. 30, 2024, 4:15 p.m. LOGO-VULNERABLEAList
security-advisories@github.com
CWE-79
2024-09-30
CVE-2024-47067
CVE-2024-47178 None Sept. 30, 2024, 4:15 p.m. LOGO-VULNERABLEbasic-auth-connect
security-advisories@github.com
CWE-208
2024-09-30
CVE-2024-47178
CVE-2024-47532 None Sept. 30, 2024, 4:15 p.m. LOGO-VULNERABLERestrictedPython
security-advisories@github.com
CWE-200
2024-09-30
CVE-2024-47532
CVE-2024-47536 None Sept. 30, 2024, 5:15 p.m. LOGO-VULNERABLEMediaWiki Citizen Skin
security-advisories@github.com
CWE-79
2024-09-30
CVE-2024-47536
CVE-2024-35495 None Sept. 30, 2024, 6:15 p.m. LOGO-VULNERABLETP-Link Kasa KP125M
cve@mitre.org
2024-09-30
CVE-2024-35495
CVE-2024-46635 None Sept. 30, 2024, 6:15 p.m. LOGO-VULNERABLEINROAD
cve@mitre.org
2024-09-30
CVE-2024-46635
CVE-2024-28811 None Sept. 30, 2024, 7:15 p.m. LOGO-VULNERABLEInfinera hiT 7300
cve@mitre.org
2024-09-30
CVE-2024-28811
CVE-2024-28808 None Sept. 30, 2024, 9:15 p.m. LOGO-VULNERABLEInfinera hiT 7300
cve@mitre.org
2024-09-30
CVE-2024-28808
CVE-2024-46503 None Sept. 30, 2024, 9:15 p.m. LOGO-VULNERABLESimple-Spellchecker
cve@mitre.org
2024-09-30
CVE-2024-46503
» Click here to see all Vulnerabilities «