Tag : 2024-10-01

7 attack reports | 111 vulnerabilities

Attack Reports

Title	Published	Tags	Description	Number of indicators
Detecting Vulnerability Scanning Traffic From Underground Tools Using Machine Learning	Oct. 2, 2024, 1:12 a.m.	sql injection 2024-10-01 2024-10-02 machine learning vulnerability scanning telemetry analysis swiss army suite underground tools dork-based checker s.a.s web application security	Researchers discovered an automated scanning tool called Swiss Army Suite (S.A.S) used for vulnerability scans on web services. T…	8
Key Group: another ransomware group using leaked builders	Oct. 1, 2024, 7:48 p.m.	ransomware persistence njrat wiper github telegram chaos financially motivated 2024-10-01 xorist slam hakuna matata annabelle ruransom ux-cryptor multi-stage loaders leaked builders russian-speaking judge/nocry	Key Group is a financially motivated ransomware group primarily targeting Russian users. They use various leaked ransomware build…	0
Unraveling the Sophisticated Attack Leveraging VS Code for Unauthorized Access	Oct. 1, 2024, 7:30 p.m.	apt python cyber espionage lnk file github 2024-10-01 remote tunnel unauthorized access vs code scheduled task	A sophisticated attack has been uncovered that exploits Visual Studio Code's remote tunnel capabilities for unauthorized access. …	7
New Android Spyware Campaign Targets South Koreans via AWS	Oct. 1, 2024, 7:25 p.m.	android spyware south korea cloud security data exfiltration aws mobile malware 2024-10-01 stealth techniques	A sophisticated Android spyware campaign targeting South Koreans has been uncovered by Cyble Research and Intelligence Labs. Acti…	7
MDR in Action: Preventing The More_eggs Backdoor From Hatching	Oct. 1, 2024, 10:12 a.m.	backdoor malware-as-a-service 2024-10-01 spear-phishing skid more_eggs vision one spicyomelette terra loader recruitment golden chickens mdr	A sophisticated spear-phishing attack led to a more_eggs backdoor infection at a company. The attack began with an email to a sen…	10
Hadooken and K4Spreader: The 8220 Gang's Latest Arsenal	Oct. 1, 2024, 10:08 a.m.	china botnet cryptomining brazil pwnrig tsunami k4spreader weblogic hadooken 2024-10-01 CVE-2017-10271 CVE-2020-14883	This analysis uncovers a significant infection chain targeting Windows and Linux systems through Oracle WebLogic vulnerabilities.…	62
Nitrogen Campaign Drops Sliver and Ends With BlackCat Ransomware	Oct. 1, 2024, 10:05 a.m.	ransomware blackcat alphv cobalt strike sliver credential harvesting lateral movement noberus data exfiltration 2024-10-01 nitrogen	A BlackCat ransomware intrusion began with a Nitrogen malware campaign impersonating Advanced IP Scanner. The attackers used Sliv…	45

» Click here to see all Attack Reports «

Vulnerabilities

CVE	CVSS	Published	Product impacted	Tags
CVE-2024-9106	9.8	Oct. 1, 2024, 8:15 a.m.	Wechat Social login plugin for WordPress	security@wordfence.com CWE-288 2024-10-01 CVE-2024-9106
CVE-2024-9108	9.8	Oct. 1, 2024, 8:15 a.m.	Wechat Social login plugin for WordPress	security@wordfence.com CWE-434 2024-10-01 CVE-2024-9108
CVE-2024-9265	9.8	Oct. 1, 2024, 9:15 a.m.	WordPress Echo RSS Feed Post Generator plugin	security@wordfence.com CWE-269 2024-10-01 CVE-2024-9265
CVE-2024-9289	9.8	Oct. 1, 2024, 9:15 a.m.	WordPress & WooCommerce Affiliate Program plugin	security@wordfence.com CWE-288 2024-10-01 CVE-2024-9289
CVE-2024-41276	9.8	Oct. 1, 2024, 2:15 p.m.	Kaiten	cve@mitre.org CWE-307 2024-10-01 CVE-2024-41276
CVE-2024-9392	9.8	Oct. 1, 2024, 4:15 p.m.	Mozilla Firefox	CWE-346 security@mozilla.org 2024-10-01 CVE-2024-9392
CVE-2024-9401	9.8	Oct. 1, 2024, 4:15 p.m.	Thunderbird	CWE-119 security@mozilla.org 2024-10-01 CVE-2024-9401
CVE-2024-9402	9.8	Oct. 1, 2024, 4:15 p.m.	Thunderbird	CWE-119 security@mozilla.org 2024-10-01 CVE-2024-9402
CVE-2024-42514	9.1	Oct. 1, 2024, 7:15 p.m.	Mitel MiContact Center Business	cve@mitre.org CWE-284 2024-10-01 CVE-2024-42514
CVE-2024-25660	9.0	Oct. 1, 2024, 4:15 p.m.	Infinera TNMS (Transcend Network Management System)	cve@mitre.org CWE-266 2024-10-01 CVE-2024-25660
CVE-2024-7432	8.8	Oct. 1, 2024, 8:15 a.m.	WordPress Unseen Blog theme	security@wordfence.com CWE-502 2024-10-01 CVE-2024-7432
CVE-2024-7433	8.8	Oct. 1, 2024, 8:15 a.m.	WordPress Empowerment theme	security@wordfence.com CWE-502 2024-10-01 CVE-2024-7433
CVE-2024-7434	8.8	Oct. 1, 2024, 8:15 a.m.	UltraPress theme for WordPress	security@wordfence.com CWE-502 2024-10-01 CVE-2024-7434
CVE-2024-9018	8.8	Oct. 1, 2024, 9:15 a.m.	WP Easy Gallery - WordPress Gallery Plugin	security@wordfence.com CWE-89 2024-10-01 CVE-2024-9018
CVE-2024-9396	8.8	Oct. 1, 2024, 4:15 p.m.	Firefox	CWE-119 security@mozilla.org 2024-10-01 CVE-2024-9396
CVE-2024-9400	8.8	Oct. 1, 2024, 4:15 p.m.	Firefox	CWE-119 security@mozilla.org 2024-10-01 CVE-2024-9400
CVE-2024-25632	8.6	Oct. 1, 2024, 3:15 p.m.	eLabFTW	security-advisories@github.com CWE-266 2024-10-01 CVE-2024-25632
CVE-2024-21489	8.2	Oct. 1, 2024, 5:15 a.m.	uplot	CWE-1321 report@snyk.io 2024-10-01 CVE-2024-21489
CVE-2024-47604	8.2	Oct. 1, 2024, 4:15 p.m.	NuGet Gallery	security-advisories@github.com CWE-79 2024-10-01 CVE-2024-47604
CVE-2024-47295	8.1	Oct. 1, 2024, 4:15 a.m.	SEIKO EPSON Web Config	vultures@jpcert.or.jp CWE-1188 2024-10-01 CVE-2024-47295
CVE-2024-8548	8.1	Oct. 1, 2024, 8:15 a.m.	KB Support - WordPress Help Desk and Knowledge Base plugin	security@wordfence.com CWE-862 2024-10-01 CVE-2024-8548
CVE-2024-47560	7.8	Oct. 1, 2024, 2:15 a.m.	RevoWorks Cloud Client	vultures@jpcert.or.jp CWE-863 2024-10-01 CVE-2024-47560
CVE-2024-25661	7.7	Oct. 1, 2024, 3:15 p.m.	Infinera TNMS (Transcend Network Management System)	cve@mitre.org CWE-312 2024-10-01 CVE-2024-25661
CVE-2024-45408	7.5	Oct. 1, 2024, 3:15 p.m.	eLabFTW	CWE-284 security-advisories@github.com 2024-10-01 CVE-2024-45408
CVE-2024-47523	7.5	Oct. 1, 2024, 9:15 p.m.	LibreNMS	security-advisories@github.com CWE-79 2024-10-01 CVE-2024-47523
CVE-2024-47525	7.5	Oct. 1, 2024, 9:15 p.m.	LibreNMS	security-advisories@github.com CWE-79 2024-10-01 CVE-2024-47525
CVE-2024-47527	7.5	Oct. 1, 2024, 9:15 p.m.	LibreNMS	security-advisories@github.com CWE-79 2024-10-01 CVE-2024-47527
CVE-2024-9359	7.3	Oct. 1, 2024, 2:15 a.m.	Restaurant Reservation System	CWE-89 cna@vuldb.com 2024-10-01 CVE-2024-9359
CVE-2024-9360	7.3	Oct. 1, 2024, 3:15 a.m.	UNKNOWN	CWE-89 cna@vuldb.com 2024-10-01 CVE-2024-9360
CVE-2024-9403	7.3	Oct. 1, 2024, 4:15 p.m.	Firefox	security@mozilla.org 2024-10-01 CVE-2024-9403
CVE-2024-7869	7.2	Oct. 1, 2024, 8:15 a.m.	WordPress 123.chat - Video Chat plugin	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-7869
CVE-2024-25659	7.2	Oct. 1, 2024, 4:15 p.m.	Infinera TNMS (Transcend Network Management System)	cve@mitre.org CWE-22 2024-10-01 CVE-2024-25659
CVE-2024-47524	7.2	Oct. 1, 2024, 9:15 p.m.	LibreNMS	security-advisories@github.com CWE-79 2024-10-01 CVE-2024-47524
CVE-2024-8981	7.1	Oct. 1, 2024, 3:15 a.m.	Broken Link Checker plugin for WordPress	security@wordfence.com CWE-80 2024-10-01 CVE-2024-8981
CVE-2024-41673	7.1	Oct. 1, 2024, 3:15 p.m.	Decidim	security-advisories@github.com CWE-79 2024-10-01 CVE-2024-41673
CVE-2023-7273	6.8	Oct. 1, 2024, 1:15 p.m.	Kiteworks OwnCloud	CWE-352 a341c0d1-ebf7-493f-a84e-38cf86618674 2024-10-01 CVE-2023-7273
CVE-2024-47071	6.8	Oct. 1, 2024, 4:15 p.m.	FreePBX OSS Endpoint Manager	security-advisories@github.com CWE-22 2024-10-01 CVE-2024-47071
CVE-2023-3441	6.6	Oct. 1, 2024, 10:15 a.m.	GitLab EE/CE	cve@gitlab.com CWE-213 2024-10-01 CVE-2023-3441
CVE-2024-47396	6.5	Oct. 1, 2024, 2:15 a.m.	Move Addons for Elementor	CWE-79 audit@patchstack.com 2024-10-01 CVE-2024-47396
CVE-2024-8632	6.5	Oct. 1, 2024, 8:15 a.m.	KB Support - WordPress Help Desk and Knowledge Base plugin	security@wordfence.com CWE-862 2024-10-01 CVE-2024-8632
CVE-2024-9224	6.5	Oct. 1, 2024, 9:15 a.m.	WordPress Hello World plugin	security@wordfence.com CWE-22 2024-10-01 CVE-2024-9224
CVE-2024-9355	6.5	Oct. 1, 2024, 7:15 p.m.	UNKNOWN	secalert@redhat.com CWE-457 2024-10-01 CVE-2024-9355
CVE-2024-8107	6.4	Oct. 1, 2024, 7:15 a.m.	Slider Revolution plugin for WordPress	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-8107
CVE-2024-8720	6.4	Oct. 1, 2024, 8:15 a.m.	RumbleTalk Live Group Chat - HTML5 plugin for WordPress	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-8720
CVE-2024-8989	6.4	Oct. 1, 2024, 8:15 a.m.	Free Responsive Testimonials, Social Proof Reviews, and Customer Reviews – Stars Testimonials plugin for WordPress	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-8989
CVE-2024-8990	6.4	Oct. 1, 2024, 8:15 a.m.	Geo Mashup plugin for WordPress	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-8990
CVE-2024-9119	6.4	Oct. 1, 2024, 8:15 a.m.	WordPress SVG Complete plugin	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-9119
CVE-2024-9269	6.4	Oct. 1, 2024, 8:15 a.m.	Relogo plugin for WordPress	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-9269
CVE-2024-9272	6.4	Oct. 1, 2024, 8:15 a.m.	R Animated Icon Plugin plugin for WordPress	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-9272
CVE-2024-9274	6.4	Oct. 1, 2024, 8:15 a.m.	Elastik Page Builder plugin for WordPress	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-9274
CVE-2024-9304	6.4	Oct. 1, 2024, 8:15 a.m.	WordPress LocateAndFilter plugin	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-9304
CVE-2024-8288	6.4	Oct. 1, 2024, 9:15 a.m.	Guten Post Layout – An Advanced Post Grid Collection for WordPress Gutenberg plugin	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-8288
CVE-2024-8324	6.4	Oct. 1, 2024, 9:15 a.m.	XO Slider plugin for WordPress	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-8324
CVE-2024-9060	6.4	Oct. 1, 2024, 10:15 a.m.	AVIF & SVG Uploader plugin for WordPress	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-9060
CVE-2024-9118	6.4	Oct. 1, 2024, 10:15 a.m.	QS Dark Mode Plugin plugin for WordPress	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-9118
CVE-2024-8718	6.1	Oct. 1, 2024, 8:15 a.m.	Gravity Forms Toolbar plugin for WordPress	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-8718
CVE-2024-8727	6.1	Oct. 1, 2024, 8:15 a.m.	DK PDF plugin for WordPress	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-8727
CVE-2024-8728	6.1	Oct. 1, 2024, 8:15 a.m.	Easy Load More plugin for WordPress	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-8728
CVE-2024-9267	6.1	Oct. 1, 2024, 8:15 a.m.	Easy WordPress Subscribe - Optin Hound plugin for WordPress	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-9267
CVE-2024-8786	6.1	Oct. 1, 2024, 9:15 a.m.	Auto Featured Image from Title plugin for WordPress	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-8786
CVE-2024-8793	6.1	Oct. 1, 2024, 9:15 a.m.	WordPress Store Exporter plugin for WooCommerce	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-8793
CVE-2024-8799	6.1	Oct. 1, 2024, 9:15 a.m.	Custom Banners plugin for WordPress	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-8799
CVE-2024-9209	6.1	Oct. 1, 2024, 9:15 a.m.	WP Search Analytics plugin for WordPress	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-9209
CVE-2024-9220	6.1	Oct. 1, 2024, 9:15 a.m.	LH Copy Media File plugin for WordPress	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-9220
CVE-2024-9228	6.1	Oct. 1, 2024, 9:15 a.m.	Loggedin - Limit Active Logins plugin for WordPress	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-9228
CVE-2024-9241	6.1	Oct. 1, 2024, 9:15 a.m.	WordPress PDF Image Generator plugin	CWE-79 security@wordfence.com 2024-10-01 CVE-2024-9241
CVE-2024-46079	6.1	Oct. 1, 2024, 7:15 p.m.	Scriptcase	cve@mitre.org CWE-79 2024-10-01 CVE-2024-46079
CVE-2024-44744	5.7	Oct. 1, 2024, 2:15 p.m.	Malwarebytes Premium Security	cve@mitre.org CWE-94 2024-10-01 CVE-2024-44744
CVE-2024-44610	5.6	Oct. 1, 2024, 3:15 p.m.	PCAN-Ethernet Gateway FD	cve@mitre.org CWE-77 2024-10-01 CVE-2024-44610
CVE-2024-46081	5.4	Oct. 1, 2024, 7:15 p.m.	Scriptcase	cve@mitre.org CWE-79 2024-10-01 CVE-2024-46081
CVE-2024-46083	5.4	Oct. 1, 2024, 7:15 p.m.	Scriptcase IDE	cve@mitre.org CWE-79 2024-10-01 CVE-2024-46083
CVE-2024-9341	5.4	Oct. 1, 2024, 7:15 p.m.	Docker	secalert@redhat.com CWE-59 2024-10-01 CVE-2024-9341
CVE-2024-9358	5.3	Oct. 1, 2024, 2:15 a.m.	ThingsBoard	CWE-400 cna@vuldb.com 2024-10-01 CVE-2024-9358
CVE-2024-21531	5.3	Oct. 1, 2024, 5:15 a.m.	git-shallow-clone	CWE-78 report@snyk.io 2024-10-01 CVE-2024-21531
CVE-2024-8430	5.3	Oct. 1, 2024, 9:15 a.m.	Spice Starter Sites plugin for WordPress	security@wordfence.com CWE-862 2024-10-01 CVE-2024-8430
CVE-2024-9405	5.3	Oct. 1, 2024, 12:15 p.m.	Pluck CMS	cve-coordination@incibe.es CWE-23 2024-10-01 CVE-2024-9405
CVE-2024-0116	4.9	Oct. 1, 2024, 5:15 a.m.	NVIDIA Triton Inference Server	CWE-125 psirt@nvidia.com 2024-10-01 CVE-2024-0116
CVE-2024-45967	4.7	Oct. 1, 2024, 3:15 p.m.	Pagekit	cve@mitre.org CWE-79 2024-10-01 CVE-2024-45967
CVE-2024-9407	4.7	Oct. 1, 2024, 9:15 p.m.	Docker	secalert@redhat.com CWE-20 2024-10-01 CVE-2024-9407
CVE-2024-8675	4.3	Oct. 1, 2024, 8:15 a.m.	WordPress Soumettre.fr plugin	security@wordfence.com CWE-862 2024-10-01 CVE-2024-8675
CVE-2024-30132	3.7	Oct. 1, 2024, 12:15 p.m.	HCL Nomad server	psirt@hcl.com 2024-10-01 CVE-2024-30132
CVE-2024-9411	3.5	Oct. 1, 2024, 8:15 p.m.	OFCMS	CWE-79 cna@vuldb.com 2024-10-01 CVE-2024-9411
CVE-2024-47526	3.5	Oct. 1, 2024, 9:15 p.m.	LibreNMS	security-advisories@github.com CWE-79 2024-10-01 CVE-2024-47526
CVE-2024-8421	0.0	Oct. 1, 2024, 6:15 a.m.	UNKNOWN	secalert@redhat.com 2024-10-01 CVE-2024-8421
CVE-2024-9145	0.0	Oct. 1, 2024, 8:15 a.m.	Wiz Code Visual Studio Code extension	CWE-77 2024-10-01 CVE-2024-9145 9947ef80-c5d5-474a-bbab-97341a59000e
CVE-2024-47534	0.0	Oct. 1, 2024, 4:15 p.m.	go-tuf	security-advisories@github.com CWE-362 2024-10-01 CVE-2024-47534
CVE-2024-46258	None	Oct. 1, 2024, 2:15 p.m.	cute_png	cve@mitre.org 2024-10-01 CVE-2024-46258
CVE-2024-46259	None	Oct. 1, 2024, 2:15 p.m.	cute_png	cve@mitre.org 2024-10-01 CVE-2024-46259
CVE-2024-46261	None	Oct. 1, 2024, 2:15 p.m.	cute_png	cve@mitre.org 2024-10-01 CVE-2024-46261
CVE-2024-46263	None	Oct. 1, 2024, 2:15 p.m.	cute_png	cve@mitre.org 2024-10-01 CVE-2024-46263
CVE-2024-46264	None	Oct. 1, 2024, 2:15 p.m.	cute_png	cve@mitre.org 2024-10-01 CVE-2024-46264
CVE-2024-46267	None	Oct. 1, 2024, 2:15 p.m.	cute_png	cve@mitre.org 2024-10-01 CVE-2024-46267
CVE-2024-46274	None	Oct. 1, 2024, 2:15 p.m.	cute_png	cve@mitre.org 2024-10-01 CVE-2024-46274
CVE-2024-46276	None	Oct. 1, 2024, 2:15 p.m.	cute_png	cve@mitre.org 2024-10-01 CVE-2024-46276
CVE-2021-37577	None	Oct. 1, 2024, 3:15 p.m.	Bluetooth Core Specifications	cve@mitre.org 2024-10-01 CVE-2021-37577
CVE-2024-25658	None	Oct. 1, 2024, 3:15 p.m.	Infinera TNMS (Transcend Network Management System) Server	cve@mitre.org 2024-10-01 CVE-2024-25658
CVE-2024-9391	None	Oct. 1, 2024, 4:15 p.m.	Firefox Focus for Android	security@mozilla.org 2024-10-01 CVE-2024-9391
CVE-2024-9393	None	Oct. 1, 2024, 4:15 p.m.	Firefox	security@mozilla.org 2024-10-01 CVE-2024-9393
CVE-2024-9394	None	Oct. 1, 2024, 4:15 p.m.	Mozilla Firefox	security@mozilla.org 2024-10-01 CVE-2024-9394
CVE-2024-9395	None	Oct. 1, 2024, 4:15 p.m.	Firefox for Android	security@mozilla.org 2024-10-01 CVE-2024-9395
CVE-2024-9397	None	Oct. 1, 2024, 4:15 p.m.	Thunderbird	security@mozilla.org 2024-10-01 CVE-2024-9397
CVE-2024-9398	None	Oct. 1, 2024, 4:15 p.m.	Thunderbird	security@mozilla.org 2024-10-01 CVE-2024-9398
CVE-2024-9399	None	Oct. 1, 2024, 4:15 p.m.	Thunderbird	security@mozilla.org 2024-10-01 CVE-2024-9399
CVE-2024-47608	None	Oct. 1, 2024, 5:15 p.m.	Logicytics	security-advisories@github.com CWE-78 2024-10-01 CVE-2024-47608
CVE-2024-31835	None	Oct. 1, 2024, 7:15 p.m.	Flatpress CMS	cve@mitre.org 2024-10-01 CVE-2024-31835
CVE-2024-45999	None	Oct. 1, 2024, 8:15 p.m.	Cloudlog	cve@mitre.org 2024-10-01 CVE-2024-45999
CVE-2024-46080	None	Oct. 1, 2024, 9:15 p.m.	Scriptcase	cve@mitre.org 2024-10-01 CVE-2024-46080
CVE-2024-46082	None	Oct. 1, 2024, 9:15 p.m.	Scriptcase	cve@mitre.org 2024-10-01 CVE-2024-46082
CVE-2024-46084	None	Oct. 1, 2024, 9:15 p.m.	Scriptcase	cve@mitre.org 2024-10-01 CVE-2024-46084
CVE-2024-47528	None	Oct. 1, 2024, 9:15 p.m.	LibreNMS	security-advisories@github.com CWE-116 2024-10-01 CVE-2024-47528
CVE-2024-47609	None	Oct. 1, 2024, 9:15 p.m.	Tonic	security-advisories@github.com CWE-755 2024-10-01 CVE-2024-47609

» Click here to see all Vulnerabilities «