Today > vulnerabilities   -   You can now download lists of IOCs here!

Tag: 2024-10-02

4 attack reports | 91 vulnerabilities

Attack reports

Security Brief: Royal Mail Lures Deliver Open Source Prince Ransomware

A campaign impersonating Royal Mail was identified delivering Prince ransomware, an open-source variant available on GitHub. The low-volume attack targeted UK and US organizations in mid-September, often originating from contact forms on target websites. The ransomware lacks decryption mechanisms a…

obfuscation
phishing
github
2024-10-02
prince ransomware
destructive attack
royal mail
open-source malware
prince
contact forms
Published: October 2, 2024

Downloadable IOCs 3

People's Republic of China-Linked Actors Compromise Routers and IoT Devices for Botnet Operations

PRC-linked cyber actors have compromised thousands of Internet-connected devices to create a botnet for malicious activities. Integrity Technology Group, a PRC-based company with government links, has controlled a botnet of over 260,000 devices since mid-2021. The botnet uses Mirai-based malware to…

china
ddos
iot
botnet
cyber espionage
mirai
CVE-2024-29973
CVE-2024-4577
CVE-2024-5217
routers
CVE-2023-3519
CVE-2023-46604
CVE-2023-46747
2024-10-02
CVE-2023-43478
CVE-2023-3852
CVE-2023-36844
network compromise
CVE-2024-29269
CVE-2023-36542
CVE-2023-35885
CVE-2024-21762
CVE-2023-38035
CVE-2023-35843
CVE-2023-37582
CVE-2023-38646
CVE-2023-50386
CVE-2023-47218
Published: October 2, 2024

Downloadable IOCs 169

Key Group uses leaked builders of ransomware and wipers

Key Group, also known as keygroup777, is a financially motivated ransomware group primarily targeting Russian users. The group has been active since 2022, using various leaked ransomware builders and wipers, including Xorist, Chaos, Annabelle, Slam, RuRansom, UX-Cryptor, Hakuna Matata, and Judge/No…

phishing
ransomware
persistence
njrat
wiper
telegram
chaos
2024-10-02
xorist
slam
hakuna matata
annabelle
ruransom
ux-cryptor
multi-stage loaders
leaked builders
russian-speaking
judge/nocry
Published: October 2, 2024

Downloadable IOCs 24

Detecting Vulnerability Scanning Traffic From Underground Tools Using Machine Learning

Researchers discovered an automated scanning tool called Swiss Army Suite (S.A.S) used for vulnerability scans on web services. The tool generates unusual SQL injection patterns that could potentially bypass web application firewalls. It offers features like Dork-based checker, generator, and SQL v…

sql injection
2024-10-01
2024-10-02
machine learning
vulnerability scanning
telemetry analysis
swiss army suite
underground tools
dork-based checker
s.a.s
web application security
Published: October 2, 2024

Downloadable IOCs 8

» Click here to see all Attack Reports «

Vulnerabilities

CVE-2024-45186

9.8
FileSender
Published: October 2, 2024

CVE-2024-9429

9.8
Restaurant Reservation System
Published: October 2, 2024

CVE-2024-44097

9.8
UNKNOWN
Published: October 2, 2024

CVE-2024-9441

9.8
Linear eMerge e3-Series
Published: October 2, 2024

CVE-2024-45519

9.8
Zimbra Collaboration
Published: October 2, 2024

CVE-2024-35293

9.1
UNKNOWN
Published: October 2, 2024

CVE-2024-20518

9.1
Cisco Small Business RV042, RV042G, RV320, and RV325 Routers
Published: October 2, 2024

CVE-2024-20519

9.1
Cisco Small Business RV042 Router
Published: October 2, 2024

CVE-2024-20520

9.1
Cisco Small Business RV042, RV042G, RV320, and RV325 Routers
Published: October 2, 2024

CVE-2024-20521

9.1
Cisco Small Business RV042, RV042G, RV320, and RV325 Routers
Published: October 2, 2024

CVE-2024-7855

8.8
WP Hotel Booking plugin for WordPress
Published: October 2, 2024

CVE-2024-8885

8.8
Sophos Intercept X for Windows with Central Device Encryption
Published: October 2, 2024

CVE-2024-20393

8.8
Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers
Published: October 2, 2024

CVE-2024-20432

8.8
Cisco Nexus Dashboard Fabric Controller
Published: October 2, 2024

CVE-2024-20449

8.8
Cisco Nexus Dashboard Fabric Controller (NDFC)
Published: October 2, 2024

CVE-2024-46626

8.8
OS4ED openSIS-Classic
Published: October 2, 2024

CVE-2024-28888

8.8
Foxit Reader
Published: October 2, 2024

CVE-2024-7558

8.7
Juju
Published: October 2, 2024

CVE-2024-20448

8.6
Cisco Nexus Dashboard Fabric Controller
Published: October 2, 2024

CVE-2024-20490

8.6
Cisco Nexus Dashboard Fabric Controller (NDFC)
Published: October 2, 2024

CVE-2024-20491

8.6
Cisco Nexus Dashboard Insights
Published: October 2, 2024

CVE-2024-44193

8.4
iTunes for Windows
Published: October 2, 2024

CVE-2024-47806

8.1
Jenkins OpenId Connect Authentication Plugin
Published: October 2, 2024

CVE-2024-47807

8.1
Jenkins OpenId Connect Authentication Plugin
Published: October 2, 2024

CVE-2024-41290

8.1
FlatPress CMS
Published: October 2, 2024

CVE-2024-8733

8.0
HP One Agent
Published: October 2, 2024

CVE-2024-8038

7.9
juju
Published: October 2, 2024

CVE-2024-7315

7.5
Migration, Backup, Staging WordPress plugin
Published: October 2, 2024

CVE-2024-44017

7.5
MH Board
Published: October 2, 2024

CVE-2024-20498

7.5
Cisco AnyConnect VPN server of Cisco Meraki MX
Published: October 2, 2024

CVE-2024-20499

7.5
Cisco Meraki MX
Published: October 2, 2024

CVE-2024-20500

7.5
Cisco Meraki MX
Published: October 2, 2024

CVE-2024-20501

7.5
Cisco Meraki MX
Published: October 2, 2024

CVE-2024-20502

7.5
Cisco Meraki MX
Published: October 2, 2024

CVE-2024-44030

7.2
Mestres do WP Checkout Mestres WP
Published: October 2, 2024

CVE-2024-20365

7.2
Cisco UCS B-Series
Published: October 2, 2024

CVE-2024-20470

7.2
Cisco Small Business RV Series Dual WAN Gigabit VPN Routers
Published: October 2, 2024

CVE-2024-20516

6.8
Cisco Small Business RV042 Router
Published: October 2, 2024

CVE-2024-20517

6.8
Cisco Small Business RV042 Router
Published: October 2, 2024

CVE-2024-20522

6.8
Cisco Small Business RV042, RV042G, RV320, and RV325 Routers
Published: October 2, 2024

CVE-2024-20523

6.8
Cisco Small Business RV042, RV042G, RV320, and RV325 Routers
Published: October 2, 2024

CVE-2024-20524

6.8
Cisco Small Business RV042 Router
Published: October 2, 2024

CVE-2024-47616

6.8
Pomerium
Published: October 2, 2024

CVE-2024-20492

6.7
Cisco Expressway Series
Published: October 2, 2024

CVE-2024-35294

6.5
UNKNOWN
Published: October 2, 2024

CVE-2024-8037

6.5
juju
Published: October 2, 2024

CVE-2024-20441

6.5
Cisco NDFC
Published: October 2, 2024

CVE-2024-20515

6.5
Cisco Identity Services Engine (ISE)
Published: October 2, 2024

CVE-2024-46977

6.5
OpenC3 COSMOS
Published: October 2, 2024

CVE-2024-8254

6.3
Email Subscribers by Icegram Express - Email Marketing, Newsletters, Automation for WordPress & WooCommerce plugin
Published: October 2, 2024

CVE-2024-8800

6.1
RabbitLoader - Website Speed Optimization for improving Core Web Vital metrics with Cache, Image Optimization, and more plugin for WordPress
Published: October 2, 2024

CVE-2024-9210

6.1
MC4WP: Mailchimp Top Bar plugin for WordPress
Published: October 2, 2024

CVE-2024-9222

6.1
Paid Membership Subscriptions Plugin for WordPress
Published: October 2, 2024

CVE-2024-9225

6.1
SEOPress - On-site SEO plugin for WordPress
Published: October 2, 2024

CVE-2024-9218

6.1
Magazine Blocks - Blog Designer, Magazine & Newspaper Website Builder, Page Builder with Posts Blocks, Post Grid plugin for WordPress
Published: October 2, 2024

CVE-2024-9344

6.1
BerqWP Plugin for WordPress
Published: October 2, 2024

CVE-2024-9378

6.1
YML for Yandex Market plugin for WordPress
Published: October 2, 2024

CVE-2024-43795

6.1
COSMOS Open Source Edition
Published: October 2, 2024

CVE-2024-20385

5.9
Cisco Nexus Dashboard Orchestrator
Published: October 2, 2024

CVE-2024-20509

5.9
Cisco Meraki MX
Published: October 2, 2024

CVE-2024-20444

5.5
Cisco Nexus Dashboard Fabric Controller
Published: October 2, 2024

CVE-2024-8967

5.4
WordPress Plugin - PWA - easy way to Progressive Web App
Published: October 2, 2024

CVE-2024-9172

5.4
Demo Importer Plus plugin for WordPress
Published: October 2, 2024

CVE-2024-8282

5.4
Ibtana WordPress Website Builder plugin
Published: October 2, 2024

CVE-2024-8505

5.4
WordPress Infinite Scroll - Ajax Load More plugin
Published: October 2, 2024

CVE-2024-33209

5.4
FlatPress
Published: October 2, 2024

CVE-2024-33210

5.4
Flatpress
Published: October 2, 2024

CVE-2024-20438

5.4
Cisco NDFC
Published: October 2, 2024

CVE-2024-20442

5.4
Cisco Nexus Dashboard
Published: October 2, 2024

CVE-2024-20477

5.4
Cisco NDFC
Published: October 2, 2024

CVE-2024-9440

5.4
Slim Select
Published: October 2, 2024

CVE-2024-9423

5.3
HP LaserJet printers
Published: October 2, 2024

CVE-2024-20513

5.3
Cisco Meraki MX
Published: October 2, 2024

CVE-2024-45960

4.8
Zenario
Published: October 2, 2024

CVE-2024-45964

4.8
Zenario
Published: October 2, 2024

CVE-2024-45962

4.7
October
Published: October 2, 2024

CVE-2024-45965

4.7
Contao
Published: October 2, 2024

CVE-2024-21530

4.5
cocoon
Published: October 2, 2024

CVE-2024-47612

3.5
MediaWiki DataDump extension
Published: October 2, 2024

CVE-2024-47611

0.0
XZ Utils
Published: October 2, 2024

CVE-2024-33662

None
Portainer
Published: October 2, 2024

CVE-2024-9174

None
M-Files Hubshare
Published: October 2, 2024

CVE-2024-9333

None
M-Files Connector for Copilot
Published: October 2, 2024

CVE-2024-47803

None
Jenkins
Published: October 2, 2024

CVE-2024-47804

None
Jenkins
Published: October 2, 2024

CVE-2024-47805

None
Jenkins Credentials Plugin
Published: October 2, 2024

CVE-2024-6360

None
OpenText™ Vertica
Published: October 2, 2024

CVE-2024-24122

None
Yitu project
Published: October 2, 2024

CVE-2024-24116

None
Ruijie RG-NBS2009G-P RGOS
Published: October 2, 2024

CVE-2024-47529

None
OpenC3 COSMOS
Published: October 2, 2024

CVE-2024-24117

None
Ruijie RG-NBS2009G-P RGOS
Published: October 2, 2024
» Click here to see all Vulnerabilities «