Tag: 2024-10-17

7 Attack Reports | 156 Vulnerabilities

Attack reports

Kernel shellcode persistence technique in APT attacks and CTF challenge

A security flaw in Windows 7 and Server 2008 R2 allows kernel shellcode to be hidden in the registry and executed during boot, despite patches. This vulnerability was exploited in a 2018 targeted attack. The SAS CTF challenge involved analyzing this technique, which uses buffer overflows in DirectX…
windows
persistence
shellcode
2024-10-17
drivers
ctf
buffer overflow
CVE-2010-4398
directx
kernel
registry
Published: October 17, 2024
Downloadable IOCs: 0

Ukrainian and Polish entities targeted with RomCom malware variants

A Russian-speaking threat group, UAT-5647, has been conducting attacks against Ukrainian government entities and Polish targets since late 2023. The group has evolved its toolset to include four distinct malware families: RustClaw and MeltingClaw downloaders, DustyHammock backdoor, and ShadyHammock…
russia
ukraine
poland
romcom
2024-10-17
singlecamper
dustyhammock
shadyhammock
rustclaw
rustyclaw
meltingclaw
Published: October 17, 2024
Downloadable IOCs: 0

Unmasking CVE-2024-38178: The Silent Threat of Windows Scripting Engine

CVE-2024-38178 is a type confusion vulnerability in JScript9.dll, patched by Microsoft in August 2024. It allows bypassing the CVE-2022-41128 patch through incorrect JIT engine optimizations. APT37, a North Korean threat group, exploited this vulnerability in June 2024 against South Korean targets.…
windows
vulnerability
zero-day
rokrat
remote code execution
CVE-2024-38178
2024-10-17
apt37
CVE-2022-41128
type confusion
jscript9.dll
Published: October 17, 2024
Downloadable IOCs: 0

New Linux Malware Targeting ATMs for Financial Fraud

A recent analysis reveals a new variant of the FASTCash malware, designed to compromise financial networks by manipulating payment transactions. Developed by threat actors potentially linked to North Korean hacking groups, this Linux version specifically targets Ubuntu 20.04 systems in ATMs. It int…
malware
linux
fraud
fastcash
2024-10-17
financial
transaction
atm
Published: October 17, 2024
Downloadable IOCs: 12

Fake LockBit Real Damage Ransomware Samples Abuse AWS S3 to Steal Data

This report discusses malicious Golang ransomware samples that exploit Amazon S3's Transfer Acceleration feature to exfiltrate victims' data and upload it to attacker-controlled S3 buckets. The samples contained hard-coded AWS credentials linked to compromised accounts, allowing the researchers to …
ransomware
golang
aws
data-exfiltration
2024-10-17
lockbit-imitation
Published: October 17, 2024
Downloadable IOCs: 39

Hive0147 serving juicy Picanha with a side of Mekotio

IBM X-Force observed Hive0147, a highly active threat group in Latin America, distributing a new Golang-based downloader named Picanha to deploy the Mekotio banking trojan. Picanha is a two-stage malware that uses advanced techniques like direct syscalls and supports multiple download URLs, reliabl…
malware
trojan
banking
downloader
mekotio
2024-10-17
banker.fn
picanha
Published: October 17, 2024
Downloadable IOCs: 20

Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations

The advisory warns of Iranian cyber actors employing brute force techniques like password spraying and MFA 'push bombing' to compromise user accounts across critical sectors. After gaining access, they gather additional credentials, move laterally, and collect data potentially to sell on cybercrimi…
CVE-2020-1472
malicious
credential
lateral
infrastructure
2024-10-17
access
Published: October 17, 2024
Linked vulnerabilities : CVE-2020-1472
Downloadable IOCs: 1
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-49291

10.0
    Cooked Pro
Published: October 17, 2024

CVE-2024-49314

10.0
    JiangQie Free Mini Program
Published: October 17, 2024

CVE-2024-9862

9.8
    Miniorange OTP Verification with Firebase plugin for WordPress
Published: October 17, 2024

CVE-2024-9863

9.8
    UserPro plugin for WordPress
Published: October 17, 2024

CVE-2024-9263

9.8
    WP Timetics- AI-powered Appointment Booking Calendar and Online Scheduling Plugin plugin for WordPress
Published: October 17, 2024

CVE-2005-10003

9.8
    Mikexstudios
  • Xcomic
Published: October 17, 2024

CVE-2024-49217

9.8
    Madirisalmanaashish
  • Adding Drop Down Roles In Registration
Published: October 17, 2024

CVE-2024-49318

9.8
    My Reading Library
Published: October 17, 2024

CVE-2024-49322

9.8
    Job Board Manager for WordPress
Published: October 17, 2024

CVE-2024-49400

9.8
    Tacquito
Published: October 17, 2024

CVE-2023-26785

9.8
    MariaDB
Published: October 17, 2024

CVE-2024-43566

9.8
    Microsoft
  • Edge Chromium
Published: October 17, 2024

CVE-2024-49246

9.3
    Ajax Rating with Custom Login
Published: October 17, 2024

CVE-2024-49305

9.3
    Email Verification for WooCommerce
Published: October 17, 2024

CVE-2024-10025

9.1
    SICK products
Published: October 17, 2024

CVE-2024-48920

9.1
    PutongOJ
Published: October 17, 2024

CVE-2024-9215

8.8
    PublishPress Authors plugin for WordPress
Published: October 17, 2024

CVE-2024-10069

8.8
    Esafenet
  • Cdg
Published: October 17, 2024

CVE-2024-10070

8.8
    Esafenet
  • Cdg
Published: October 17, 2024

CVE-2024-10071

8.8
    Esafenet
  • Cdg
Published: October 17, 2024

CVE-2024-10072

8.8
    Esafenet
  • Cdg
Published: October 17, 2024

CVE-2024-49219

8.8
    Themexpo
  • Rs-Members
Published: October 17, 2024

CVE-2024-43595

8.8
    Microsoft
  • Edge Chromium
Published: October 17, 2024

CVE-2024-43596

8.8
    Microsoft
  • Edge Chromium
Published: October 17, 2024

CVE-2024-49315

8.6
    FREE DOWNLOAD MANAGER
Published: October 17, 2024

CVE-2024-47304

8.5
    Fluent Support
Published: October 17, 2024

CVE-2024-47312

8.5
    WPGrim Classic Editor
    Classic Widgets
Published: October 17, 2024

CVE-2024-49244

8.5
    csv_product_import_export_for_woocommerce
Published: October 17, 2024

CVE-2024-49297

8.5
    Zoho CRM Lead Magnet
Published: October 17, 2024

CVE-2024-43578

8.3
    Microsoft
  • Edge Chromium
Published: October 17, 2024

CVE-2024-43579

8.3
    Microsoft
  • Edge Chromium
Published: October 17, 2024

CVE-2024-7755

8.2
    EWON FLEXY 202
Published: October 17, 2024

CVE-2024-9861

8.1
    Miniorange OTP Verification with Firebase plugin for WordPress
Published: October 17, 2024

CVE-2024-33453

8.1
    esp-idf
Published: October 17, 2024

CVE-2024-43587

8.1
    Microsoft
  • Edge Chromium
Published: October 17, 2024

CVE-2024-45766

8.0
    Dell OpenManage Enterprise
Published: October 17, 2024

CVE-2024-48192

8.0
    Tenda G3
Published: October 17, 2024

CVE-2024-48629

8.0
    D-Link DIR-882 Router
    D-Link DIR-878 Router
Published: October 17, 2024

CVE-2024-48630

8.0
    D-Link DIR-882 Router
    D-Link DIR-878 Router
Published: October 17, 2024

CVE-2024-48631

8.0
    D-Link DIR-882 router
    D-Link DIR-878 router
Published: October 17, 2024

CVE-2024-48632

8.0
    D-Link DIR-882 Router
    D-Link DIR-878 Router
Published: October 17, 2024

CVE-2024-48633

8.0
    D-Link DIR-882 Router
    D-Link DIR-878 Router
Published: October 17, 2024

CVE-2024-48634

8.0
    D-Link DIR-882 Router
    D-Link DIR-878 Router
Published: October 17, 2024

CVE-2024-48635

8.0
    D-Link DIR-882 and DIR-878 routers
Published: October 17, 2024

CVE-2024-48636

8.0
    D-Link DIR-882 Firmware
    D-Link DIR-878 Firmware
Published: October 17, 2024

CVE-2024-48637

8.0
    D-Link DIR-882
    D-Link DIR-878
Published: October 17, 2024

CVE-2024-48638

8.0
    D-Link DIR-882 Router
    D-Link DIR-878 Router
Published: October 17, 2024

CVE-2024-49389

7.8
    Acronis
  • Cyber Files
Published: October 17, 2024

CVE-2024-10068

7.8
    FlashFXP
Published: October 17, 2024

CVE-2024-10093

7.8
    Vso-Software
  • Convertxtodvd
Published: October 17, 2024

CVE-2024-5429

7.6
    Logo Slider WordPress plugin
Published: October 17, 2024

CVE-2024-48043

7.6
    ShortPixel Image Optimizer
Published: October 17, 2024

CVE-2024-49299

7.6
    Surfer
Published: October 17, 2024

CVE-2024-10101

7.6
    binary-husky/gpt_academic
Published: October 17, 2024

CVE-2024-48024

7.5
    Keep Backup Daily
Published: October 17, 2024

CVE-2024-10073

7.5
    Informatik.Hu-Berlin
  • Flair
Published: October 17, 2024

CVE-2024-49235

7.5
    VideoWhisper.Com Contact Forms
    Live Support
    CRM
    Video Messages
Published: October 17, 2024

CVE-2024-49285

7.5
    SSV MailChimp
Published: October 17, 2024

CVE-2024-49287

7.5
    PDF-Rechnungsverwaltung
Published: October 17, 2024

CVE-2024-49317

7.5
    ZIPANG Point Maker
Published: October 17, 2024

CVE-2024-49390

7.3
    Acronis
  • Cyber Files
Published: October 17, 2024

CVE-2024-49391

7.3
    Acronis
  • Cyber Files
Published: October 17, 2024

CVE-2023-6729

7.3
    Nokia SR OS routers
Published: October 17, 2024

CVE-2024-9184

7.2
    SendPulse Free Web Push plugin for WordPress
Published: October 17, 2024

CVE-2024-6333

7.2
    Xerox Altalink
    Xerox Versalink
    Xerox WorkCentre
Published: October 17, 2024

CVE-2024-49320

7.1
    Encyclopedia / Glossary / Wiki
Published: October 17, 2024

CVE-2024-48021

7.1
    Contact Form 7 - PayPal & Stripe Add-on
Published: October 17, 2024

CVE-2024-48023

7.1
    RestaurantConnect, Inc Restaurant Reservations Widget
Published: October 17, 2024

CVE-2024-48032

7.1
    Featured Posts with Multiple Custom Groups (FPMCG)
Published: October 17, 2024

CVE-2024-48048

7.1
    Wsify Widget
Published: October 17, 2024

CVE-2024-43997

7.1
    EasyJobs
Published: October 17, 2024

CVE-2024-49313

7.1
    VKontakte Wall Post
Published: October 17, 2024

CVE-2024-49308

7.1
    Toast Plugins Animator
Published: October 17, 2024

CVE-2024-49309

7.1
    Digitally
Published: October 17, 2024

CVE-2024-49316

7.1
    Akismet htaccess writer
Published: October 17, 2024

CVE-2024-49248

7.1
    Ad Inserter
Published: October 17, 2024

CVE-2024-49276

7.1
    Clio Grow
Published: October 17, 2024

CVE-2024-49283

7.1
    CURCY
Published: October 17, 2024

CVE-2024-30875

7.1
    jquery-ui
Published: October 17, 2024

CVE-2024-48022

6.5
    SysBasics Shortcode For Elementor Templates
Published: October 17, 2024

CVE-2024-48025

6.5
    Simple Baseball Scoreboard
Published: October 17, 2024

CVE-2024-48031

6.5
    Featured Posts with Multiple Custom Groups (FPMCG)
Published: October 17, 2024

CVE-2024-48036

6.5
    SKT Themes SKT Blocks - Gutenberg based Page Builder
Published: October 17, 2024

CVE-2024-10100

6.5
    binary-husky/gpt_academic
Published: October 17, 2024

CVE-2024-49289

6.5
    Cooked Pro
Published: October 17, 2024

CVE-2024-49292

6.5
    Exclusive Addons Elementor
Published: October 17, 2024

CVE-2024-49296

6.5
    Coder426 Custom Add to Cart Button Label and Link
Published: October 17, 2024

CVE-2024-49298

6.5
    PeproDev Ultimate Invoice
Published: October 17, 2024

CVE-2024-49301

6.5
    G Meta Keywords
Published: October 17, 2024

CVE-2024-49302

6.5
    WordPress Portfolio Builder - Portfolio Gallery
Published: October 17, 2024

CVE-2024-49307

6.5
    Admin Management Xtended
Published: October 17, 2024

CVE-2024-49310

6.5
    Themesflat Addons For Elementor
Published: October 17, 2024

CVE-2024-49311

6.5
    WisdmLabs Edwiser Bridge
Published: October 17, 2024

CVE-2024-49319

6.5
    Awesome Contact Form7 for Elementor
Published: October 17, 2024

CVE-2024-49255

6.5
    Da Reactions
Published: October 17, 2024

CVE-2024-49259

6.5
    Primary Addon for Elementor
Published: October 17, 2024

CVE-2024-49261

6.5
    Arkhe Blocks
Published: October 17, 2024

CVE-2024-49262

6.5
    Country Flags for Elementor
Published: October 17, 2024

CVE-2024-49263

6.5
    My Favorites
Published: October 17, 2024

CVE-2024-49264

6.5
    NicheAddons Events Addon for Elementor
Published: October 17, 2024

CVE-2024-49277

6.5
    UltraAddons Elementor Lite
Published: October 17, 2024

CVE-2024-49278

6.5
    omnipressteam Omnipress
Published: October 17, 2024

CVE-2024-49279

6.5
    TipTopPress Hyperlink Group Block
Published: October 17, 2024

CVE-2024-49280

6.5
    Lightbox slider – Responsive Lightbox Gallery
Published: October 17, 2024

CVE-2024-49281

6.5
    Click to Chat – WP Support All-in-One Floating Widget
Published: October 17, 2024

CVE-2024-8920

6.4
    Fonto - Custom Web Fonts Manager plugin for WordPress
Published: October 17, 2024

CVE-2024-9898

6.4
    Parallax Image plugin for WordPress
Published: October 17, 2024

CVE-2024-9240

6.1
    ReDi Restaurant Reservation plugin for WordPress
Published: October 17, 2024

CVE-2024-8719

6.1
    Flexmls IDX Plugin for WordPress
Published: October 17, 2024

CVE-2024-9347

6.1
    The Ultimate WordPress Toolkit – WP Extended plugin
Published: October 17, 2024

CVE-2024-9213

6.1
    Persian WooCommerce SMS plugin for WordPress
Published: October 17, 2024

CVE-2024-9951

6.1
    WP Photo Album Plus plugin for WordPress
Published: October 17, 2024

CVE-2024-49579

6.1
    Jetbrains
  • Youtrack
Published: October 17, 2024

CVE-2024-49220

6.1
    Cookie-Scanner
  • Cookie Scanner
Published: October 17, 2024

CVE-2024-49221

6.1
    Julianweinert
  • Cslider
Published: October 17, 2024

CVE-2024-49223

6.1
    Shibulijack
  • Cj Change Howdy
Published: October 17, 2024

CVE-2024-49229

6.1
    Arifnezami
  • Better Author Bio
Published: October 17, 2024

CVE-2024-49237

6.1
    Ahmetimamoglu
  • Ahmeti Wp Timeline
Published: October 17, 2024

CVE-2024-10099

6.1
    Comfy
  • Comfyui
Published: October 17, 2024

CVE-2024-3184

5.9
    GoAhead Web Server
Published: October 17, 2024

CVE-2024-3187

5.9
    Goahead
Published: October 17, 2024

CVE-2024-48046

5.9
    Contact Form by Supsystic
Published: October 17, 2024

CVE-2024-49295

5.9
    Simple Testimonials Showcase
Published: October 17, 2024

CVE-2024-49282

5.9
    Responsive Lightbox
Published: October 17, 2024

CVE-2024-7316

5.9
    Mitsubishi Electric CNC Series
Published: October 17, 2024

CVE-2024-49386

5.7
    Acronis
  • Cyber Files
Published: October 17, 2024

CVE-2024-27766

5.7
    MariaDB
Published: October 17, 2024

CVE-2023-39593

5.6
    MariaDB
Published: October 17, 2024

CVE-2024-47459

5.5
    Adobe
  • Substance 3d Sampler
Published: October 17, 2024

CVE-2024-48037

5.4
    Contact Form Widget
Published: October 17, 2024

CVE-2024-49304

5.4
    Pinpoint Booking System
Published: October 17, 2024

CVE-2024-43580

5.4
    Microsoft
  • Edge Chromium
Published: October 17, 2024

CVE-2024-9940

5.3
    Calculated Fields Form plugin for WordPress
Published: October 17, 2024

CVE-2024-3186

5.3
    GoAhead Web Server
Published: October 17, 2024

CVE-2024-49580

5.3
    Jetbrains
  • Ktor
Published: October 17, 2024

CVE-2024-49284

5.3
    WP SendFox
Published: October 17, 2024

CVE-2024-45713

5.1
    SolarWinds Kiwi CatTools
Published: October 17, 2024

CVE-2024-49312

4.9
    WisdmLabs Edwiser Bridge
Published: October 17, 2024

CVE-2024-49392

4.8
    Acronis
  • Cyber Files
Published: October 17, 2024

CVE-2024-9683

4.8
    Quay
Published: October 17, 2024

CVE-2024-49288

4.8
    Villatheme
  • Woocommerce Email Template Customizer
Published: October 17, 2024

CVE-2024-45767

4.3
    Dell OpenManage Enterprise
Published: October 17, 2024

CVE-2024-7417

4.3
    Royal Elementor Addons and Templates plugin for WordPress
Published: October 17, 2024

CVE-2024-9351

4.3
    Forminator Forms plugin for WordPress
Published: October 17, 2024

CVE-2024-9352

4.3
    Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress
Published: October 17, 2024

CVE-2024-48038

4.3
    wp-Monalisa
Published: October 17, 2024

CVE-2024-48047

4.3
    Linked Variation for WooCommerce
Published: October 17, 2024

CVE-2018-25104

4.3
    PrestaShop CoinGate Plugin
Published: October 17, 2024

CVE-2023-6728

3.3
    Nokia SR OS
Published: October 17, 2024

CVE-2024-49593

None
    Advanced Custom Fields (ACF)
Published: October 17, 2024

CVE-2024-9414

None
    LAquis SCADA
Published: October 17, 2024

CVE-2024-49396

None
    Elvaco
Published: October 17, 2024

CVE-2024-49397

None
    UNKNOWN
Published: October 17, 2024

CVE-2024-49398

None
    UNKNOWN
Published: October 17, 2024

CVE-2024-49399

None
    UNKNOWN
Published: October 17, 2024

CVE-2024-48924

None
    MessagePack-CSharp
Published: October 17, 2024
Click here to see more Vulnerabilities