Tag: 2024-10-18

6 Attack Reports | 79 Vulnerabilities

Attack reports

Tricks and Treats: New Pixel-Level Deception

GHOSTPULSE malware has evolved to embed malicious data within pixel structures of PNG files, replacing its previous IDAT chunk technique. Recent campaigns involve social engineering tactics, tricking victims with CAPTCHA validations that trigger malicious commands through keyboard shortcuts. The ma…
social engineering
lumma stealer
captcha
2024-10-18
ghostpulse
keyboard shortcuts
yara rules
configuration extractor
pixel-level deception
png files
crc32
gdi+
Published: October 18, 2024
Downloadable IOCs: 9

ClickFix tactic: The Phantom Meet

This analysis explores the ClickFix social engineering tactic that emerged in 2024, focusing on a cluster impersonating Google Meet pages to distribute malware. The tactic tricks users into running malicious code by displaying fake error messages. The investigated cluster targets both Windows and m…
phishing
social engineering
rhadamanthys
infostealer
cryptocurrency
stealc
clickfix
2024-10-18
web3
amos stealer
google meet
Published: October 18, 2024
Downloadable IOCs: 171

Analyzing the familiar tools used by the Crypt Ghouls hacktivists

The Crypt Ghouls group is targeting Russian businesses and government agencies with ransomware attacks. They utilize a toolkit including utilities like Mimikatz, XenAllPasswordPro, PingCastle, and others. The group employs LockBit 3.0 and Babuk ransomware as final payloads. Initial access is often …
ransomware
russia
lockbit
hacktivism
credential harvesting
lateral movement
babuk
lockbit 3.0
2024-10-18
xenallpasswordpro
cobint
Published: October 18, 2024
Downloadable IOCs: 1

New macOS vulnerability, "HM Surf", could lead to unauthorized data access

A new macOS vulnerability called 'HM Surf' has been discovered that could allow attackers to bypass the Transparency, Consent, and Control (TCC) technology and gain unauthorized access to protected user data. The exploit involves removing TCC protection for the Safari browser directory and modifyin…
vulnerability
macos
adload
CVE-2024-44133
2024-10-18
privacy
safari
tcc bypass
hm surf
browser security
Published: October 18, 2024
Downloadable IOCs: 0

Beware: Fake Google Meet Pages Deliver Infostealers in Ongoing ClickFix Campaign

Threat actors are using fake Google Meet web pages as part of the ClickFix campaign to deliver infostealers targeting Windows and macOS systems. The attackers display fake error messages in web browsers, tricking users into executing malicious PowerShell code. The campaign has expanded to impersona…
social engineering
powershell
windows
rhadamanthys
stealer
macos
infostealers
stealc
clickfix
2024-10-18
google meet
atomic
Published: October 18, 2024
Downloadable IOCs: 0

Infiltrating the Cicada3301 Ransomware-as-a-Service Group

This analysis provides an in-depth look into the operations of the Cicada3301 Ransomware-as-a-Service (RaaS) group. It details the workflow of their affiliates within the panel and examines the multi-platform capabilities of their ransomware, encompassing Windows, Linux, ESXi, and even uncommon arc…
ransomware
sophisticated
encryption
cicada3301
2024-10-18
multi-platform
affiliate
Published: October 18, 2024
Downloadable IOCs: 5
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-10118

9.8
    SECOM WRTR-304GN-304TW-UPSC
Published: October 18, 2024

CVE-2024-10119

9.8
    Zte
  • Wrtm326 Firmware
  • Wrtm326
Published: October 18, 2024

CVE-2024-47485

9.8
    Hikvision
  • Hikcentral Master
Published: October 18, 2024

CVE-2024-9537

9.8
    Sciencelogic
  • Sl1
Published: October 18, 2024

CVE-2024-10120

9.8
    Riskengine
  • Radar
Published: October 18, 2024

CVE-2024-10121

9.8
    Riskengine
  • Radar
Published: October 18, 2024

CVE-2024-45944

9.8
    J2eeFAST
Published: October 18, 2024

CVE-2024-37404

9.1
    Ivanti Connect Secure
    Ivanti Policy Secure
Published: October 18, 2024

CVE-2024-9264

8.8
    Grafana
  • Grafana
Published: October 18, 2024

CVE-2024-10079

8.8
    Newsignature
  • Wp Easy Post Types
Published: October 18, 2024

CVE-2024-47487

8.8
    Hikvision
  • Hikcentral Professional
Published: October 18, 2024

CVE-2024-49243

8.8
    Jonvincentmendoza
  • Dynamic Elementor Addons
Published: October 18, 2024

CVE-2024-10123

8.8
    Tenda
  • Ac8 Firmware
  • Ac8
Published: October 18, 2024

CVE-2024-10130

8.8
    Tenda
  • Ac8 Firmware
  • Ac8
Published: October 18, 2024

CVE-2024-9593

8.3
    Wpplugin
  • Time Clock
Published: October 18, 2024

CVE-2023-6080

7.8
    Lakesidesoftware
  • Systrack Lsiagent
Published: October 18, 2024

CVE-2024-29213

7.8
    Ivanti DSM
Published: October 18, 2024

CVE-2024-29821

7.8
    Ivanti DSM
Published: October 18, 2024

CVE-2024-4739

7.5
    Moxa
  • Mxsecurity
Published: October 18, 2024

CVE-2024-4740

7.5
    Moxa
  • Mxsecurity
Published: October 18, 2024

CVE-2023-6055

7.4
    Bitdefender
  • Total Security
Published: October 18, 2024

CVE-2023-6056

7.4
    Bitdefender
  • Total Security
Published: October 18, 2024

CVE-2023-6057

7.4
    Bitdefender
  • Total Security
Published: October 18, 2024

CVE-2023-49570

7.4
    Bitdefender
  • Total Security
Published: October 18, 2024

CVE-2023-49567

6.8
    Bitdefender
  • Total Security
Published: October 18, 2024

CVE-2023-6058

6.8
    Bitdefender
  • Total Security
Published: October 18, 2024

CVE-2024-10129

6.5
    Shudong-Share Project
  • Shudong-Share
Published: October 18, 2024

CVE-2024-47240

6.3
    Dell
  • Secure Connect Gateway
Published: October 18, 2024

CVE-2024-10049

6.1
    Edit Woocommerce Templates Project
  • Edit Woocommerce Templates
Published: October 18, 2024

CVE-2024-8740

6.1
    Fatcatapps
  • Getresponse Forms
Published: October 18, 2024

CVE-2024-8790

6.1
    Themeinwp
  • Social Share With Floating Bar
Published: October 18, 2024

CVE-2024-9350

6.1
    Dpd
  • Dpd Baltic Shipping
Published: October 18, 2024

CVE-2024-9382

6.1
    Rockettheme
  • Gantry
Published: October 18, 2024

CVE-2024-9383

6.1
    Parcelpro
  • Parcel Pro
Published: October 18, 2024

CVE-2024-9206

6.1
    Madrasthemes
  • Mas Companies For Wp Job Manager
Published: October 18, 2024

CVE-2024-47486

6.1
    Hikvision
  • Hikcentral Master
Published: October 18, 2024

CVE-2024-49224

6.1
    Maheshpatel
  • Mitm Bug Tracker
Published: October 18, 2024

CVE-2024-49230

6.1
    Harpreetsingh
  • Ajax Custom Css\/Js
Published: October 18, 2024

CVE-2024-49238

6.1
    Dh9sb.Dx-Info
  • Adif Log Search Widget
Published: October 18, 2024

CVE-2024-49239

6.1
    Nikhilvaghela
  • Add Categories Post Footer
Published: October 18, 2024

CVE-2024-49240

6.1
    Agustinberasategui
  • Ab Categories Search Widget
Published: October 18, 2024

CVE-2024-42508

5.5
    Hp
  • Oneview
Published: October 18, 2024

CVE-2024-47241

5.5
    Dell Secure Connect Gateway (SCG)
Published: October 18, 2024

CVE-2024-10014

5.4
    Tiandiyoyo
  • Flat Ui Button
Published: October 18, 2024

CVE-2024-8916

5.4
    Sukiwp
  • Suki Sites Import
Published: October 18, 2024

CVE-2024-9366

5.4
    Wpzest
  • Easy Menu Manager
Published: October 18, 2024

CVE-2024-9373

5.4
    Dankedev
  • Elemenda
Published: October 18, 2024

CVE-2024-9452

5.4
    Gurieveugen\&Vitaliyshebela
  • Branding
Published: October 18, 2024

CVE-2024-9848

5.4
    K2-Service
  • Product Customizer Light
Published: October 18, 2024

CVE-2024-47793

5.4
    Exceedone
  • Exment
Published: October 18, 2024

CVE-2024-9703

5.4
    Tychesoftwares
  • Arconix Shortcodes
Published: October 18, 2024

CVE-2024-10055

5.4
    Ninjateam
  • Click To Chat
Published: October 18, 2024

CVE-2024-10078

5.4
    Newsignature
  • Wp Easy Post Types
Published: October 18, 2024

CVE-2024-10080

5.4
    Newsignature
  • Wp Easy Post Types
Published: October 18, 2024

CVE-2024-10057

5.4
    Fahadmahmood
  • Rss Feed Widget
Published: October 18, 2024

CVE-2024-49225

5.4
    Swebdeveloper
  • Wppricing Builder
Published: October 18, 2024

CVE-2024-49228

5.4
    Crossedcode
  • Bverse Convert
Published: October 18, 2024

CVE-2024-49231

5.4
    Petercyclop
  • Wordpress Video
Published: October 18, 2024

CVE-2024-49232

5.4
    Javierloureiro
  • El Mejor Cluster
Published: October 18, 2024

CVE-2024-49233

5.4
    Madrasthemes
  • Mas Elementor
Published: October 18, 2024

CVE-2024-49234

5.4
    Themeworm
  • Plexx Elementor Extension
Published: October 18, 2024

CVE-2024-49236

5.4
    Hafizuddinahmed
  • Crazy Call To Action Box
Published: October 18, 2024

CVE-2024-49241

5.4
    Tadywalsh
  • Tito
Published: October 18, 2024

CVE-2024-9425

5.4
    Sajjadhsagor
  • Advanced Category And Custom Taxonomy Image
Published: October 18, 2024

CVE-2024-9674

5.4
    Tahoe
  • Debrandify
Published: October 18, 2024

CVE-2024-49023

5.3
    Microsoft
  • Edge Chromium
Published: October 18, 2024

CVE-2024-38820

5.3
    Vmware
  • Spring Framework
Published: October 18, 2024

CVE-2024-10122

4.9
    Topdata
  • Inner Rep Plus
Published: October 18, 2024

CVE-2024-10128

4.9
    Topdata
  • Inner Rep Plus
Published: October 18, 2024

CVE-2024-9892

4.8
    Arelthiaphillips
  • Add Widget After Content
Published: October 18, 2024

CVE-2024-43300

4.8
    Heimkino-Praxis
  • Movie Database
Published: October 18, 2024

CVE-2024-48016

4.6
    Dell Secure Connect Gateway (SCG)
Published: October 18, 2024

CVE-2024-10040

4.3
    Infinite-Scroll
  • Infinite-Scroll
Published: October 18, 2024

CVE-2024-9361

4.3
    Giuliopanda
  • Bulk Images Optimizer
Published: October 18, 2024

CVE-2024-9364

4.3
    Smackcoders
  • Sendgrid
Published: October 18, 2024

CVE-2024-43577

4.3
    Microsoft Edge (Chromium-based)
Published: October 18, 2024

CVE-2024-46897

3.8
    Exceedone
  • Exment
Published: October 18, 2024

CVE-2024-10115

None
    UNKNOWN
Published: October 18, 2024

CVE-2024-49361

None
    ACON library
Published: October 18, 2024
Click here to see more Vulnerabilities