Tag: 2024-10-22

6 Attack Reports | 84 Vulnerabilities

Attack reports

Grandoreiro banking trojan: overview of recent versions and new tricks

Grandoreiro is a Brazilian banking trojan that has evolved into a global financial threat, targeting over 1,700 banks and 276 crypto wallets in 45 countries. Despite law enforcement efforts, the malware remains active, with new versions featuring enhanced evasion techniques like multiple Domain Gen…
credential theft
remote access
grandoreiro
banking trojan
brazil
evasion techniques
2024-10-22
financial malware
global threat
Published: October 22, 2024
Downloadable IOCs: 0

Gophish Framework Used in Phishing Campaigns to Deploy Remote Access Trojans

A new phishing campaign targeting Russian-speaking users employs the open-source Gophish framework to deliver DarkCrystal RAT and a novel remote access trojan called PowerRAT. The attack utilizes modular infection chains, either through malicious Microsoft Word documents or HTML files with embedded…
phishing
dcrat
html smuggling
darkcrystal rat
russian-speaking
remote access trojan
2024-10-22
powerrat
gophish
Published: October 22, 2024
Downloadable IOCs: 2

New wave of Bumblebee malware attacks warned

Security researchers have detected new attacks involving the Bumblebee malware loader, just four months after Europol disrupted its operations in Operation Endgame. The malware has resurfaced with updated tactics, using MSI files disguised as legitimate software installers to deliver its payload di…
malware
loader
phishing
ransomware
evasion
in-memory
msi
bumblebee
2024-10-22
Published: October 22, 2024
Downloadable IOCs: 9

Akira ransomware continues to evolve

Akira ransomware has established itself as a prominent threat, constantly evolving its tactics. Initially employing double-extortion, it shifted focus to data exfiltration in early 2024. The group developed a Rust variant of their ESXi encryptor, moving away from C++. Recently, Akira has returned t…
linux
ransomware
windows
rust
CVE-2024-37085
vulnerability exploitation
akira
CVE-2023-27532
esxi
CVE-2024-40766
CVE-2023-48788
double-extortion
CVE-2024-40711
CVE-2023-20269
2024-10-22
CVE-2020-3259
CVE-2023-20263
chacha8
megazord
Published: October 22, 2024
Linked vulnerabilities : CVE-2024-37085 (CVSS 6.8), CVE-2024-40766 (CVSS 9.8), CVE-2024-40711 (CVSS 9.8), CVE-2023-27532, CVE-2023-20269, CVE-2020-3259, CVE-2023-48788, CVE-2023-20263
Downloadable IOCs: 37

Over 10 Million Personal And Corporate Devices Infected By Information Stealers

A significant increase in data-stealing malware infections has been observed, with nearly 10 million devices compromised in 2023, marking a 643% rise over three years. Cybercriminals are using sophisticated distribution methods, including malvertising and YouTube comment spam. On average, 50.9 logi…
data theft
credential theft
redline
cybercrime
vidar
malware-as-a-service
lumma
amos
information stealers
2024-10-22
raccoon
vidar/acr
kral stealer
Published: October 22, 2024
Downloadable IOCs: 0

Using gRPC and HTTP/2 for Cryptominer Deployment: An Unconventional Approach

A malicious actor has been observed targeting Docker remote API servers to deploy the SRBMiner cryptominer for mining XRP cryptocurrency. The attacker utilizes the gRPC protocol over h2c (clear text HTTP/2 protocol) to evade security measures and execute cryptomining operations on Docker hosts. The…
cryptomining
docker
container security
2024-10-22
http/2
xrp
grpc
remote api
srbminer
Published: October 22, 2024
Downloadable IOCs: 2
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-43177

9.8
    Ibm
  • Concert
Published: October 22, 2024

CVE-2024-48904

9.8
    Trend Micro Cloud Edge
Published: October 22, 2024

CVE-2024-40493

9.8
    Keith-Cullen
  • Freecoap
Published: October 22, 2024

CVE-2024-40494

9.8
    FreeCoAP
Published: October 22, 2024

CVE-2024-41717

9.8
    Kieback & Peter DDC4000 series
Published: October 22, 2024

CVE-2024-43698

9.8
    Kieback & Peter DDC4000 series
Published: October 22, 2024

CVE-2024-44812

9.8
    Janobe
  • Online Complaint Site
Published: October 22, 2024

CVE-2024-46483

9.8
    Xlight FTP Server
Published: October 22, 2024

CVE-2024-46902

9.1
    Trendmicro
  • Deep Discovery Inspector
Published: October 22, 2024

CVE-2024-26519

9.0
    Casa Systems NTC-221
Published: October 22, 2024

CVE-2024-10002

8.8
    Roveridx
  • Rover Idx
Published: October 22, 2024

CVE-2024-35308

8.8
    Pandorafms
  • Pandora Fms
Published: October 22, 2024

CVE-2024-9987

8.8
    Pandorafms
  • Pandora Fms
Published: October 22, 2024

CVE-2024-26271

8.8
    Liferay
  • Digital Experience Platform
  • Liferay Portal
Published: October 22, 2024

CVE-2024-26272

8.8
    Liferay
  • Digital Experience Platform
  • Liferay Portal
Published: October 22, 2024

CVE-2024-26273

8.8
    Liferay
  • Digital Experience Platform
  • Liferay Portal
Published: October 22, 2024

CVE-2024-38002

8.8
    Liferay
  • Digital Experience Platform
  • Liferay Portal
Published: October 22, 2024

CVE-2024-45518

8.8
    Zimbra
  • Collaboration
Published: October 22, 2024

CVE-2024-10230

8.8
    Google
  • Chrome
Published: October 22, 2024

CVE-2024-10231

8.8
    Google
  • Chrome
Published: October 22, 2024

CVE-2024-47819

8.7
    Umbraco
  • Umbraco Cms
Published: October 22, 2024

CVE-2024-43812

8.4
    Kieback & Peter DDC4000 series
Published: October 22, 2024

CVE-2024-31029

8.2
    FreeCoAP
Published: October 22, 2024

CVE-2024-46482

8.2
    Faveo-Helpdesk
Published: October 22, 2024

CVE-2024-10229

8.1
    Google
  • Chrome
Published: October 22, 2024

CVE-2024-9050

7.8
    NetworkManager-libreswan
Published: October 22, 2024

CVE-2022-23862

7.8
    Ysoft
  • Safeq
Published: October 22, 2024

CVE-2024-48605

7.8
    Helakuru
  • Helakuru
Published: October 22, 2024

CVE-2024-41183

7.8
    Trend Micro VPN
Published: October 22, 2024

CVE-2024-45334

7.8
    Trendmicro
  • Antivirus One
Published: October 22, 2024

CVE-2024-48903

7.8
    Trend Micro Deep Security Agent
Published: October 22, 2024

CVE-2024-7587

7.8
    Iconics
  • Genesis64
    Mitsubishielectric
Published: October 22, 2024

CVE-2024-10125

7.5
    Amazon Application Load Balancer Identity ASP.Net Core
Published: October 22, 2024

CVE-2024-8901

7.5
    Kubeflow
Published: October 22, 2024

CVE-2024-48570

7.5
    Phpgurukul
  • Client Management System
Published: October 22, 2024

CVE-2024-39753

7.5
    Trend Micro Apex One
Published: October 22, 2024

CVE-2024-42643

7.5
    SmartDNS
Published: October 22, 2024

CVE-2024-44331

7.5
    GStreamer RTSP server
Published: October 22, 2024

CVE-2024-9627

7.3
    Te-St
  • Teplobot
Published: October 22, 2024

CVE-2024-10234

7.3
    Redhat
  • Build Of Keycloak
  • Jboss Enterprise Application Platform
Published: October 22, 2024

CVE-2024-48657

7.2
    Princelycesar
  • Hospital Management System
Published: October 22, 2024

CVE-2024-50311

6.5
    Redhat
  • Openshift Container Platform
Published: October 22, 2024

CVE-2024-48925

6.5
    Umbraco
  • Umbraco Cms
Published: October 22, 2024

CVE-2024-46903

6.5
    Trendmicro
  • Deep Discovery Inspector
Published: October 22, 2024

CVE-2024-10003

6.3
    Roveridx
  • Rover Idx
Published: October 22, 2024

CVE-2024-9231

6.1
    Butlerblog
  • Wp-Members
Published: October 22, 2024

CVE-2024-8980

6.1
    Liferay
  • Digital Experience Platform
  • Liferay Portal
Published: October 22, 2024

CVE-2024-49210

6.1
    Archerirm
  • Archer
Published: October 22, 2024

CVE-2024-49211

6.1
    Archerirm
  • Archer
Published: October 22, 2024

CVE-2024-9677

5.5
    USG FLEX H series uOS firmware
Published: October 22, 2024

CVE-2023-52918

5.5
    Linux
  • Linux Kernel
Published: October 22, 2024

CVE-2023-52919

5.5
    Linux
  • Linux Kernel
Published: October 22, 2024

CVE-2024-45335

5.5
    Trendmicro
  • Antivirus One
Published: October 22, 2024

CVE-2024-9588

5.4
    Aftabhusain
  • Category And Taxonomy Meta Fields
Published: October 22, 2024

CVE-2024-10189

5.4
    Jesweb
  • Anchor Episodes Index
Published: October 22, 2024

CVE-2022-23861

5.4
    Ysoft
  • Safeq
Published: October 22, 2024

CVE-2024-48706

5.4
    O-Dyn
  • Collabtive
Published: October 22, 2024

CVE-2024-48707

5.4
    O-Dyn
  • Collabtive
Published: October 22, 2024

CVE-2024-48708

5.4
    O-Dyn
  • Collabtive
Published: October 22, 2024

CVE-2024-8852

5.3
    Servmask
  • All-In-One Wp Migration
Published: October 22, 2024

CVE-2024-50312

5.3
    Redhat
  • Openshift Container Platform
Published: October 22, 2024

CVE-2024-45526

5.3
    OPC Foundation OPCFoundation/UA-.NETStandard
Published: October 22, 2024

CVE-2024-48644

5.3
    Reolink Duo 2 WiFi Camera
Published: October 22, 2024

CVE-2024-48415

5.0
    Loan Management System Project
  • Loan Management System
Published: October 22, 2024

CVE-2024-9589

4.8
    Aftabhusain
  • Category And Taxonomy Meta Fields
Published: October 22, 2024

CVE-2024-9590

4.8
    Aftabhusain
  • Category And Taxonomy Meta Fields
Published: October 22, 2024

CVE-2024-9591

4.8
    Aftabhusain
  • Category And Taxonomy Image
Published: October 22, 2024

CVE-2024-46240

4.8
    O-Dyn
  • Collabtive
Published: October 22, 2024

CVE-2024-46538

4.8
    Netgate
  • Pfsense
Published: October 22, 2024

CVE-2024-48652

4.8
    Tuzitio
  • Camaleon Cms
Published: October 22, 2024

CVE-2024-48656

4.8
    Angeljudesuarez
  • Student Management System
Published: October 22, 2024

CVE-2024-48927

4.6
    Umbraco
  • Umbraco Cms
Published: October 22, 2024

CVE-2024-9541

4.3
    Blazethemes
  • News Kit Elementor Addons
Published: October 22, 2024

CVE-2024-49373

4.3
    Nofusscomputing
  • Centurion Erp
Published: October 22, 2024

CVE-2024-49209

4.3
    Archerirm
  • Archer
Published: October 22, 2024

CVE-2024-48929

4.2
    Umbraco
  • Umbraco Cms
Published: October 22, 2024

CVE-2024-43173

3.7
    Ibm
  • Concert
Published: October 22, 2024

CVE-2024-48926

3.1
    Umbraco
  • Umbraco Cms
Published: October 22, 2024

CVE-2024-49208

3.1
    Archerirm
  • Archer
Published: October 22, 2024

CVE-2024-9129

None
    Zend Server
Published: October 22, 2024

CVE-2024-9287

None
    CPython
Published: October 22, 2024

CVE-2024-10183

None
    Jamf Pro
Published: October 22, 2024

CVE-2024-48919

None
    Cursor code editor with AI
Published: October 22, 2024

CVE-2024-46914

None
    UNKNOWN
Published: October 22, 2024
Click here to see more Vulnerabilities