Tag: 2024-11-17

3 Attack Reports | 11 Vulnerabilities

Attack reports

Telekopye transitions to targeting tourists via hotel booking scam

ESET researchers have discovered that Telekopye, a Telegram-based toolkit used by cybercriminals to scam people on online marketplaces, has expanded its operations to target users of popular accommodation booking platforms like Booking.com and Airbnb. The scammers, referred to as Neanderthals, now …
phishing
cybercrime
scam
telegram
2024-11-17
telekopye
tourism
booking
marketplace
accommodation
Published: November 17, 2024
Downloadable IOCs: 0

Mind the (air) gap: GoldenJackal gooses government guardrails

ESET researchers uncovered two distinct toolsets used by the GoldenJackal APT group to breach air-gapped systems in government organizations. The first toolset, observed in 2019, included GoldenDealer for delivering executables via USB drives, GoldenHowl as a modular backdoor, and GoldenRobo for fi…
apt
cyberespionage
2024-11-17
jackalworm
goldenusbgo
goldenblacklist
goldenrobo
modular malware
goldendealer
goldendrive
goldenmailer
goldenace
goldenhowl
usb propagation
goldenpyblacklist
goldenusbcopy
air-gapped systems
Published: November 17, 2024
Downloadable IOCs: 0

Life on a crooked RedLine: Analyzing the infamous infostealer's backend

This article provides an in-depth analysis of RedLine Stealer, a notorious information-stealing malware. The research focuses on previously undocumented backend modules and the control panel used by affiliates. Key findings include the identification of over 1,000 unique IP addresses hosting RedLin…
infostealer
data theft
meta stealer
cybercrime
malware-as-a-service
redline stealer
2024-11-17
control panel
windows communication framework
backend analysis
Published: November 17, 2024
Downloadable IOCs: 0
Click here to see more Attack Reports

Vulnerabilities

CVE-2023-43091

9.8
    GNOME Maps
Published: November 17, 2024

CVE-2024-52867

8.1
    GNU Guix
Published: November 17, 2024

CVE-2024-0793

7.7
    kube-controller-manager
Published: November 17, 2024

CVE-2024-52871

7.5
    Flagsmith
Published: November 17, 2024

CVE-2024-52872

7.5
    Flagsmith
Published: November 17, 2024

CVE-2024-52876

7.5
    Holy Stone Remote ID Module HSRID01
Published: November 17, 2024

CVE-2020-25720

7.5
    Samba
Published: November 17, 2024

CVE-2023-4639

7.4
    Undertow
Published: November 17, 2024

CVE-2023-1419

5.9
    Debezium database connector
Published: November 17, 2024

CVE-2023-6110

5.5
    OpenStack
Published: November 17, 2024

CVE-2023-0657

3.4
    Keycloak
Published: November 17, 2024
Click here to see more Vulnerabilities