Tag: 2024-11-27

7 Attack Reports | 69 Vulnerabilities

Attack reports

First UEFI bootkit malware for Linux discovered

A groundbreaking discovery has been made in the realm of cybersecurity: the first UEFI bootkit specifically targeting Linux systems. Named 'Bootkitty,' this proof-of-concept malware marks a significant evolution in stealthy and hard-to-remove bootkit threats. Although currently limited to certain U…
malware
linux
cybersecurity
kernel
2024-11-27
uefi
bootkit
bcdropper
ubuntu
proof-of-concept
bootkitty
bcobserver
Published: November 27, 2024
Downloadable IOCs: 0

Attacks by APT-C-60 Group Exploiting Legitimate Services

The APT-C-60 group targeted organizations in Japan and East Asia with a sophisticated attack campaign. The attack begins with a phishing email containing a Google Drive link to download a VHDX file. This file includes an LNK file that executes a downloader, which then retrieves a backdoor called Sp…
phishing
lnk
downloader
com hijacking
bitbucket
2024-11-27
statcounter
east asia
vhdx
spygrace
Published: November 27, 2024
Downloadable IOCs: 0

Guess Who’s Back - The Return of ANEL in the Recent Earth Kasha Spear-phishing Campaign in 2024

A spear-phishing campaign targeting Japan since June 2024 has been identified, featuring the reemergence of the ANEL backdoor, previously used by APT10 until 2018. The campaign, attributed to Earth Kasha, targets individuals in political organizations, research institutions, and international relat…
backdoor
noopdoor
spear-phishing
apt10
uac bypass
2024-11-27
japan
roamingmouse
anelldr
uppercut
anel
Published: November 27, 2024
Downloadable IOCs: 6

Matrix Unleashes A New Widespread DDoS Campaign

A new widespread Distributed Denial-of-Service (DDoS) campaign orchestrated by a threat actor named Matrix has been uncovered. The operation combines public scripts, brute-force attacks, and exploitation of weak credentials to create a botnet capable of global disruption. Matrix targets vulnerabili…
cryptocurrency
ddos
iot
botnet
mirai
discord
vulnerability exploitation
CVE-2018-10562
CVE-2018-10561
CVE-2017-17215
telegram
2024-11-27
CVE-2014-8361
brute-force
CVE-2017-18368
script kiddie
CVE-2018-9995
pybot
CVE-2024-27348
CVE-2017-17106
discordgo
CVE-2022-30525
CVE-2022-30075
Published: November 27, 2024
Downloadable IOCs: 12

Credit Card Skimmer Malware Targeting Magento Checkout Pages

A sophisticated credit card skimmer malware has been discovered targeting Magento-powered eCommerce websites, specifically their checkout processes. The malware dynamically creates a fake credit card form or extracts payment fields, activating only on checkout pages. It uses advanced obfuscation te…
obfuscation
encryption
data exfiltration
credit card skimmer
magento
2024-11-27
ecommerce
javascript injection
checkout pages
Published: November 27, 2024
Downloadable IOCs: 0

Financially Motivated Threat Actor Leveraged Google Docs and Weebly Services

A phishing campaign targeting telecommunications and financial sectors was identified in late October 2024. The attackers used Google Docs to deliver phishing links, redirecting victims to fake login pages hosted on Weebly. This method bypassed standard email filters and endpoint protections by lev…
phishing
mfa bypass
sim swapping
financial sector
2024-11-27
google docs
telecom
tracking tools
weebly
Published: November 27, 2024
Downloadable IOCs: 35

Gaming Engines: An Undetected Playground for Malware Loaders

Check Point Research uncovered a new technique exploiting the Godot Engine to execute malicious GDScript code, remaining undetected by most antivirus tools. The technique has been used since June 2024, potentially infecting over 17,000 machines. A loader called GodLoader employs this method and is …
xmrig
malware loader
redline
cross-platform
gaming
2024-11-27
godot engine
gdscript
undetected technique
stargazers ghost network
godloader
Published: November 27, 2024
Downloadable IOCs: 0
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-42327

9.9
    Zabbix
Published: November 27, 2024

CVE-2024-53676

9.8
    Hpe
  • Insight Remote Support
Published: November 27, 2024

CVE-2024-53604

9.8
    PHPGurukul COVID 19 Testing Management System
  • Version(s): v1.0
Published: November 27, 2024

CVE-2024-46054

9.8
    OpenVidReview
  • Version(s): 1.0
Published: November 27, 2024

CVE-2024-53920

9.8
    GNU Emacs
  • Version(s): through 30.0.92
Published: November 27, 2024

CVE-2024-42330

9.1
    Zabbix
Published: November 27, 2024

CVE-2024-7025

8.8
    Google Chrome
  • Version(s): before 129.0.6668.89
Published: November 27, 2024

CVE-2024-53860

8.6
    sp-php-email-handler
  • Version(s): 1.0.0, pre-release versions (alpha and beta)
Published: November 27, 2024

CVE-2024-41125

8.3
    Contiki-NG
Published: November 27, 2024

CVE-2024-41126

8.3
    Contiki-NG
Published: November 27, 2024

CVE-2024-52323

8.1
    Zohocorp ManageEngine Analytics Plus
  • Version(s): below 6100
Published: November 27, 2024

CVE-2024-52951

8.0
    Omada Identity
  • Version(s): before version 15 update 1
Published: November 27, 2024

CVE-2024-31976

8.0
    EnGenius EWS356-FIR
  • Version(s): 1.1.30 and earlier
Published: November 27, 2024

CVE-2024-54003

8.0
    Jenkins Simple Queue Plugin
  • Version(s): 1.4.4 and earlier
Published: November 27, 2024

CVE-2017-13316

7.8
    Google
  • Android
Published: November 27, 2024

CVE-2017-13323

7.8
    Google
  • Android
Published: November 27, 2024

CVE-2024-36467

7.5
    Zabbix
Published: November 27, 2024

CVE-2024-11667

7.5
    Zyxel
  • Zld
  • Atp
  • Atp100
  • Atp100w
  • Atp200
  • Atp500
  • Atp700
  • Atp800
  • Usg Flex
  • Usg Flex 100
  • Usg Flex 100ax
  • Usg Flex 100w
  • Usg Flex 200
  • Usg Flex 50
  • Usg Flex 500
  • Usg Flex 700
  • Usg Flex 50w
  • Usg 20w-Vpn
Published: November 27, 2024

CVE-2024-47181

7.5
    Contiki-NG
  • Version(s): 4.9
Published: November 27, 2024

CVE-2017-13319

7.5
    Google
  • Android
Published: November 27, 2024

CVE-2024-11818

7.3
    Phpgurukul
  • User Registration \& Login And User Management System
Published: November 27, 2024

CVE-2024-11819

7.3
    1000projects
  • Portfolio Management System Mca
Published: November 27, 2024

CVE-2024-53603

7.3
    PHPGurukul COVID 19 Testing Management System
  • Version(s): v1.0
Published: November 27, 2024

CVE-2024-51228

6.8
    TOTOLINK-CX-A3002RU
  • Version(s): V1.0.4-B20171106.1512
    TOTOLINK-CX-N150RT
  • Version(s): V2.1.6-B20171121.1002
    TOTOLINK-CX-N300RT
  • Version(s): V2.1.6-B20170724.1420, V2.1.8-B20171113.1408, V2.1.8-B20191010.1107
    TOTOLINK-CX-N302RE
  • Version(s): V2.0.2-B20170511.1523
Published: November 27, 2024

CVE-2024-53260

6.8
    Autolab
  • Version(s): UNKNOWN
Published: November 27, 2024

CVE-2024-11860

6.5
    Mayurik
  • Best House Rental Management System
Published: November 27, 2024

CVE-2017-13320

6.5
    Google
  • Android
Published: November 27, 2024

CVE-2018-9349

6.5
    Google
  • Android
Published: November 27, 2024

CVE-2018-9350

6.5
    Google
  • Android
Published: November 27, 2024

CVE-2024-53858

6.5
    GitHub CLI
  • Version(s): 2.63.0 and before
Published: November 27, 2024

CVE-2024-53859

6.5
    go-gh
  • Version(s): before 2.11.1
Published: November 27, 2024

CVE-2018-9351

6.5
    Google
  • Android
Published: November 27, 2024

CVE-2018-9352

6.5
    Google
  • Android
Published: November 27, 2024

CVE-2018-9353

6.5
    Google
  • Android
Published: November 27, 2024

CVE-2018-9354

6.5
    Google
  • Android
Published: November 27, 2024

CVE-2024-10175

6.4
    WPBakery Page Builder (formerly Visual Composer) plugin
  • Version(s): up to 1.4
Published: November 27, 2024

CVE-2024-10895

6.4
    Counter Up - Animated Number Counter & Milestone Showcase plugin for WordPress
  • Version(s): up to 2.4.0
Published: November 27, 2024

CVE-2024-21703

6.4
    Confluence Data Center
  • Version(s): 7.19.18 and above, 8.5.5 and above, 8.7.2 and above, 8.8.0 and above
    Confluence Server
  • Version(s): 7.19.18 and above, 8.5.5 and above, 8.7.2 and above, 8.8.0 and above
Published: November 27, 2024

CVE-2024-9369

5.5
    Google Chrome
  • Version(s): before 129.0.6668.89
Published: November 27, 2024

CVE-2017-13321

5.5
    Google
  • Android
Published: November 27, 2024

CVE-2024-11025

5.4
    Unknown
Published: November 27, 2024

CVE-2024-11083

5.3
    ProfilePress plugin for WordPress
  • Version(s): up to 4.15.18
Published: November 27, 2024

CVE-2024-11219

5.3
    Otter Blocks – Gutenberg Blocks, Page Builder for Gutenberg Editor & FSE plugin for WordPress
  • Version(s): up to 3.0.6
Published: November 27, 2024

CVE-2024-10580

5.3
    The Hustle - Email Marketing, Lead Generation, Optins, Popups plugin for WordPress
  • Version(s): up to 7.8.5
Published: November 27, 2024

CVE-2024-11009

4.9
    Internal Linking for SEO traffic & Ranking – Auto internal links (100% automatic) plugin for WordPress
  • Version(s): up to 1.2.1
Published: November 27, 2024

CVE-2024-53635

4.8
    PHPGurukul COVID 19 Testing Management System
  • Version(s): v1.0
Published: November 27, 2024

CVE-2024-46055

4.8
    OpenVidReview
  • Version(s): 1.0
Published: November 27, 2024

CVE-2024-42326

4.4
    Zabbix
Published: November 27, 2024

CVE-2024-10521

4.3
    WordPress Contact Forms by Cimatti plugin
  • Version(s): up to 1.9.2
Published: November 27, 2024

CVE-2024-54004

4.3
    Jenkins Filesystem List Parameter Plugin
  • Version(s): 0.0.14 and earlier
Published: November 27, 2024

CVE-2024-37816

4.2
    Quectel EC25-EUX
Published: November 27, 2024

CVE-2024-42332

3.7
    Zabbix
Published: November 27, 2024

CVE-2024-11820

3.5
    Code-Projects
  • Crud Operation System
Published: November 27, 2024

CVE-2024-42328

3.3
    Zabbix
Published: November 27, 2024

CVE-2024-42329

3.3
    UNKNOWN
Published: November 27, 2024

CVE-2024-42331

3.3
    Zabbix
Published: November 27, 2024

CVE-2024-36468

3.0
    Zabbix server/proxy
Published: November 27, 2024

CVE-2024-42333

2.7
    Zabbix Server
  • Version(s): UNKNOWN
Published: November 27, 2024

CVE-2024-36464

2.7
    Zabbix
Published: November 27, 2024

CVE-2024-53855

1.9
    Centurion ERP
  • Version(s): 1.3.1
Published: November 27, 2024

CVE-2024-53849

None
    editorconfig-core-c
  • Version(s): 0.12.7
Published: November 27, 2024

CVE-2024-5921

None
    Palo Alto Networks GlobalProtect App
Published: November 27, 2024

CVE-2024-52958

None
    iota C.ai Conversational Platform
  • Version(s): 1.0.0, 2.1.3
Published: November 27, 2024

CVE-2024-52959

None
    iota C.ai Conversational Platform
  • Version(s): 1.0.0 through 2.1.3
Published: November 27, 2024

CVE-2024-11862

None
    Devolutions.XTS.NET
  • Version(s): 2024.11.19 and earlier
Published: November 27, 2024

CVE-2024-11160

None
    UNKNOWN
Published: November 27, 2024

CVE-2024-53254

None
    UNKNOWN
Published: November 27, 2024

CVE-2023-29001

None
    Contiki-NG
Published: November 27, 2024

CVE-2024-53264

None
    bunkerweb
  • Version(s): 1.5.11 and below
Published: November 27, 2024
Click here to see more Vulnerabilities