Today > | 9 High | 16 Medium vulnerabilities - You can now download lists of IOCs here!

Tag: 2024-12-05

7 attack reports | 126 vulnerabilities

Attack reports

Something to Remember Us By: Device Confiscated by Russian Authorities Returned with Monokle-Type Spyware Installed

A joint investigation by The First Department and The Citizen Lab uncovered spyware covertly implanted on a Russian programmer's phone after it was confiscated by authorities. The individual, accused of sending money to Ukraine, was subjected to beatings and recruitment attempts by the FSB during h…

device confiscation

Published: December 5, 2024

Downloadable IOCs 0

Leveraging Cloudflare Tunnels for GammaDrop Infrastructure

BlueAlpha, a Russian state-sponsored cyber threat group, has evolved its malware delivery tactics by exploiting Cloudflare Tunnels to conceal GammaDrop staging infrastructure. The group employs HTML smuggling with sophisticated modifications to bypass email security systems and uses DNS fast-fluxin…

obfuscation techniques

cloudflare tunnels

russian state-sponsored

dns fast-fluxing

Published: December 5, 2024

Downloadable IOCs 1

BlueAlpha Abuses Cloudflare Tunneling Service for GammaDrop Staging Infrastructure

BlueAlpha, a Russian state-sponsored cyber threat group, has evolved its malware delivery tactics by exploiting Cloudflare Tunnels to conceal GammaDrop staging infrastructure. The group employs HTML smuggling with sophisticated modifications to bypass email security systems and uses DNS fast-fluxin…

obfuscation techniques

cloudflare tunnels

russian state-sponsored

dns fast-fluxing

Published: December 5, 2024

Downloadable IOCs 0

Threat Actor Targets Manufacturing Industry With Malware

A sophisticated cyberattack campaign targeting the manufacturing industry has been identified, utilizing a deceptive LNK file disguised as a PDF document. The attack leverages multiple Living-off-the-Land Binaries and Google Accelerated Mobile Pages to evade detection. The threat actor employs vari…

dll sideloading

process injection

Published: December 5, 2024

Downloadable IOCs 0

MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur's Multi-Platform Attacks

Earth Minotaur, a threat actor targeting Tibetan and Uyghur communities, utilizes the MOONSHINE exploit kit to compromise Android devices and install the DarkNimbus backdoor. The exploit kit targets vulnerabilities in instant messaging apps, particularly WeChat, and has been updated with new exploi…

Published: December 5, 2024

Downloadable IOCs 0

Snowblind: The Invisible Hand of Secret Blizzard

A Russian-based threat actor, Secret Blizzard, has infiltrated 33 command-and-control nodes of a Pakistani-based actor, Storm-0156. Over two years, Secret Blizzard leveraged this access to deploy malware into Afghan government networks and potentially acquired data from Pakistani operators' worksta…

secret blizzard

Published: December 5, 2024

Downloadable IOCs 0

Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage

The Russian state-sponsored threat actor Secret Blizzard has been observed compromising the infrastructure of Storm-0156, a Pakistan-based espionage group, to conduct their own espionage operations. Since November 2022, Secret Blizzard has used Storm-0156's backdoors to deploy their own malware on …

secret blizzard

Published: December 5, 2024

Downloadable IOCs 0

» Click here to see all Attack Reports «

Vulnerabilities

CVE-2024-11317

ABB ASPECT - Enterprise

Published: December 5, 2024

CVE-2024-48839

ABB ASPECT - Enterprise

Published: December 5, 2024

CVE-2024-48840

ABB ASPECT - Enterprise

Published: December 5, 2024

CVE-2024-51545

ABB ASPECT - Enterprise

Published: December 5, 2024

CVE-2024-51549

ABB ASPECT - Enterprise

Published: December 5, 2024

CVE-2024-51550

ABB ASPECT - Enterprise

Published: December 5, 2024

CVE-2024-51551

Published: December 5, 2024

CVE-2024-51555

ABB ASPECT - Enterprise

Published: December 5, 2024

CVE-2024-51548

ABB ASPECT - Enterprise

Published: December 5, 2024

CVE-2024-6784

ABB ASPECT - Enterprise

Published: December 5, 2024

CVE-2023-48010

STMicroelectronics SPC58 PowerPC microcontrollers

Published: December 5, 2024

CVE-2024-41579

DTStack Taier

Published: December 5, 2024

CVE-2024-53442

Published: December 5, 2024

CVE-2024-37861

Published: December 5, 2024

CVE-2024-37863

Open Robotics Robotic Operating System 2 (ROS2)

Published: December 5, 2024

CVE-2024-6515

ABB ASPECT - Enterprise

Published: December 5, 2024

CVE-2024-48845

ABB ASPECT - Enterprise

Published: December 5, 2024

CVE-2024-54221

Roninwp FAT Services Booking

Published: December 5, 2024

CVE-2024-51554

ABB ASPECT - Enterprise

Published: December 5, 2024

CVE-2023-50913

Oxide control plane software

Published: December 5, 2024

CVE-2024-38920

Open Robotics Robotic Operating System 2 (ROS2)

Published: December 5, 2024

CVE-2024-6516

ABB ASPECT - Enterprise

Published: December 5, 2024

CVE-2018-9402

Android Kernel

Published: December 5, 2024

CVE-2024-11429

Free Responsive Testimonials, Social Proof Reviews, and Customer Reviews – Stars Testimonials plugin for WordPress

Published: December 5, 2024

CVE-2024-53472

Published: December 5, 2024

CVE-2024-53589

GNU objdump

Published: December 5, 2024

CVE-2022-41137

Apache Hive Metastore (HMS)

Published: December 5, 2024

CVE-2024-48847

ABB ASPECT - Enterprise

Published: December 5, 2024

CVE-2024-51541

ABB ASPECT - Enterprise

Published: December 5, 2024

CVE-2024-51542

ABB ASPECT - Enterprise

Published: December 5, 2024

CVE-2024-51543

ABB ASPECT - Enterprise

Published: December 5, 2024

CVE-2024-51544

ABB ASPECT - Enterprise

Published: December 5, 2024

CVE-2024-45318

SonicWall SMA100 SSLVPN

Published: December 5, 2024

CVE-2024-53703

SonicWall SMA100 SSLVPN firmware

Published: December 5, 2024

CVE-2018-9397

MTK WMT device driver

Published: December 5, 2024

CVE-2018-9398

MediaTek FM Radio Driver

Published: December 5, 2024

CVE-2018-9399

Linux Kernel

Published: December 5, 2024

CVE-2018-9400

Linux Kernel

Published: December 5, 2024

CVE-2018-9403

Published: December 5, 2024

CVE-2018-9404

Published: December 5, 2024

CVE-2018-9439

Linux Kernel

Published: December 5, 2024

CVE-2018-9462

Published: December 5, 2024

CVE-2018-9463

Published: December 5, 2024

CVE-2024-11155

Rockwell Automation Arena

Published: December 5, 2024

CVE-2024-11156

Rockwell Automation Arena

Published: December 5, 2024

CVE-2024-12130

Rockwell Automation Arena

Published: December 5, 2024

CVE-2018-9388

Published: December 5, 2024

CVE-2024-30961

Open Robotics Robotic Operating System 2 (ROS2) navigation2- ROS2-humble

Published: December 5, 2024

CVE-2024-30962

Open Robotics Robotic Operating System 2 (ROS2)

Published: December 5, 2024

CVE-2024-30963

Open Robotics Robotic Operating System 2 (ROS2) navigation2

Published: December 5, 2024

CVE-2024-30964

Open Robotics Robotic Operating System 2 (ROS2) navigation2

Published: December 5, 2024

CVE-2024-48843

ABB ASPECT - Enterprise

Published: December 5, 2024

CVE-2024-48844

ABB ASPECT - Enterprise

Published: December 5, 2024

CVE-2024-52564

UD-LT1 firmware

Published: December 5, 2024

CVE-2024-11316

ABB ASPECT - Enterprise

Published: December 5, 2024

CVE-2024-51546

ABB ASPECT - Enterprise

Published: December 5, 2024

CVE-2024-40763

SonicWall SMA100 SSLVPN

Published: December 5, 2024

CVE-2024-11941

Drupal Core

Published: December 5, 2024

CVE-2024-53856

Published: December 5, 2024

CVE-2024-53857

Published: December 5, 2024

CVE-2024-53490

Favorites-web

Published: December 5, 2024

CVE-2024-11148

Published: December 5, 2024

CVE-2024-53523

Published: December 5, 2024

CVE-2024-38910

Open Robotics Robotic Operating System 2 (ROS2)

Published: December 5, 2024

CVE-2024-12187

1000 Projects Library Management System

Published: December 5, 2024

CVE-2024-12188

1000 Projects Library Management System

Published: December 5, 2024

CVE-2024-12228

complaint_management_system

Published: December 5, 2024

CVE-2024-12229

complaint_management_system

Published: December 5, 2024

CVE-2024-12230

complaint_management_system

Published: December 5, 2024

CVE-2024-12231

CodeZips Project Management System

Published: December 5, 2024

CVE-2024-12233

Online Notice Board

Published: December 5, 2024

CVE-2024-12234

1000 Projects Beauty Parlour Management System

Published: December 5, 2024

CVE-2024-37860

Open Robotic Operating System 2 ROS2 navigation2

Published: December 5, 2024

CVE-2024-37862

Open Robotic Robotic Operating System 2 ROS2 navigation2

Published: December 5, 2024

CVE-2024-47133

UD-LT1 firmware

Published: December 5, 2024

CVE-2024-48846

ABB ASPECT - Enterprise

Published: December 5, 2024

CVE-2018-9416

Published: December 5, 2024

CVE-2024-11158

Rockwell Automation Arena

Published: December 5, 2024

CVE-2017-13308

Published: December 5, 2024

CVE-2018-9386

htc reboot_block driver

Published: December 5, 2024

CVE-2018-9390

Published: December 5, 2024

CVE-2018-9391

MediaTek GPS HAL

Published: December 5, 2024

CVE-2018-9407

Linux Kernel

Published: December 5, 2024

CVE-2024-45841

UD-LT1 firmware

Published: December 5, 2024

CVE-2024-10881

LUNA RADIO PLAYER plugin for WordPress

Published: December 5, 2024

CVE-2024-10178

Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor plugin for WordPress

Published: December 5, 2024

CVE-2024-10056

Contact Form Builder by vcita plugin for WordPress

Published: December 5, 2024

CVE-2024-10848

NewsMunch theme for WordPress

Published: December 5, 2024

CVE-2024-11420

Blocksy theme for WordPress

Published: December 5, 2024

CVE-2024-11779

WIP WooCarousel Lite plugin for WordPress

Published: December 5, 2024

CVE-2024-45319

SonicWall SMA100 SSLVPN

Published: December 5, 2024

CVE-2024-12235

Published: December 5, 2024

CVE-2024-11324

Accounting for WooCommerce plugin for WordPress

Published: December 5, 2024

CVE-2024-53470

Published: December 5, 2024

CVE-2024-53471

Published: December 5, 2024

CVE-2024-11942

Drupal Core

Published: December 5, 2024

CVE-2024-10716

Pega Platform

Published: December 5, 2024

CVE-2024-54128

Published: December 5, 2024

CVE-2018-9408

Published: December 5, 2024

CVE-2024-12227

MSI Dragon Center

Published: December 5, 2024

CVE-2024-54001

Published: December 5, 2024

CVE-2024-53846

OTP (Erlang/OTP)

Published: December 5, 2024

CVE-2024-53457

Published: December 5, 2024

CVE-2024-12185

Hotel Management System

Published: December 5, 2024

CVE-2024-12186

Hotel Management System

Published: December 5, 2024

CVE-2024-10937

Related Posts, Inline Related Posts, Contextual Related Posts, Related Content By PickPlugins plugin for WordPress

Published: December 5, 2024

CVE-2024-53702

SonicWall SMA100 SSLVPN

Published: December 5, 2024

CVE-2024-10933

Published: December 5, 2024

CVE-2024-12247

Published: December 5, 2024

CVE-2024-10777

AnyWhere Elementor plugin for WordPress

Published: December 5, 2024

CVE-2024-11341

Simple Redirection plugin for WordPress

Published: December 5, 2024

CVE-2024-54679

Published: December 5, 2024

CVE-2024-54014

Skylark App for Android

Published: December 5, 2024

CVE-2024-12232

Simple CRUD Functionality

Published: December 5, 2024

CVE-2024-42195

HCL DevOps Deploy / HCL Launch

Published: December 5, 2024

CVE-2024-52270

DropBox Sign(HelloSign)

Published: December 5, 2024

CVE-2024-12094

Tinxy mobile app

Published: December 5, 2024

CVE-2024-54126

TP-Link Archer C50

Published: December 5, 2024

CVE-2024-54127

TP-Link Archer C50

Published: December 5, 2024

CVE-2024-52271

Published: December 5, 2024

CVE-2024-54129

NASA’s Interplanetary Overlay Network (ION) - ION-DTN BPv7 implementation

Published: December 5, 2024

CVE-2024-54130

NASA’s Interplanetary Overlay Network (ION) - ION-DTN BPv7 software

Published: December 5, 2024

CVE-2021-0937

Published: December 5, 2024

CVE-2024-12064

Published: December 5, 2024

CVE-2024-54140

sigstore-java

Published: December 5, 2024

CVE-2024-52798

path-to-regexp

Published: December 5, 2024

» Click here to see all Vulnerabilities «