Tag: 2024-12-05

7 Attack Reports | 126 Vulnerabilities

Attack reports

Something to Remember Us By: Device Confiscated by Russian Authorities Returned with Monokle-Type Spyware Installed

A joint investigation by The First Department and The Citizen Lab uncovered spyware covertly implanted on a Russian programmer's phone after it was confiscated by authorities. The individual, accused of sending money to Ukraine, was subjected to beatings and recruitment attempts by the FSB during h…
surveillance
android
russia
spyware
2024-12-05
monokle
trojanized app
device confiscation
fsb
Published: December 5, 2024
Downloadable IOCs: 0

Leveraging Cloudflare Tunnels for GammaDrop Infrastructure

BlueAlpha, a Russian state-sponsored cyber threat group, has evolved its malware delivery tactics by exploiting Cloudflare Tunnels to conceal GammaDrop staging infrastructure. The group employs HTML smuggling with sophisticated modifications to bypass email security systems and uses DNS fast-fluxin…
apt
spearphishing
html smuggling
2024-12-05
gammadrop
obfuscation techniques
gammaload
cloudflare tunnels
russian state-sponsored
dns fast-fluxing
Published: December 5, 2024
Downloadable IOCs: 1

BlueAlpha Abuses Cloudflare Tunneling Service for GammaDrop Staging Infrastructure

BlueAlpha, a Russian state-sponsored cyber threat group, has evolved its malware delivery tactics by exploiting Cloudflare Tunnels to conceal GammaDrop staging infrastructure. The group employs HTML smuggling with sophisticated modifications to bypass email security systems and uses DNS fast-fluxin…
apt
spearphishing
html smuggling
2024-12-05
gammadrop
obfuscation techniques
gammaload
cloudflare tunnels
russian state-sponsored
dns fast-fluxing
Published: December 5, 2024
Downloadable IOCs: 0

Threat Actor Targets Manufacturing Industry With Malware

A sophisticated cyberattack campaign targeting the manufacturing industry has been identified, utilizing a deceptive LNK file disguised as a PDF document. The attack leverages multiple Living-off-the-Land Binaries and Google Accelerated Mobile Pages to evade detection. The threat actor employs vari…
powershell
lumma stealer
dll sideloading
lnk file
process injection
manufacturing
code injection
2024-12-05
amadey bot
amp url
Published: December 5, 2024
Downloadable IOCs: 0

MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur's Multi-Platform Attacks

Earth Minotaur, a threat actor targeting Tibetan and Uyghur communities, utilizes the MOONSHINE exploit kit to compromise Android devices and install the DarkNimbus backdoor. The exploit kit targets vulnerabilities in instant messaging apps, particularly WeChat, and has been updated with new exploi…
backdoor
android
shadowpad
2024-12-05
exploit kit
darknimbus
moonshine
Published: December 5, 2024
Downloadable IOCs: 0

Snowblind: The Invisible Hand of Secret Blizzard

A Russian-based threat actor, Secret Blizzard, has infiltrated 33 command-and-control nodes of a Pakistani-based actor, Storm-0156. Over two years, Secret Blizzard leveraged this access to deploy malware into Afghan government networks and potentially acquired data from Pakistani operators' worksta…
espionage
2024-12-05
secret blizzard
crimsonrat
snowblind
Published: December 5, 2024
Downloadable IOCs: 0

Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage

The Russian state-sponsored threat actor Secret Blizzard has been observed compromising the infrastructure of Storm-0156, a Pakistan-based espionage group, to conduct their own espionage operations. Since November 2022, Secret Blizzard has used Storm-0156's backdoors to deploy their own malware on …
espionage
russia
2024-12-05
tinyturla
storm-0156
secret blizzard
Published: December 5, 2024
Downloadable IOCs: 0
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-11317

10.0
    ABB ASPECT - Enterprise
    NEXUS Series
    MATRIX Series
Published: December 5, 2024

CVE-2024-48839

10.0
    ABB ASPECT - Enterprise
    NEXUS Series
    MATRIX Series
Published: December 5, 2024

CVE-2024-48840

10.0
    ABB ASPECT - Enterprise
    NEXUS Series
    MATRIX Series
Published: December 5, 2024

CVE-2024-51545

10.0
    ABB ASPECT - Enterprise
    NEXUS Series
    MATRIX Series
Published: December 5, 2024

CVE-2024-51549

10.0
    ABB ASPECT - Enterprise
    NEXUS Series
    MATRIX Series
Published: December 5, 2024

CVE-2024-51550

10.0
    ABB ASPECT - Enterprise
    NEXUS Series
    MATRIX Series
Published: December 5, 2024

CVE-2024-51551

10.0
    ABB ASPECT
Published: December 5, 2024

CVE-2024-51555

10.0
    ABB ASPECT - Enterprise
    NEXUS Series
    MATRIX Series
Published: December 5, 2024

CVE-2024-51548

9.9
    ABB ASPECT - Enterprise
    NEXUS Series
    MATRIX Series
Published: December 5, 2024

CVE-2024-6784

9.9
    ABB ASPECT - Enterprise
    NEXUS Series
    MATRIX Series
Published: December 5, 2024

CVE-2023-48010

9.8
    STMicroelectronics SPC58 PowerPC microcontrollers
Published: December 5, 2024

CVE-2024-41579

9.8
    DTStack Taier
Published: December 5, 2024

CVE-2024-53442

9.8
    whapa
Published: December 5, 2024

CVE-2018-9388

9.8
    Google
  • Android
Published: December 5, 2024

CVE-2024-37861

9.8
    ROS2
    Nav2
Published: December 5, 2024

CVE-2024-37863

9.8
    Open Robotics Robotic Operating System 2 (ROS2)
    Nav2
Published: December 5, 2024

CVE-2024-6515

9.6
    ABB ASPECT - Enterprise
    NEXUS Series
    MATRIX Series
Published: December 5, 2024

CVE-2024-48845

9.4
    ABB ASPECT - Enterprise
    NEXUS Series
    MATRIX Series
Published: December 5, 2024

CVE-2024-54221

9.3
    Roninwp FAT Services Booking
Published: December 5, 2024

CVE-2024-51554

9.1
    ABB ASPECT - Enterprise
    NEXUS Series
    MATRIX Series
Published: December 5, 2024

CVE-2023-50913

9.1
    Oxide control plane software
Published: December 5, 2024

CVE-2024-38920

9.1
    Open Robotics Robotic Operating System 2 (ROS2)
    Nav2
Published: December 5, 2024

CVE-2024-6516

9.0
    ABB ASPECT - Enterprise
    NEXUS Series
    MATRIX Series
Published: December 5, 2024

CVE-2024-11429

8.8
    Free Responsive Testimonials, Social Proof Reviews, and Customer Reviews – Stars Testimonials plugin for WordPress
Published: December 5, 2024

CVE-2024-53472

8.8
    WeGIA
Published: December 5, 2024

CVE-2024-53589

8.4
    GNU objdump
Published: December 5, 2024

CVE-2022-41137

8.3
    Apache Hive Metastore (HMS)
Published: December 5, 2024

CVE-2024-48847

8.2
    ABB ASPECT - Enterprise
    NEXUS Series
    MATRIX Series
Published: December 5, 2024

CVE-2024-51541

8.2
    ABB ASPECT - Enterprise
    NEXUS Series
    MATRIX Series
Published: December 5, 2024

CVE-2024-51542

8.2
    ABB ASPECT - Enterprise
    NEXUS Series
    MATRIX Series
Published: December 5, 2024

CVE-2024-51543

8.2
    ABB ASPECT - Enterprise
    NEXUS Series
    MATRIX Series
Published: December 5, 2024

CVE-2024-51544

8.2
    ABB ASPECT - Enterprise
    NEXUS Series
    MATRIX Series
Published: December 5, 2024

CVE-2024-45318

8.1
    SonicWall SMA100 SSLVPN
Published: December 5, 2024

CVE-2024-53703

8.1
    SonicWall SMA100 SSLVPN firmware
Published: December 5, 2024

CVE-2018-9402

7.8
    Google
  • Android
Published: December 5, 2024

CVE-2024-11155

7.8
    Rockwell Automation Arena
Published: December 5, 2024

CVE-2024-11156

7.8
    Rockwellautomation
  • Arena
Published: December 5, 2024

CVE-2024-12130

7.8
    Rockwellautomation
  • Arena
Published: December 5, 2024

CVE-2024-30961

7.8
    Openrobotics
  • Robot Operating System
Published: December 5, 2024

CVE-2024-30962

7.8
    Openrobotics
  • Robot Operating System
Published: December 5, 2024

CVE-2024-30963

7.8
    Open Robotics Robotic Operating System 2 (ROS2) navigation2
Published: December 5, 2024

CVE-2024-30964

7.8
    Open Robotics Robotic Operating System 2 (ROS2) navigation2
Published: December 5, 2024

CVE-2024-48843

7.7
    ABB ASPECT - Enterprise
    NEXUS Series
    MATRIX Series
Published: December 5, 2024

CVE-2024-48844

7.7
    ABB ASPECT - Enterprise
    NEXUS Series
    MATRIX Series
Published: December 5, 2024

CVE-2024-52564

7.5
    UD-LT1 firmware
    UD-LT1/EX firmware
Published: December 5, 2024

CVE-2024-11316

7.5
    ABB ASPECT - Enterprise
    NEXUS Series
    MATRIX Series
Published: December 5, 2024

CVE-2024-51546

7.5
    ABB ASPECT - Enterprise
    NEXUS Series
    MATRIX Series
Published: December 5, 2024

CVE-2024-40763

7.5
    SonicWall SMA100 SSLVPN
Published: December 5, 2024

CVE-2024-11941

7.5
    Drupal Core
Published: December 5, 2024

CVE-2024-53856

7.5
    rPGP
Published: December 5, 2024

CVE-2024-53857

7.5
    rPGP
Published: December 5, 2024

CVE-2024-53490

7.5
    Favorites-web
Published: December 5, 2024

CVE-2024-11148

7.5
    OpenBSD
Published: December 5, 2024

CVE-2024-53523

7.5
    JSFinder
Published: December 5, 2024

CVE-2024-38910

7.5
    Open Robotics Robotic Operating System 2 (ROS2)
Published: December 5, 2024

CVE-2024-12187

7.3
    1000projects
  • Library Management System
Published: December 5, 2024

CVE-2024-12188

7.3
    1000projects
  • Library Management System
Published: December 5, 2024

CVE-2024-12228

7.3
    Phpgurukul
  • Complaint Management System
Published: December 5, 2024

CVE-2024-12229

7.3
    Phpgurukul
  • Complaint Management System
Published: December 5, 2024

CVE-2024-12230

7.3
    Phpgurukul
  • Complaint Management System
Published: December 5, 2024

CVE-2024-12231

7.3
    CodeZips Project Management System
Published: December 5, 2024

CVE-2024-12233

7.3
    Fabianros
  • Online Notice Board
Published: December 5, 2024

CVE-2024-12234

7.3
    1000projects
  • Beauty Parlour Management System
Published: December 5, 2024

CVE-2024-37860

7.3
    Open Robotic Operating System 2 ROS2 navigation2
Published: December 5, 2024

CVE-2024-37862

7.3
    Open Robotic Robotic Operating System 2 ROS2 navigation2
Published: December 5, 2024

CVE-2024-47133

7.2
    UD-LT1 firmware
    UD-LT1/EX firmware
Published: December 5, 2024

CVE-2024-48846

7.1
    ABB ASPECT - Enterprise
    NEXUS Series
    MATRIX Series
Published: December 5, 2024

CVE-2018-9397

6.7
    Google
  • Android
Published: December 5, 2024

CVE-2018-9398

6.7
    Google
  • Android
Published: December 5, 2024

CVE-2018-9399

6.7
    Google
  • Android
Published: December 5, 2024

CVE-2018-9400

6.7
    Google
  • Android
Published: December 5, 2024

CVE-2018-9403

6.7
    Google
  • Android
Published: December 5, 2024

CVE-2018-9404

6.7
    Google
  • Android
Published: December 5, 2024

CVE-2018-9416

6.7
    Google
  • Android
Published: December 5, 2024

CVE-2018-9439

6.7
    Google
  • Android
Published: December 5, 2024

CVE-2018-9462

6.7
    Google
  • Android
Published: December 5, 2024

CVE-2018-9463

6.7
    Google
  • Android
Published: December 5, 2024

CVE-2024-11158

6.7
    Rockwell Automation Arena
Published: December 5, 2024

CVE-2017-13308

6.7
    Google
  • Android
Published: December 5, 2024

CVE-2018-9386

6.7
    Google
  • Android
Published: December 5, 2024

CVE-2018-9390

6.7
    Google
  • Android
Published: December 5, 2024

CVE-2018-9391

6.7
    Google
  • Android
Published: December 5, 2024

CVE-2024-45841

6.5
    UD-LT1 firmware
    UD-LT1/EX firmware
Published: December 5, 2024

CVE-2024-10881

6.4
    LUNA RADIO PLAYER plugin for WordPress
Published: December 5, 2024

CVE-2024-10178

6.4
    Gutentor – Gutenberg Blocks – Page Builder for Gutenberg Editor plugin for WordPress
Published: December 5, 2024

CVE-2024-10056

6.4
    Contact Form Builder by vcita plugin for WordPress
Published: December 5, 2024

CVE-2024-10848

6.4
    NewsMunch theme for WordPress
Published: December 5, 2024

CVE-2024-11420

6.4
    Blocksy theme for WordPress
Published: December 5, 2024

CVE-2024-11779

6.4
    WIP WooCarousel Lite plugin for WordPress
Published: December 5, 2024

CVE-2024-45319

6.3
    SonicWall SMA100 SSLVPN
Published: December 5, 2024

CVE-2024-12235

6.3
    AgileBPM
Published: December 5, 2024

CVE-2024-11324

6.1
    Accounting for WooCommerce plugin for WordPress
Published: December 5, 2024

CVE-2024-53470

6.1
    WeGIA
Published: December 5, 2024

CVE-2024-53471

6.1
    WeGIA
Published: December 5, 2024

CVE-2024-11942

5.9
    Drupal Core
Published: December 5, 2024

CVE-2024-10716

5.9
    Pega Platform
Published: December 5, 2024

CVE-2024-54128

5.7
    Directus
Published: December 5, 2024

CVE-2018-9407

5.5
    Google
  • Android
Published: December 5, 2024

CVE-2024-12227

5.5
    MSI Dragon Center
Published: December 5, 2024

CVE-2024-54001

5.5
    Kanboard
Published: December 5, 2024

CVE-2024-53846

5.5
    OTP (Erlang/OTP)
Published: December 5, 2024

CVE-2024-53457

5.4
    LibreNMS
Published: December 5, 2024

CVE-2024-12185

5.3
    Code-Projects
  • Hotel Management System
Published: December 5, 2024

CVE-2024-12186

5.3
    Code-Projects
  • Hotel Management System
Published: December 5, 2024

CVE-2024-10937

5.3
    Related Posts, Inline Related Posts, Contextual Related Posts, Related Content By PickPlugins plugin for WordPress
Published: December 5, 2024

CVE-2024-53702

5.3
    SonicWall SMA100 SSLVPN
Published: December 5, 2024

CVE-2024-10933

5.0
    OpenBSD
Published: December 5, 2024

CVE-2024-12247

4.6
    Mattermost
Published: December 5, 2024

CVE-2018-9408

4.4
    Google
  • Android
Published: December 5, 2024

CVE-2024-10777

4.3
    AnyWhere Elementor plugin for WordPress
Published: December 5, 2024

CVE-2024-11341

4.3
    Simple Redirection plugin for WordPress
Published: December 5, 2024

CVE-2024-54679

4.3
    CyberPanel
Published: December 5, 2024

CVE-2024-54014

3.6
    Skylark App for Android
    Skylark App for iOS
Published: December 5, 2024

CVE-2024-12232

3.5
    Simple CRUD Functionality
Published: December 5, 2024

CVE-2024-42195

3.1
    HCL DevOps Deploy / HCL Launch
Published: December 5, 2024

CVE-2024-52270

None
    DropBox Sign(HelloSign)
Published: December 5, 2024

CVE-2024-12094

None
    Tinxy mobile app
Published: December 5, 2024

CVE-2024-54126

None
    TP-Link Archer C50
Published: December 5, 2024

CVE-2024-54127

None
    TP-Link Archer C50
Published: December 5, 2024

CVE-2024-52271

None
    Documenso
Published: December 5, 2024

CVE-2024-54129

None
    NASA’s Interplanetary Overlay Network (ION) - ION-DTN BPv7 implementation
Published: December 5, 2024

CVE-2024-54130

None
    NASA’s Interplanetary Overlay Network (ION) - ION-DTN BPv7 software
Published: December 5, 2024

CVE-2021-0937

None
    UNKNOWN
Published: December 5, 2024

CVE-2024-12064

None
    UNKNOWN
Published: December 5, 2024

CVE-2024-54140

None
    sigstore-java
Published: December 5, 2024

CVE-2024-52798

None
    path-to-regexp
Published: December 5, 2024
Click here to see more Vulnerabilities