Tag: 2024-12-23

2 Attack Reports | 30 Vulnerabilities

Attack reports

Cloud Atlas using a new backdoor, VBCloud, to steal data

Cloud Atlas, a threat group active since 2014, has introduced a new backdoor called VBCloud in its latest campaign targeting Eastern Europe and Central Asia. The attack chain begins with phishing emails containing malicious documents exploiting CVE-2018-0802. The infection process involves download…
2024-12-23
CVE-2018-0802
vbcloud
vbshower
Published: December 23, 2024
Linked vulnerabilities : CVE-2018-0802
Downloadable IOCs: 16

Modiloader From Obfuscated Batch File

An investigation of a file named 'Albertsons_payment.GZ' revealed a sophisticated malware delivery chain. The file, initially disguised as an image, was actually a Windows Cabinet file containing an obfuscated batch script. This script employed string slicing techniques to reconstruct commands and …
obfuscation
modiloader
2024-12-23
Published: December 23, 2024
Downloadable IOCs: 5
Click here to see more Attack Reports

Vulnerabilities

CVE-2024-45387

9.9
    Apache Traffic Control
Published: December 23, 2024

CVE-2024-46873

9.8
    SHARP routers
Published: December 23, 2024

CVE-2024-54148

9.8
    Gogs
Published: December 23, 2024

CVE-2024-40896

9.1
    libxml2
Published: December 23, 2024

CVE-2024-56201

8.8
    Jinja
Published: December 23, 2024

CVE-2024-12902

8.4
    ANCHOR from Global Wisdom Software
Published: December 23, 2024

CVE-2024-12903

7.8
    Evoko Home
Published: December 23, 2024

CVE-2024-53256

7.8
    Rizin
Published: December 23, 2024

CVE-2024-56326

7.8
    Jinja
Published: December 23, 2024

CVE-2024-56363

7.8
    APTRS (Automated Penetration Testing Reporting System)
Published: December 23, 2024

CVE-2024-53961

7.4
    ColdFusion
Published: December 23, 2024

CVE-2024-12899

7.3
    1000projects
  • Attendance Tracking Management System
Published: December 23, 2024

CVE-2024-45721

7.2
    UNKNOWN
Published: December 23, 2024

CVE-2024-54082

7.2
    home 5G HR02
    Wi-Fi STATION SH-54C
Published: December 23, 2024

CVE-2024-56362

7.1
    Navidrome
Published: December 23, 2024

CVE-2024-11230

6.4
    Elementor Header & Footer Builder plugin for WordPress
Published: December 23, 2024

CVE-2024-12898

6.3
    1000projects
  • Attendance Tracking Management System
Published: December 23, 2024

CVE-2024-12900

6.3
    FoxCMS
Published: December 23, 2024

CVE-2018-25106

6.3
    WordPress NebulaX Theme
Published: December 23, 2024

CVE-2024-53276

6.1
    Home-Gallery.org
Published: December 23, 2024

CVE-2024-52321

5.9
    SHARP routers
Published: December 23, 2024

CVE-2024-23945

5.9
    Apache Hive
    Apache Spark
Published: December 23, 2024

CVE-2024-56364

5.4
    SimpleXLSX
Published: December 23, 2024

CVE-2024-47864

5.3
    UNKNOWN
Published: December 23, 2024

CVE-2024-12901

5.3
    FoxCMS
Published: December 23, 2024

CVE-2024-12897

4.3
    Intelbras VIP Series
Published: December 23, 2024

CVE-2024-56378

4.3
    Poppler
Published: December 23, 2024

CVE-2024-53275

4.3
    Home-Gallery.org
Published: December 23, 2024

CVE-2024-55539

2.5
    Acronis Cyber Protect Cloud Agent (Linux)
Published: December 23, 2024

CVE-2024-55947

None
    Gogs
Published: December 23, 2024
Click here to see more Vulnerabilities