ioc.one
Open in
urlscan Pro
95.216.115.177
Public Scan
Submitted URL: http://ioc.one/
Effective URL: https://ioc.one/
Submission: On September 11 via manual from FO — Scanned from FI
Effective URL: https://ioc.one/
Submission: On September 11 via manual from FO — Scanned from FI
Form analysis 0 forms found in the DOM
Text Content
Search
* Database
* Urls
* Websites
* PDFs
* Filter
* Misp Threat Cluster
* MISP Tags
* Hints
* Extracted
* Attributes
* Yara rules
* Statistic
* Overview
* Full Time
* Last 30 Days
* Last 7 Days
* Last 24 Hours
* Configuration
* Last Updated Website
* Last Updated Pdf
* RSS Feed Manager
* CTI Provider Manager
* Log Manager
* API
Feedback
* Sign in with
OSINT Cyber Threat Intelligence Database
11.09.2024 | prsol.cc
マイクロソフト、2024年9月のパッチ・チューズデーで4件のゼロデイと79件の欠陥を修正 - PRSOL:CC
.crit { font-weight:bold; color:red; } .article_section td { font-size:
14px!important;}。本日は、マイクロソフトの9月2024日パッチ・チューズデーであり、積極的に悪用されている4件の脆弱性と公表されている1件のゼロデイを含む79件の脆弱性に対するセキュリティ更新が含まれている。
今回のパッチ・チューズデーでは、リモートでコードが実行されたり、特権が昇格されたりする7件の重大な脆弱性が修正された。
各脆弱性カテゴリーにおけるバグの数は以下の通り: 特権昇格の脆弱性 30件 4 セキュリティ機能迂回の脆弱性…
Details & Relations Graph Source
11.09.2024 | thehackernews.com
MICROSOFT ISSUES PATCHES FOR 79 FLAWS, INCLUDING 3 ACTIVELY EXPLOITED WINDOWS
FLAWS
Microsoft’s September 2024 Patch Tuesday fixes 79 security vulnerabilities,
including three actively exploited Windows flaws.
Details & Relations Graph Source
11.09.2024 | thehackernews.com
IVANTI RELEASES URGENT SECURITY UPDATES FOR ENDPOINT MANAGER VULNERABILITIES
Ivanti releases critical security updates for Endpoint Manager, addressing
remote code execution vulnerabilities. Users urged to update immediately.
Details & Relations Graph Source
11.09.2024 | prsol.cc
NONAMEランサムウェアの一団、最近の攻撃でRANSOMHUBマルウェアを展開 - PRSOL:CC
NoNameランサムウェア・ギャングは、暗号化ツールを使って世界中の中小企業をターゲットに3年以上にわたって評判を高めようとしており、現在はRansomHubのアフィリエイトとして活動している可能性がある。
このギャング団は、Spacecolonマルウェア・ファミリーとして知られるカスタム・ツールを使用し、ブルートフォース手法でネットワークにアクセスした後、EternalBlue(CVE-2017-0144)やZeroLogon(CVE-2020-1472)のような古い脆弱性を悪用して展開します。
最近の攻撃では、NoNameはScarab暗号化ツールに取って代わるScRansomランサムウ…
Details & Relations Graph Source
11.09.2024 | securityaffairs.com
IVANTI FIXED A MAXIMUM SEVERITY FLAW IN ITS EPM SOFTWARE
Ivanti fixed a maximum severity flaw in its EPM software that can let attackers
achieve remote code execution on the core server.
Details & Relations Graph Source
11.09.2024 | thecyberexpress.com
MICROSOFT SEPTEMBER 2024 PATCH TUESDAY: ADDRESSING 79 NEW VULNERABILITIES AND
PRODUCT UPDATES
The second Tuesday of September has once again proven to be a significant date
for cybersecurity with Microsoft’s latest Patch
Details & Relations Graph Source
11.09.2024 | infosecurity-magazine.com
MICROSOFT FIXES FOUR ACTIVELY EXPLOITED ZERO-DAYS
September’s Patch Tuesday fix-list features scores of CVEs including four
zero-day vulnerabilities
Details & Relations Graph Source
11.09.2024 | redpacketsecurity.com
IVANTI RELEASES URGENT SECURITY UPDATES FOR ENDPOINT MANAGER VULNERABILITIES -
REDPACKET SECURITY
Ivanti has released software updates to address multiple security flaws
impacting Endpoint Manager (EPM), including 10 critical vulnerabilities that
could
Details & Relations Graph Source
11.09.2024 | redpacketsecurity.com
MICROSOFT ISSUES PATCHES FOR 79 FLAWS, INCLUDING 3 ACTIVELY EXPLOITED WINDOWS
FLAWS - REDPACKET SECURITY
Microsoft on Tuesday disclosed that three new security flaws impacting the
Windows platform have come under active exploitation as part of its Patch
Tuesday
Details & Relations Graph Source
11.09.2024 | securityaffairs.com
MICROSOFT PATCH TUESDAY SECURITY UPDATES FOR SEPTEMBER 2024 ADDRESSED FOUR
ACTIVELY EXPLOITED ZERO-DAYS
Microsoft Patch Tuesday security updates for September 2024 addressed 79 flaws,
including four actively exploited zero-day flaws.
Details & Relations Graph Source
11.09.2024 | medium.com
SEPTEMBER 2024 : MICROSOFT PATCH TUESDAY SUMMARY.
Includes 4 ACTIVELY-EXPLOITED 0-day flaws
Details & Relations Graph Source
11.09.2024 | redpacketsecurity.com
MICROSOFT MONTHLY SECURITY UPDATE (SEPTEMBER 2024) - REDPACKET SECURITY
Microsoft has released monthly security update for their products:
Details & Relations Graph Source
11.09.2024 | medium.com
MICROSOFT SEPTEMBER 2024 PATCH TUESDAY FIXES 4 ZERO-DAYS, 79 FLAWS
Today is Microsoft’s September 2024 Patch Tuesday, which includes security
updates for 79 flaws, including four actively exploited and one…
Details & Relations Graph Source
11.09.2024 | malware.news
2024-09-10 KIMSUKY (NORTH KOREAN APT) SAMPLE (SAKAI @SAKAIJJAN - TERMS AND
CONDITIONS.MSC)
2024-09-10 Sakai @sakaijjang 김수키(Kimsuky) 에서 만든 악성코드-Terms and conditions(이용
약관).msc(2024.9.6) - Kimsuky (North Korea) - Terms and Conditions.msc by
https://x.com/sakaijjang?lang=en Article translation in English More about
Kimsuky: 2020-10-27 CISA North Korean Advanced Persistent Threat Focu…
Details & Relations Graph Source
11.09.2024 | redpacketsecurity.com
CISA: CISA RELEASES FOUR INDUSTRIAL CONTROL SYSTEMS ADVISORIES - REDPACKET
SECURITY
CISA Releases Four Industrial Control Systems Advisories
Details & Relations Graph Source
11.09.2024 | ahnlab.com
MS FAMILY SEPTEMBER 2024 ROUTINE SECURITY UPDATE ADVISORY - ASEC
Overview Microsoft(https://www.microsoft.com) has released a security update
that fixes vulnerabilities in products it has supplied. Users of affected
products are advised to update to the latest version. Affected Products
Azure Product line Azure CycleCloud 8.0.0 Azure CycleCloud 8.0.1 Azu…
Details & Relations Graph Source
11.09.2024 | ahnlab.com
MS 제품군 2024년 9월 정기 보안 업데이트 권고 - ASEC
개요 Microsoft (https://www.microsoft.com) 에서는 공급한 제품의 취약점을 해결하는 보안 업데이트를
발표하였습니다. 해당하는 제품 사용자는 최신 버전으로 업데이트하시기 바랍니다. 대상 제품 Azure 제품군 Azure
CycleCloud 8.0.0 Azure CycleCloud 8.0.1 Azure CycleCloud 8.0.2 Azure CycleCloud
8.1.0 Azure CycleCloud 8.1.1 Azure CycleCloud 8.2.0 Azure CycleCloud 8.2.…
Details & Relations Graph Source
11.09.2024 | ahnlab.com
SIEMENS PRODUCT SECURITY UPDATE ADVISORY - ASEC
Overview An update has been released to address vulnerabilities in Siemens
Products. Users of the affected versions are advised to update to the latest
version. Affected Products CVE-2024-37990 SIMATIC Reader RF610R CMIIT
versions: ~ 4.2 (excluded) SIMATIC Reader RF610R ETSI versions: ~ 4.2 (ex…
Details & Relations Graph Source
11.09.2024 | anquanke.com
CISA 确认 SONICWALL 漏洞正在被利用 (CVE-2024-40766)-安全客 - 安全资讯平台
安全客 - 安全资讯平台
Details & Relations Graph Source
11.09.2024 | anquanke.com
美国 CISA 将 SONICWALL SONICOS、IMAGEMAGICK 和 LINUX 内核漏洞添加到其已知已利用漏洞目录中-安全客 - 安全资讯平台
安全客 - 安全资讯平台
Details & Relations Graph Source
11.09.2024 | anquanke.com
微软修复了 4 个被利用的零日漏洞和一个导致早期安全修复失效的代码漏洞-安全客 - 安全资讯平台
安全客 - 安全资讯平台
Details & Relations Graph Source
11.09.2024 | anquanke.com
PREDATOR 间谍软件更新了危险新功能,升级版更加难以追踪-安全客 - 安全资讯平台
安全客 - 安全资讯平台
Details & Relations Graph Source
11.09.2024 | google.com
INSIGHTS ON CYBER THREATS TARGETING USERS AND ENTERPRISES IN MEXICO | GOOGLE
CLOUD BLOG
Mexico faces a cyber threat landscape made up of a complex interplay of global
and local threats.
Details & Relations Graph Source
11.09.2024 | ahnlab.com
SIEMENS 제품 보안 업데이트 권고 - ASEC
개요 Siemens 제품에서 발생하는 취약점을 해결하는 업데이트를 발표하였습니다. 해당하는 버전의 사용자는 최신 버전으로 업데이트하시기
바랍니다. 대상 제품 CVE-2024-37990 SIMATIC Reader RF610R CMIIT 버전: ~ 4.2(제외) SIMATIC
Reader RF610R ETSI 버전: ~ 4.2(제외) SIMATIC Reader RF610R FCC 버전: ~ 4.2(제외) SIMATIC
Reader RF615R CMIIT 버전: ~ 4.2(제외) SIMATIC Reader RF615R ETSI …
Details & Relations Graph Source
11.09.2024 | aqniu.com
《电子政务电子认证服务管理办法》发布;京东、淘宝等62款APP完成个人信息收集使用合规整改 | 牛览 - 安全牛
安全牛
Details & Relations Graph Source
10.09.2024 | qualys.com
MICROSOFT PATCH TUESDAY, SEPTEMBER 2024 SECURITY UPDATE REVIEW – QUALYS
THREATPROTECT
Details & Relations Graph Source
10.09.2024 | tistory.com
김수키(KIMSUKY) 에서 만든 악성코드-TERMS AND CONDITIONS(이용 약관).MSC(2024.9.6)
오늘은 김수키(Kimsuky) 에서 만든 악성코드-Terms and conditions.msc에 대해 알아보겠습니다. 일단 해당 악성코드
해쉬값은 다음과 같습니다. 파일명:Terms and conditions.msc 사이즈:141 KB
MD5:81d224649328a61c899be9403d1de92d
SHA-1:f4895809cb38fa1f225340e99c05e477a5017111
SHA-256:cea22277e0d7fe38a3755bdb8baa9fe203bd54ad4d79c7068116f15a50711b09 해당
악성코드는 T…
Details & Relations Graph Source
10.09.2024 | redpacketsecurity.com
CISA: CISA ADDS FOUR KNOWN EXPLOITED VULNERABILITIES TO CATALOG - REDPACKET
SECURITY
CISA Adds Four Known Exploited Vulnerabilities to Catalog
Details & Relations Graph Source
10.09.2024 | thehackernews.com
COSMICBEETLE DEPLOYS CUSTOM SCRANSOM RANSOMWARE, PARTNERING WITH RANSOMHUB
Discover how CosmicBeetle's new ScRansom ransomware targets SMBs globally, its
evolution from Scarab, and the latest cybersecurity threats facing busi
Details & Relations Graph Source
10.09.2024 | rapid7.com
PATCH TUESDAY - SEPTEMBER 2024 | RAPID7 BLOG
Details & Relations Graph Source
10.09.2024 | malware.news
FOUR ZERO-DAYS INCLUDED IN GROUP OF 79 VULNERABILITIES MICROSOFT DISCLOSES,
INCLUDING ONE WITH 9.8 SEVERITY SCORE
Microsoft disclosed four vulnerabilities that are actively being exploited in
the wild as part of its regular Patch Tuesday security update this week in
what’s become a regular occurrence for the company’s patches in 2024. Two of
the zero-day vulnerabilities, CVE-2024-38226 and CVE-2024-38014, exi…
Details & Relations Graph Source
10.09.2024 | redpacketsecurity.com
COSMICBEETLE DEPLOYS CUSTOM SCRANSOM RANSOMWARE, PARTNERING WITH RANSOMHUB -
REDPACKET SECURITY
The threat actor known as CosmicBeetle has debuted a new custom ransomware
strain called ScRansom in attacks targeting small- and medium-sized businesses
Details & Relations Graph Source
10.09.2024 | securityboulevard.com
PATCH TUESDAY UPDATE - SEPTEMBER 2024
The post Patch Tuesday Update - September 2024 appeared first on Digital
Defense.
Details & Relations Graph Source
10.09.2024 | malware.news
INSIGHTS ON CYBER THREATS TARGETING USERS AND ENTERPRISES IN MEXICO
Written by: Aurora Blum, Kelli Vanderlee Like many countries across the globe,
Mexico faces a cyber threat landscape made up of a complex interplay of global
and local threats, with threat actors carrying out attempted intrusions into
critical sectors of Mexican society. Mexico also faces threats…
Details & Relations Graph Source
10.09.2024 | thehackernews.com
EXPERTS IDENTIFY 3 CHINESE-LINKED CLUSTERS BEHIND CYBERATTACKS IN SOUTHEAST ASIA
Chinese-linked cyber espionage targets Southeast Asian governments, using
sophisticated malware to infiltrate and steal sensitive data.
Details & Relations Graph Source
10.09.2024 | redpacketsecurity.com
EXPERTS IDENTIFY 3 CHINESE-LINKED CLUSTERS BEHIND CYBERATTACKS IN SOUTHEAST ASIA
- REDPACKET SECURITY
A trio of threat activity clusters linked to China has been observed
compromising more government organizations in Southeast Asia as part of a
renewed
Details & Relations Graph Source
10.09.2024 | domaintools.com
RETAIL TARGETED CAMPAIGNS—DOMAIN FRAUD, BRAND IMPERSONATION, AND PONZI SCHEMES,
OH MY! - DOMAINTOOLS | START HERE. KNOW NOW.
DomainTools highlights several ways threat actors seek to take advantage of the
retail cybersecurity landscape and aid in understanding how such activity can be
enumerated and “clustered” to help organizations defend themselves.
Details & Relations Graph Source
10.09.2024 | talosintelligence.com
FOUR ZERO-DAYS INCLUDED IN GROUP OF 79 VULNERABILITIES MICROSOFT DISCLOSES,
INCLUDING ONE WITH 9.8 SEVERITY SCORE
September’s monthly round of patches from Microsoft included 79 vulnerabilities,
seven of which are considered critical.
Details & Relations Graph Source
10.09.2024 | medium.com
CYBER BRIEFING: 2024.09.10
👉 What’s the latest in the cyber world today?
Details & Relations Graph Source
10.09.2024 | tenable.com
MICROSOFT’S SEPTEMBER 2024 PATCH TUESDAY ADDRESSES 79 CVES (CVE-2024-43491)
Microsoft addresses 79 CVEs with seven critical vulnerabilities and four
zero-day vulnerabilities, including three that were exploited in the wild.
Details & Relations Graph Source
10.09.2024 | gbhackers.com
CHINESE HACKERS USING OPEN SOURCE TOOLS LIKE NMAP TO LAUNCH CYBER ATTACKS
Three Chinese state-backed threat groups, APT10, GALLIUM, and Stately Taurus,
have repeatedly employed a modified version of the open-source
Details & Relations Graph Source
10.09.2024 | threatdown.com
RANSOMWARE GANGS TARGET SONICWALL VULNERABILITY
SonicWall is urging customers affected by CVE-2024-40766 to “please apply the
patch as soon as possible.”…
Details & Relations Graph Source
10.09.2024 | malware.news
SANITIZE YOUR C++ CONTAINERS: ASAN ANNOTATIONS STEP-BY-STEP
By Dominik Klemba and Dominik Czarnota AddressSanitizer (ASan) is a compiler
plugin that helps detect memory errors like buffer overflows or use-after-frees.
In this post, we explain how to equip your C++ code with ASan annotations to
find more bugs. We also show our work on ASan in GCC and LLVM. …
Details & Relations Graph Source
10.09.2024 | malware.news
THERE’S SOMETHING ABOUT CRYPTBOT: YET ANOTHER SILLY STEALER (YASS)
Recently Intezer was investigating a file that we came across during alert
triage. This particular file piqued our interest due to the interesting delivery
chain, and the even more interesting payload, an intricate infostealer. Intezer
has amazing code genetic analysis technology, showing us overl…
Details & Relations Graph Source
10.09.2024 | socradar.io
DARK WEB PROFILE: GLORYSEC - SOCRADAR® CYBER INTELLIGENCE INC.
GlorySec is a hacktivist group that has quickly gained notoriety for targeting
governments and institutions it deems corrupt, particularly in Russia and
Details & Relations Graph Source
10.09.2024 | intezer.com
THERE'S SOMETHING ABOUT CRYPTBOT: YET ANOTHER SILLY STEALER (YASS)
Recently Intezer was investigating a file that we came across during alert
triage. This particular file piqued our interest due to the interesting delivery
chain, and the even more interesting payload, an intricate infostealer. Intezer
has amazing code genetic analysis technology, showing us overla…
Details & Relations Graph Source
10.09.2024 | thezdi.com
ZERO DAY INITIATIVE — THE SEPTEMBER 2024 SECURITY UPDATE REVIEW
We’ve reached September and the pumpkin spice floats in the air. While they
aren’t pumpkin-spiced, Microsoft and Adobe have released their latest spicy
security patches – including some zesty 0-days. Take a break from your regular
activities and join us as we review the details of their latest secur
Details & Relations Graph Source
10.09.2024 | malware.news
FAKE RECRUITER CODING TESTS TARGET DEVS WITH MALICIOUS PYTHON PACKAGES
ReversingLabs researchers have identified new, malicious software packages
believe to be linked to a campaign, VMConnect, that our team first identified in
August 2023 and which has ties to the North Korean hacking team Lazarus Group.
The new samples were tracked to GitHub projects that have been l…
Details & Relations Graph Source
10.09.2024 | sosintel.co.uk
WEEKLY NEWS ROUNDUP - SOS INTELLIGENCE
In August, cybersecurity researchers at Proofpoint discovered a novel malware
campaign, nicknamed "Voldemort," that exploits Google Sheets.
Details & Relations Graph Source
10.09.2024 | cyble.com
CISA ADDS THREE CRITICAL VULNERABILITIES TO KNOWN EXPLOITED VULNERABILITIES
CATALOG - CYBLE
The Cybersecurity and Infrastructure Security Agency (CISA) KEV Catalog adds
CVE-2016-3714, CVE-2017-1000253, and CVE-2024-40766.
Details & Relations Graph Source
10.09.2024 | sophos.com
CRIMSON PALACE RETURNS: NEW TOOLS, TACTICS, AND TARGETS
Chinese cyberespionage campaign renews efforts in multiple organization in
Southeast Asia, blending tactics and expanding efforts
Details & Relations Graph Source
10.09.2024 | paloaltonetworks.com
THREAT ASSESSMENT: REPELLENT SCORPIUS, DISTRIBUTORS OF CICADA3301 RANSOMWARE
Repellent Scorpius distributes Cicada3301 ransomware, using double extortion and
targeting global victims since May 2024. We break down their toolset and more.
Repellent Scorpius distributes Cicada3301 ransomware, using double extortion and
targeting global victims since May 2024. We break down the…
Details & Relations Graph Source
10.09.2024 | gbhackers.com
CISA ISSUES WARNING ABOUT THREE ACTIVELY EXPLOITED VULNERABILITIES IN THE WILD
CISAs Warning Vulnerabilities affect a range of widely used software and
systems, posing risks to organizations and individuals alike.
Details & Relations Graph Source
10.09.2024 | infosecurity-magazine.com
CRITICAL SONICWALL SSLVPN BUG EXPLOITED BY RANSOMWARE ACTORS
Researchers have warned that a critical SonicWall vulnerability is being
exploited in ransomware attacks
Details & Relations Graph Source
10.09.2024 | securityboulevard.com
FAKE RECRUITER CODING TESTS TARGET DEVS WITH MALICIOUS PYTHON PACKAGES
ReversingLabs researchers have identified new, malicious software packages
believe to be linked to a campaign, VMConnect, that our team first identified in
August 2023 and which has ties to the North Korean hacking team Lazarus Group.
The new samples were tracked to GitHub projects that have been l…
Details & Relations Graph Source
10.09.2024 | securityaffairs.com
U.S. CISA ADDS SONICWALL SONICOS, IMAGEMAGICK AND LINUX KERNEL BUGS TO ITS KNOWN
EXPLOITED VULNERABILITIES CATALOG
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SonicWall
SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited
Vulnerabilities catalog.
Details & Relations Graph Source
10.09.2024 | redpacketsecurity.com
CHROMEOS MULTIPLE VULNERABILITIES - REDPACKET SECURITY
Multiple vulnerabilities were identified in ChromeOS. A remote attacker could
exploit some of these vulnerabilities to trigger denial of service condition,
Details & Relations Graph Source
10.09.2024 | checkpoint.com
AUGUST 2024’S MOST WANTED MALWARE: RANSOMHUB REIGNS SUPREME WHILE MEOW
RANSOMWARE SURGES - CHECK POINT BLOG
Check Point’s latest threat index reveals RansomHub's continued dominance and
Meow ransomware's rise with novel tactics and significant impact. Check
Details & Relations Graph Source
10.09.2024 | malware.news
THREAT HUNTING CASE STUDY: UNCOVERING FIN7
FIN7 is one of the most persistent and capable financially motivated threat
actor groups. Here’s how to threat hunt for signs of a FIN7 intrusion. Article
Link: https://intel471.com/blog/threat-hunting-case-study-uncovering-fin7
Details & Relations Graph Source
10.09.2024 | redpacketsecurity.com
CISA: CISA ADDS THREE KNOWN EXPLOITED VULNERABILITIES TO CATALOG - REDPACKET
SECURITY
CISA Adds Three Known Exploited Vulnerabilities to Catalog
Details & Relations Graph Source
10.09.2024 | tistory.com
부고 알림으로 위장 하고 있는 피싱 사이트-U2(.)TO/F4BHFOJ(2024.9.6)
오늘도 멀쩡하게 살아계시는 부모님이 돌아가셨다고 해서 부고 문자 돌리는 스미싱에 대해 알아보겠습니다.존경하신 아버님께서 오랫동안 투병하시다 별세하셨음을 안애드립니다. 장례식장[부고]아버님께서 숙환으로 금일 별세하셨기에 삼가 알려 드립니다 선생님께서 숙환으로 1월11일 새벽2시 별세하셨기에 삼가 알려드립니다. 시간 장소사랑하는 부친께서 금일 별세하였기에 삼가 알려듭립니다.장례식장喪報 (상보)발인:05월2일[노환으로]아버님께 별세하셨기에 알립니다. 주소:[Web발신] 쓰레기무단투기 신고접수 되었습니다. 내용확인:[Web발신] 폐기물무…
Details & Relations Graph Source
10.09.2024 | cisecurity.org
MULTIPLE VULNERABILITIES IN IVANTI PRODUCTS COULD ALLOW FOR REMOTE CODE
EXECUTION
<p>Multiple vulnerabilities have been discovered in Ivanti products, the most
severe of which could allow for remote code execution. </p> <ul> <li>Ivanti
Endpoint Manager is a client-based unified endpoint management software.</li>
<li>Ivanti Cloud Service Appliance (CSA) is an Internet appliance t…
Details & Relations Graph Source
10.09.2024 | anquanke.com
黑客利用 GEOSERVER 漏洞植入后门和僵尸网络恶意软件-安全客 - 安全资讯平台
安全客 - 安全资讯平台
Details & Relations Graph Source
10.09.2024 | bleepingcomputer.com
NONAME RANSOMWARE GANG DEPLOYING RANSOMHUB MALWARE IN RECENT ATTACKS
The NoName ransomware gang has been trying to build a reputation for more than
three years targeting small and medium-sized businesses worldwide with its
encryptors and may now be working as a RansomHub affiliate.
Details & Relations Graph Source
10.09.2024 | cisecurity.org
MULTIPLE VULNERABILITIES IN ADOBE PRODUCTS COULD ALLOW FOR ARBITRARY CODE
EXECUTION
<p>Multiple vulnerabilities have been discovered in Adobe products, the most
severe of which could allow for arbitrary code execution.</p> <ul> <li>Adobe is
a software that is used for creating and publishing a wide variety of contents
including graphics, photography, illustration, animation, multi…
Details & Relations Graph Source
10.09.2024 | malware.news
BUG LEFT SOME WINDOWS PCS DANGEROUSLY UNPATCHED – KREBS ON SECURITY
Details & Relations Graph Source
10.09.2024 | zscaler.com
ZSCALER PROTECTS AGAINST 6 NEW VULNERABILITIES FOR WINDOWS
Zscaler has proactively deployed protection for the following 6 vulnerabilities
included in the September 2024 Microso
Details & Relations Graph Source
10.09.2024 | anquanke.com
BLIND EAGLE 威胁组织利用定制 QUASAR RAT 攻击哥伦比亚保险业-安全客 - 安全资讯平台
安全客 - 安全资讯平台
Details & Relations Graph Source
10.09.2024 | reversinglabs.com
FAKE RECRUITER CODING TESTS TARGET DEVS WITH MALICIOUS PYTHON PACKAGES
RL found the VMConnect campaign continuing with malicious actors posing as
recruiters, using packages and the names of financial firms to lure developers.
Details & Relations Graph Source
10.09.2024 | bleepingcomputer.com
MICROSOFT SEPTEMBER 2024 PATCH TUESDAY FIXES 4 ZERO-DAYS, 79 FLAWS
Today is Microsoft's September 2024 Patch Tuesday, which includes security
updates for 79 flaws, including four actively exploited and one publicly
disclosed zero-days.
Details & Relations Graph Source
10.09.2024 | anquanke.com
AKIRA 勒索软件行为者利用 SONICWALL 漏洞实现远程代码执行-安全客 - 安全资讯平台
安全客 - 安全资讯平台
Details & Relations Graph Source
10.09.2024 | bankinfosecurity.com
GERMAN CYBER AGENCY INVESTIGATING APT28 PHISHING CAMPAIGN
The German cyber agency is reportedly investigating a phishing campaign tied to
Russian state hacking group APT28 that used a bogus website mimicking an
influential
Details & Relations Graph Source
10.09.2024 | bleepingcomputer.com
IVANTI FIXES MAXIMUM SEVERITY RCE BUG IN ENDPOINT MANAGEMENT SOFTWARE
Ivanti has fixed a maximum severity vulnerability in its Endpoint Management
software (EPM) that can let unauthenticated attackers gain remote code execution
on the core server.
Details & Relations Graph Source
10.09.2024 | ssi.gouv.fr
MULTIPLES VULNÉRABILITÉS DANS LES PRODUITS SIEMENS - CERT-FR
Details & Relations Graph Source
10.09.2024 | ssi.gouv.fr
MULTIPLES VULNÉRABILITÉS DANS LES PRODUITS OWNCLOUD - CERT-FR
Details & Relations Graph Source
10.09.2024 | ssi.gouv.fr
MULTIPLES VULNÉRABILITÉS DANS LES PRODUITS SAP - CERT-FR
Details & Relations Graph Source
10.09.2024 | cyberscoop.com
HERE’S WHAT MICROSOFT FIXED IN SEPTEMBER’S PATCH TUESDAY
Three of those vulnerabilities — CVE-2024-38014, CVE-2024-38217, CVE-2024-38226
— have been exploited in the wild.
Details & Relations Graph Source
10.09.2024 | intel471.com
THREAT HUNTING CASE STUDY: UNCOVERING FIN7
FIN7 is one of the most persistent and capable financially motivated threat
actor groups. Here's how to threat hunt for signs of a FIN7 intrusion.
Details & Relations Graph Source
10.09.2024 | sans.edu
MICROSOFT SEPTEMBER 2024 PATCH TUESDAY - SANS INTERNET STORM CENTER
Microsoft September 2024 Patch Tuesday, Author: Johannes Ullrich
Details & Relations Graph Source
10.09.2024 | welivesecurity.com
COSMICBEETLE STEPS UP: PROBATION PERIOD AT RANSOMHUB
ESET researchers examine the recent activities of the CosmicBeetle threat actor,
documentingt its new ScRansom ransomware and highlighting connections to other
well-established ransomware gangs.
Details & Relations Graph Source
10.09.2024 | ahnlab.com
IBM 제품 보안 업데이트 권고 - ASEC
개요 IBM 제품에서 발생하는 취약점을 해결하는 업데이트를 발표하였습니다. 해당하는 버전의 사용자는 최신 버전으로 업데이트하시기 바랍니다.
대상 제품 CVE-2024-40681 IBM MQ Operator 버전: 2.0.26 IBM MQ Operator 버전: 3.2.4
CVE-2024-45076, CVE-2024-45075 IBM webMethods Integration 버전: 10.15 해결된 취약점
특별히 정의된 역할에 속한 인증된 사용자가 보안 제한을 우회하고 큐 관리자에 대한 작업을 […]
Details & Relations Graph Source
10.09.2024 | ssi.gouv.fr
MULTIPLES VULNÉRABILITÉS DANS MOODLE - CERT-FR
Details & Relations Graph Source
10.09.2024 | eclecticiq.com
RANSOMWARE IN THE CLOUD: SCATTERED SPIDER TARGETING INSURANCE AND FINANCIAL
INDUSTRIES
EclecticIQ analysts discovered ransomware operations by SCATTERED SPIDER
targeting cloud infrastructures within the insurance and financial sectors.
Details & Relations Graph Source
09.09.2024 | redpacketsecurity.com
US-CERT VULNERABILITY SUMMARY FOR THE WEEK OF SEPTEMBER 2, 2024 - REDPACKET
SECURITY
Bulletins provide weekly summaries of new vulnerabilities. Patch information is
provided when available.
Details & Relations Graph Source
09.09.2024 | medium.com
DIVE INTO SIGMA CORRELATION RULES
And go hunting for Cicada3301 ransomware behaviors in the process
Details & Relations Graph Source
09.09.2024 | paloaltonetworks.com
THREAT ASSESSMENT: NORTH KOREAN THREAT GROUPS
Explore Unit 42's review of North Korean APT groups and their impact, detailing
the top 10 malware and tools we've seen from these threat actors. Explore Unit
42's review of North Korean APT groups and their impact, detailing the top 10
malware and tools we've seen from these threat actors.
Details & Relations Graph Source
09.09.2024 | threatdown.com
NEW RANSOMHUB ATTACK USES TDSKILLER AND LAZAGNE, DISABLES EDR - THREATDOWN BY
MALWAREBYTES
The attack signals a new shift in RansomHub’s arsenal of tools.
Details & Relations Graph Source
09.09.2024 | thehackernews.com
BLIND EAGLE TARGETS COLOMBIAN INSURANCE SECTOR WITH CUSTOMIZED QUASAR RAT
Blind Eagle APT group targets Colombian insurance sector with custom Quasar RAT,
using phishing emails and Google Drive to spread malware.
Details & Relations Graph Source
09.09.2024 | thehackernews.com
CHINESE HACKERS EXPLOIT VISUAL STUDIO CODE IN SOUTHEAST ASIAN CYBERATTACKS
Chinese hackers exploit Visual Studio Code in cyberattacks on Southeast Asian
governments. New technique uses reverse shell for espionage and data the
Details & Relations Graph Source
09.09.2024 | redpacketsecurity.com
BLIND EAGLE TARGETS COLOMBIAN INSURANCE SECTOR WITH CUSTOMIZED QUASAR RAT -
REDPACKET SECURITY
The Colombian insurance sector is the target of a threat actor tracked as Blind
Eagle with the end goal of delivering a customized version of a known
Details & Relations Graph Source
09.09.2024 | redpacketsecurity.com
CHINESE HACKERS EXPLOIT VISUAL STUDIO CODE IN SOUTHEAST ASIAN CYBERATTACKS -
REDPACKET SECURITY
The China-linked advanced persistent threat (APT) group known as Mustang Panda
has been observed weaponizing Visual Studio Code software as part of espionage
Details & Relations Graph Source
09.09.2024 | medium.com
STRENGTHENING CYBER DEFENSES: NEW POLICIES, VULNERABILITIES, AND HIGH-PROFILE
CYBERATTACKS SIGNAL…
More from the Author: LinkedIn
Details & Relations Graph Source
09.09.2024 | gbhackers.com
AKIRA RANSOMWARE ACTIVELY EXPLOITING SONICWALL FIREWALL RCE VULNERABILITY
SonicWall disclosed a critical remote code execution vulnerability
(CVE-2024-40766) in SonicOS on August 22nd, 2024. While no active
Details & Relations Graph Source
09.09.2024 | socradar.io
AKIRA RANSOMWARE TARGETS SONICWALL VULNERABILITY (CVE-2024-40766) – IMMEDIATE
PATCHING REQUIRED - SOCRADAR® CYBER INTELLIGENCE INC.
A recently patched SonicWall vulnerability, CVE-2024-40766, has been found to
affect the SSLVPN feature of SonicWall firewalls in addition to management
Details & Relations Graph Source
09.09.2024 | rapid7.com
MULTIPLE VULNERABILITIES IN VEEAM BACKUP & REPLICATION | RAPID7 BLOG
Details & Relations Graph Source
09.09.2024 | malware.news
9TH SEPTEMBER – THREAT INTELLIGENCE REPORT
For the latest discoveries in cyber research for the week of 9th September,
please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The
German air traffic control agency, Deutsche Flugsicherung, has confirmed a
cyberattack that impacted its administrative IT infrastructure. Th…
Details & Relations Graph Source
09.09.2024 | checkpoint.com
9TH SEPTEMBER – THREAT INTELLIGENCE REPORT - CHECK POINT RESEARCH
For the latest discoveries in cyber research for the week of 9th September,
please download our Threat Intelligence Bulletin. TOP ATTACKS AND BREACHES The
German air traffic control agency, Deutsche Flugsicherung, has confirmed a
cyberattack that impacted its administrative IT infrastructure. The e…
Details & Relations Graph Source
09.09.2024 | sekoia.io
A GLIMPSE INTO THE QUAD7 OPERATORS' NEXT MOVES AND ASSOCIATED BOTNETS
Uncover the secrets of the Quad7 botnet and its ever-evolving toolset. Learn
about the new backdoors and protocols used by these operators.
Details & Relations Graph Source
09.09.2024 | thehackernews.com
U.S. OFFERS $10 MILLION FOR INFO ON RUSSIAN CADET BLIZZARD HACKERS BEHIND MAJOR
ATTACKS
Russian hackers from GRU’s Unit 29155 linked to global cyberattacks on critical
infrastructure, espionage, and sabotage since 2020.
Details & Relations Graph Source
09.09.2024 | securelist.ru
НОВАЯ ВЕРСИЯ БЭКДОРА LOKI ДЛЯ ФРЕЙМВОРКА MYTHIC АТАКУЕТ РОССИЙСКИЕ КОМПАНИИ
Эксперты «Лаборатории Касперского» обнаружили новую версию агента Loki для
фреймворка с открытым кодом Mythic, которая использует DLL-библиотеки в атаках
на российские компании.
Details & Relations Graph Source
THIS WEBSITE USES COOKIES
This page uses cookies for traffic analysis and to understand user interactions.
Data about your use is shared with analytics partners for enhanced service. By
using this site, you consent to our cookie policy.
OK
| Imprint