threatintel

CVE Alert: CVE-2024-49840

February 4, 2025

Vulnerability Summary: CVE-2024-49840 Memory corruption while Invoking IOCTL calls from user-space to validate FIPS encryption or decryption functionality. Affected Endpoints:...

Read More

CVE Alert: CVE-2024-45573

February 4, 2025

Vulnerability Summary: CVE-2024-45573 Memory corruption may occour while generating test pattern due to negative indexing of display ID. Affected Endpoints:...

Read More

CVE Alert: CVE-2024-49843

February 4, 2025

Vulnerability Summary: CVE-2024-49843 Memory corruption while processing IOCTL from user space to handle GPU AHB bus error. Affected Endpoints: No...

Read More

CVE Alert: CVE-2024-49838

February 4, 2025

Vulnerability Summary: CVE-2024-49838 Information disclosure while parsing the OCI IE with invalid length. Affected Endpoints: No affected endpoints listed. Published...

Read More

CVE Alert: CVE-2024-49839

February 4, 2025

Vulnerability Summary: CVE-2024-49839 Memory corruption during management frame processing due to mismatch in T2LM info element. Affected Endpoints: No affected...

Read More

CVE Alert: CVE-2024-49834

February 4, 2025

Vulnerability Summary: CVE-2024-49834 Memory corruption while power-up or power-down sequence of the camera sensor. Affected Endpoints: No affected endpoints listed....

Read More

CVE Alert: CVE-2024-49837

February 4, 2025

Vulnerability Summary: CVE-2024-49837 Memory corruption while reading CPU state data during guest VM suspend. Affected Endpoints: No affected endpoints listed....

Read More

CVE Alert: CVE-2024-49833

February 4, 2025

Vulnerability Summary: CVE-2024-49833 Memory corruption can occur in the camera when an invalid CID is used. Affected Endpoints: No affected...

Read More

[AKIRA] – Ransomware Victim: Taking stock of 2024| Part 2

February 4, 2025

Ransomware Group: AKIRA VICTIM NAME: Taking stock of 2024| Part 2 NOTE: No files or stolen information are by RedPacket...

Read More

[FUNKSEC] – Ransomware Victim: brainsystem[.]eu

February 4, 2025

Ransomware Group: FUNKSEC VICTIM NAME: brainsystemeu NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

Read More

[FUNKSEC] – Ransomware Victim: esle[.]eu

February 4, 2025

Ransomware Group: FUNKSEC VICTIM NAME: esleeu NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

Read More

Cobalt-Strike

Cobalt Strike Beacon Detected – 176[.]96[.]131[.]195:8081

February 4, 2025

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Strike Beacon Detected – 101[.]43[.]166[.]60:5555

February 4, 2025

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Strike Beacon Detected – 45[.]182[.]189[.]105:443

February 4, 2025

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Strike Beacon Detected – 121[.]43[.]227[.]196:88

February 4, 2025

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Strike Beacon Detected – 103[.]96[.]75[.]73:443

February 4, 2025

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

[CACTUS] – Ransomware Victim: mgainnovation[.]com

February 4, 2025

Ransomware Group: CACTUS VICTIM NAME: mgainnovationcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

Read More

[FUNKSEC] – Ransomware Victim: forum-rainbow-rp[.]forumotion[.]eu

February 4, 2025

Ransomware Group: FUNKSEC VICTIM NAME: forum-rainbow-rpforumotioneu NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

Read More

CVE Alert: CVE-2024-54840

February 4, 2025

Vulnerability Summary: CVE-2024-54840 PVWA (Password Vault Web Access) in CyberArk Privileged Access Manager Self-Hosted before 14.4 does not properly address...

Read More

CVE Alert: CVE-2024-56161

February 4, 2025

Vulnerability Summary: CVE-2024-56161 Improper signature verification in AMD CPU ROM microcode patch loader may allow an attacker with local administrator...

Read More

CVE Alert: CVE-2024-57967

February 4, 2025

Vulnerability Summary: CVE-2024-57967 PVWA (Password Vault Web Access) in CyberArk Privileged Access Manager Self-Hosted before 14.4 has potentially elevated privileges...

Read More

CVE Alert: CVE-2024-12510

February 4, 2025

Vulnerability Summary: CVE-2024-12510 If LDAP settings are accessed, authentication could be redirected to another server, potentially exposing credentials. This requires...

Read More

CVE Alert: CVE-2024-57175

February 4, 2025

Vulnerability Summary: CVE-2024-57175 A Stored Cross-Site Scripting (XSS) vulnerability was identified in the PHPGURUKUL Online Birth Certificate System v1.0 via...

Read More

CVE Alert: CVE-2024-12859

February 4, 2025

Vulnerability Summary: CVE-2024-12859 The BoomBox Theme Extensions plugin for WordPress is vulnerable to Local File Inclusion in all versions up...

Read More

Cobalt-Strike

Cobalt Strike Beacon Detected – 47[.]83[.]218[.]121:81

February 12, 2025

Cobalt-Strike

Cobalt Strike Beacon Detected – 1[.]94[.]140[.]47:1234

February 12, 2025

Cobalt-Strike

Cobalt Strike Beacon Detected – 115[.]120[.]210[.]236:7777

February 12, 2025

Cobalt-Strike

Cobalt Strike Beacon Detected – 110[.]41[.]165[.]237:80

February 12, 2025

Cobalt-Strike

Cobalt Strike Beacon Detected – 110[.]42[.]48[.]177:88

February 12, 2025