threatintel

CVE Alert: CVE-2024-9482

October 5, 2024

Vulnerability Summary: CVE-2024-9482 An out-of-bounds write in the engine module in AVG/Avast Antivirus signature

CVE Alert: CVE-2024-9483

October 5, 2024

Vulnerability Summary: CVE-2024-9483 A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature

CVE Alert: CVE-2024-9271

October 5, 2024

Vulnerability Summary: CVE-2024-9271 The Re:WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all...

CVE Alert: CVE-2024-8499

October 5, 2024

Vulnerability Summary: CVE-2024-8499 The Checkout Field Editor (Checkout Manager) for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting...

CVE Alert: CVE-2024-9481

October 5, 2024

Vulnerability Summary: CVE-2024-9481 An out-of-bounds write in the engine module in AVG/Avast Antivirus signature

[KILLSEC] – Ransomware Victim: betterhalf[.]ai

October 5, 2024

Ransomware Group: KILLSEC VICTIM NAME: betterhalfai NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[CLOP] – Ransomware Victim: HARTSON-KENNEDY[.]COM

October 5, 2024

Ransomware Group: CLOP VICTIM NAME: HARTSON-KENNEDYCOM NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

Cobalt Strike Beacon Detected – 1[.]94[.]52[.]236:443

October 5, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike Beacon Detected – 118[.]31[.]16[.]216:80

October 5, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

[HUNTERS] – Ransomware Victim: BNBuilders

October 5, 2024

Ransomware Group: HUNTERS VICTIM NAME: BNBuilders NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[RANSOMHUB] – Ransomware Victim: omniboxx[.]nl

October 5, 2024

Ransomware Group: RANSOMHUB VICTIM NAME: omniboxxnl NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

Posh C2 Detected – 3[.]109[.]173[.]1:443

October 5, 2024

The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...

CVE Alert: CVE-2024-9514

October 5, 2024

Vulnerability Summary: CVE-2024-9514 A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been declared as critical. This vulnerability...

CVE Alert: CVE-2024-9410

October 5, 2024

Vulnerability Summary: CVE-2024-9410 Ada.cx's Sentry configuration allowed for blind server-side request forgeries (SSRF) through the use of a data scraping...

CVE Alert: CVE-2024-9513

October 5, 2024

Vulnerability Summary: CVE-2024-9513 A vulnerability was found in Netadmin Software NetAdmin IAM up to 3.5 and classified as problematic. Affected...

CVE Alert: CVE-2024-9515

October 5, 2024

Vulnerability Summary: CVE-2024-9515 A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been classified as critical. This affects...

CVE Alert: CVE-2024-9484

October 5, 2024

Vulnerability Summary: CVE-2024-9484 An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature

CVE Alert: CVE-2024-47769

October 5, 2024

Vulnerability Summary: CVE-2024-47769 IDURAR is open source ERP CRM accounting invoicing software. The vulnerability exists in the corePublicRouter.js file. Using...

CVE Alert: CVE-2024-38036

October 5, 2024

Vulnerability Summary: CVE-2024-38036 There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1, 10.8.1 and 10.7.1 which...

CVE Alert: CVE-2024-47183

October 5, 2024

Vulnerability Summary: CVE-2024-47183 Parse Server is an open source backend that can be deployed to any infrastructure that can run...

CVE Alert: CVE-2024-25691

October 5, 2024

Vulnerability Summary: CVE-2024-25691 There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 11.1, 10.9.1 and 10.8.1 which...

CVE Alert: CVE-2024-25707

October 5, 2024

Vulnerability Summary: CVE-2024-25707 There is a reflected cross site scripting in Esri Portal for ArcGIS 11.1 and below on Windows...

[RANSOMHUB] – Ransomware Victim: winwinza[.]com

October 5, 2024

Ransomware Group: RANSOMHUB VICTIM NAME: winwinzacom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

CVE Alert: CVE-2024-38039

October 5, 2024

Vulnerability Summary: CVE-2024-38039 There is an HTML injection vulnerability in Esri Portal for ArcGIS versions 11.0 and below that may...

threatintel

CVE Alert: CVE-2024-9482

CVE Alert: CVE-2024-9483

CVE Alert: CVE-2024-9271

CVE Alert: CVE-2024-8499

CVE Alert: CVE-2024-9481

[KILLSEC] – Ransomware Victim: betterhalf[.]ai

[CLOP] – Ransomware Victim: HARTSON-KENNEDY[.]COM

Cobalt Strike Beacon Detected – 1[.]94[.]52[.]236:443

Cobalt Strike Beacon Detected – 118[.]31[.]16[.]216:80

[HUNTERS] – Ransomware Victim: BNBuilders

[RANSOMHUB] – Ransomware Victim: omniboxx[.]nl

Posh C2 Detected – 3[.]109[.]173[.]1:443

CVE Alert: CVE-2024-9514

CVE Alert: CVE-2024-9410

CVE Alert: CVE-2024-9513

CVE Alert: CVE-2024-9515

CVE Alert: CVE-2024-9484

CVE Alert: CVE-2024-47769

CVE Alert: CVE-2024-38036

CVE Alert: CVE-2024-47183

CVE Alert: CVE-2024-25691

CVE Alert: CVE-2024-25707

[RANSOMHUB] – Ransomware Victim: winwinza[.]com

CVE Alert: CVE-2024-38039

Microsoft Monthly Security Update (January 2024)

CVE Alert: CVE-2024-56197

CVE Alert: CVE-2024-55948

CVE Alert: CVE-2024-53994

CVE Alert: CVE-2024-53851

You may have missed