August 2024: Latest Malware, Vulnerabilities and Exploits
Tags
country: Canada Chile China Netherlands Germany France India Romania Taiwan United Kingdom United States Of America
maec-delivery-vectors: Watering Hole
attack-pattern: Data Exploits - T1587.004 Exploits - T1588.005 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Tool - T1588.002 Vulnerabilities - T1588.006
Show in Graph
Common Information
Type Value
UUID 11ecadfc-680f-4e89-8092-141ac3650205
Fingerprint 85300d999d91b68b
Analysis status DONE
Considered CTI value 2
Text language
Published Aug. 2, 2024, 12:02 p.m.
Added to db Aug. 31, 2024, 9:49 a.m.
Last updated Nov. 17, 2024, 7:44 p.m.
Headline August 2024: Latest Malware, Vulnerabilities and Exploits
Title August 2024: Latest Malware, Vulnerabilities and Exploits
Detected Hints/Tags/Attributes 107/3/36
Source URLs
Redirection Url
Details Source https://www.picussecurity.com/resource/blog/august-2024-latest-malware-vulnerabilities-and-exploits
URL Provider
Details Provider Source level domain
Details picussecurity.com www.picussecurity.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 352 Resources-2 https://www.picussecurity.com/resource/rss.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 26 
cve-2024-37085
Details CVE 9 
cve-2024-4879
Details CVE 9 
cve-2024-5217
Details CVE 6 
cve-2024-5178
Details CVE 56 
cve-2024-36401
Details CVE 16 
cve-2017-11774
Details Domain 3 
hunter.how
Details Domain 4127 
github.com
Details File 2 
linux.pl
Details File 173 
outlook.exe
Details File 1 
new-play-ransomware-linux-variant-targets-esxi-shows-ties-with-p.html
Details Github username 2 
geoserver
Details Github username 13 
trustedsec
Details sha1 2 
2a5e003764180eb3531443946d2f3c80ffcb2c30
Details sha256 1 
003764fd74bf13cff9bf1ddd870cbf593b23e2b584ba4465114023870ea6fbef
Details sha256 1 
1f5e4d2f71478518fe76b0efbb75609d3fb6cab06d1b021d6aa30db424f84a5e
Details sha256 1 
dad13b0a9f5fde7bcdda3e5afa10e7d83af0ff39288b9f11a725850b1e6f6313
Details sha256 1 
5687b32cdd5c4d1b3e928ee0792f6ec43817883721f9b86ec8066c5ec2791595
Details sha256 1 
5c52e41090cdd13e0bfa7ec11c283f5051347ba02c9868b4fddfd9c3fc452191
Details sha256 1 
4c3b9a568d8911a2a256fdc2ebe9ff5911a6b2b63c7784da08a4daf692e93c1a
Details sha256 1 
ef9aebcd9022080189af8aa2fb0b6594c3dfdc862340f79c17fb248e51fc9929
Details sha256 1 
7a55c8391fda90a5d4653fdebe2d685edb662859937e14b6756f45e29b76901d
Details Microsoft Threat Actor Naming Taxonomy (Groups in development) 8 
Storm-0506
Details Microsoft Threat Actor Naming Taxonomy (Groups in development) 7 
Storm-1175
Details Url 1 
https://www.rapid7.com/blog/post/2024/07/30/vmware-esxi-cve-2024-37085-targeted-in-ransomware-campaigns/.
Details Url 1 
https://www.resecurity.com/blog/article/cve-2024-4879-and-cve-2024-5217-servicenow-rce-exploitation-in-a-global-reconnaissance-campaign.
Details Url 1 
https://www.bleepingcomputer.com/news/security/cisa-warns-critical-geoserver-geotools-rce-flaw-is-exploited-in-attacks/.
Details Url 1 
https://github.com/geoserver/geoserver/security/advisories/ghsa-6jj6-gm7p-fcvv.
Details Url 1 
https://databreaches.net/2024/07/23/acadian-ambulance-hit-by-ransomware-attack-daixin-claims-info-on-10-million-patients-stolen/.
Details Url 1 
https://www.bleepingcomputer.com/news/security/sexi-ransomware-rebrands-to-apt-inc-continues-vmware-esxi-attacks/.
Details Url 1 
https://symantec-enterprise-blogs.security.com/threat-intelligence/daggerfly-espionage-updated-toolset.
Details Url 1 
https://www.virustotal.com/gui/file/7a55c8391fda90a5d4653fdebe2d685edb662859937e14b6756f45e29b76901d.
Details Url 1 
https://www.trendmicro.com/en_us/research/24/g/new-play-ransomware-linux-variant-targets-esxi-shows-ties-with-p.html
Details Url 1 
https://github.com/trustedsec/specula/wiki/home.
Details Url 1 
https://www.bleepingcomputer.com/news/security/new-specula-tool-uses-outlook-for-remote-code-execution-in-windows/.
Details Windows Registry Key 1 
HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Outlook\WebView