September 2024: Latest Malware, Vulnerabilities and Exploits
Tags
country: United Arab Emirates Azerbaijan China India Iran Israel United States Of America
maec-delivery-vectors: Watering Hole
attack-pattern: Data Botnet - T1583.005 Botnet - T1584.005 Credentials - T1589.001 Domains - T1583.001 Domains - T1584.001 Exploits - T1587.004 Exploits - T1588.005 Malware - T1587.001 Malware - T1588.001 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Web Shell - T1505.003 Tool - T1588.002 Vulnerabilities - T1588.006 Powershell - T1086 Web Shell - T1100
Show in Graph
Common Information
Type Value
UUID 2883d463-55d1-452a-a896-45bf15432575
Fingerprint 95a885d1afb2eedb
Analysis status DONE
Considered CTI value 2
Text language
Published Sept. 6, 2024, 8:25 a.m.
Added to db Sept. 6, 2024, 10:33 a.m.
Last updated Nov. 17, 2024, 7:44 p.m.
Headline September 2024: Latest Malware, Vulnerabilities and Exploits
Title September 2024: Latest Malware, Vulnerabilities and Exploits
Detected Hints/Tags/Attributes 108/3/36
Source URLs
Redirection Url
Details Source https://www.picussecurity.com/resource/blog/september-2024-latest-malware-vulnerabilities-and-exploits
URL Provider
Details Provider Source level domain
Details picussecurity.com www.picussecurity.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 352 Resources-2 https://www.picussecurity.com/resource/rss.xml 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details CVE 40 
cve-2024-38856
Details CVE 24 
cve-2024-36104
Details CVE 32 
cve-2024-32113
Details CVE 24 
cve-2024-23897
Details CVE 27 
cve-2024-39717
Details CVE 27 
cve-2024-38213
Details CVE 161 
cve-2019-19781
Details CVE 152 
cve-2023-3519
Details CVE 70 
cve-2022-1388
Details CVE 55 
cve-2024-21887
Details CVE 38 
cve-2024-3400
Details Domain 4127 
github.com
Details Domain 26 
thecyberexpress.com
Details File 208 
setup.exe
Details File 7 
globalprotect.exe
Details File 252 
www.cs
Details File 1 
chinas-volt-typhoon-exploits-versa-zero-day-to-hack-us-isps-and-it-firms.html
Details File 4 
threat-actors-target-middle-east-using-fake-tool.html
Details Github username 2 
0x20c
Details Github username 15 
cisco-talos
Details sha256 3 
5df4269998ed79fbc997766303759768ce89ff1412550b35ff32e85db3c1f57b
Details sha256 3 
fb70ff49411ce04951895977acfc06fa468e4aa504676dedeb40ba5cea76f37f
Details sha256 3 
711d3deccc22f5acfd3a41b8c8defb111db0f2b474febdc7f20a468f67db0350
Details Mandiant Uncategorized Groups 27 
UNC757
Details Threat Actor Identifier - APT 181 
APT33
Details Url 1 
https://github.com/0x20c/cve-2024-38856-exp.
Details Url 1 
https://www.bleepingcomputer.com/news/security/cisa-warns-of-jenkins-rce-bug-exploited-in-ransomware-attacks/.
Details Url 1 
https://www.bleepingcomputer.com/news/security/chinese-volt-typhoon-hackers-exploited-versa-zero-day-to-breach-isps-msps
Details Url 1 
https://www.csoonline.com/article/3497078/chinas-volt-typhoon-exploits-versa-zero-day-to-hack-us-isps-and-it-firms.html
Details Url 1 
https://www.bleepingcomputer.com/news/microsoft/new-windows-smartscreen-bypass-exploited-as-zero-day-since-march/.
Details Url 1 
https://www.thezdi.com/blog/2024/8/14/cve-2024-38213-copy2pwn-exploit-evades-windows-web-protections.
Details Url 1 
https://www.bleepingcomputer.com/news/security/halliburton-cyberattack-linked-to-ransomhub-ransomware-gang/.
Details Url 2 
https://www.microsoft.com/en-us/security/blog/2024/08/28/peach-sandstorm-deploys-new-custom-tickler-malware-in-long-running-intelligence-gathering-operations/.
Details Url 1 
https://thecyberexpress.com/north-korean-hackers-new-moonpeak-uat-5394/.
Details Url 1 
https://github.com/cisco-talos/iocs/tree/main/2024/08.
Details Url 4 
https://www.trendmicro.com/en_us/research/24/h/threat-actors-target-middle-east-using-fake-tool.html