{"uuid": "7b36126b-aede-4575-959f-bc86f10f4f21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-30051", "type": "seen", "source": "https://t.me/vxunderground/4342", "content": "Updates to vx-underground:\n\nSamples:\nVirusSign.2024.06.02\nVirusSign.2024.06.03\nVirusSign.2024.06.04\nVirusSign.2024.06.05\nVirusSign.2024.06.06\nVirusSign.2024.06.07\nVirusSign.2024.06.08\nVirusSign.2024.06.09\n\nPapers:\n- 2024-05-10 - Ongoing Social Engineering Campaign Linked to Black Basta Ransomware Operators\n- 2024-05-14 - Ebury is alive but unseen: 400k Linux servers compromised for cryptocurrency theft and financial gain\n- 2024-05-14 - QakBot attacks with Windows zero-day (CVE-2024-30051)\n- 2024-05-15 - Revealing Spammer Infrastructure With Passive DNS - 226 Toll-Themed Domains Targeting Australia\n- 2024-05-15 - Black Basta overview and detection rules\n- 2024-05-15 - Threat actors misusing Quick Assist in social engineering attacks leading to ransomware\n- 2024-05-15 - To the Moon and back(doors)- Lunar landing in diplomatic missions\n- 2024-05-16 - Spring Cleaning with LATRODECTUS: A Potential Replacement for ICEDID\n- 2024-05-16 - Springtail: New Linux Backdoor Added to Toolkit\n- 2024-05-20 - Tiny BackDoor Goes Undetected: Suspected Turla leveraging MSBuild to Evade detection\n- 2024-05-21 - Master of Puppets: Uncovering the DoppelG\u00e4nger pro-Russian influence campaign", "creation_timestamp": "2024-06-10T15:31:01.000000Z"}