{"uuid": "f1df5af3-6992-4035-90e0-355dfc9eddbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-23692", "type": "seen", "source": "https://t.me/vxunderground/4854", "content": "Updates:\n\nFamilies: \n- AgentTesla\n- AsyncRAT\n- CryptBot\n- DarkComet\n- DCRat\n- FormBook\n- GuLoader\n- Latrodectus\n- LummaStealer\n- Mirai\n- OxyPumper\n- RedLine\n- Remcos\n- RevengeRAT\n- SnakeKeylogger\n- STRRAT\n- TrickBot\n- XMRig\n- XWorm\n- ZharkRAT\n\nPapers:\n- 2012-10-02 - Blackhole Exploit Kit: Rise and Evolution.pdf\n- 2015-09-15 - In Pursuit of Optical Fibers and Troop Intel: Targeted Attack Distributes PlugX in Russia.pdf\n- 2015-09-24 - Meet GreenDispenser: A New Breed of ATM Malware.pdf\n- 2021-12-22 - Establishing the TigerRAT and TigerDownloader Malware Families.pdf\n- 2022-04-27 - BRONZE PRESIDENT Targets Russian Speakers with Updated PlugX.pdf\n- 2022-08-22 - Ocean Lotus APT Group.pdf\n- 2022-10-12 - TOAD attacks: Vishing combined with Android banking malware now targeting Italian banks.pdf\n- 2023-04-14 - SHATTEREDGLASS Server Emulator.pdf\n- 2023-07-03 - Chinese Threat Actors Targeting Europe in SmugX Campaign.pdf\n - 2023-07-29 - Unknown powershell backdoor with ties to new Zloader.pdf\n- 2023-09-14 - Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets.pdf\n- 2023-12-11 - Mustang Panda's PlugX new variant targetting Taiwanese government and diplomats.pdf\n- 2024-01-24 - The Endless Struggle Against APT10- Insights from LODEINFO v0.6.6 - v0.7.3 Analysis.pdf\n- 2024-03-04 - On-Device Fraud on the rise: exposing a recent Copybara fraud campaign.pdf\n- 2024-03-22 - APT29 Uses WINELOADER to Target German Political Parties.pdf\n- 2024-03-22 - Large-Scale StrelaStealer Campaign in Early 2024.pdf\n- 2024-03-24 - Analysis of DEV#POPPER: New Attack Campaign Targeting Software Developers Likely Associated With North Korean Threat Actors.pdf\n- 2024-04-02 - Updated StrelaStealer Targeting European Countries.pdf\n- 2024-04-19 - Gold Pickaxe iOS Technical Analysis- IPA Overview and C2 Communication Start up.pdf\n- 2024-04-27 - Finding Malware: Detecting SOGU with Google Security Operations.pdf\n- 2024-06-09 - New Threat: A Deep Dive Into the Zergeca Botnet.pdf\n- 2024-06-24 - StrelaStealer Resurgence: Tracking a JavaScript-Driven Credential Stealer Targeting Europe.pdf\n- 2024-07-05 - CLEARFAKE Update Tricks Victim into Executing Malicious PowerShell Code.pdf\n- 2024-07-09 - Italian government agencies and companies in the target of a Chinese APT.pdf\n- 2024-07-10 - DodgeBox: A deep dive into the updated arsenal of APT41 - Part 1.pdf\n- 2024-07-11 - Brief technical analysis of the 'Poseidon Stealer' malware.pdf\n- 2024-07-11 - ClickFix Deception: A Social Engineering Tactic to Deploy Malware.pdf\n- 2024-07-11 - CRYSTALRAY: Inside the Operations of a Rising Threat Actor Exploiting OSS Tools.pdf\n- 2024-07-11 - MoonWalk: A deep dive into the updated arsenal of APT41 - Part 2.pdf\n- 2024-07-14 - Fake AWS Packages Ship Command and Control Malware In JPEG Files.pdf\n- 2024-07-14 - Malware Analysis: Rhadamanthys.pdf\n- 2024-07-15 - CVE-2024-38112: Void Banshee Targets Windows Users Through Zombie Internet Explorer in Zero-Day Attacks.pdf\n- 2024-07-16 - MirrorFace Attack against Japanese Organisations.pdf\n- 2024-07-16 - NullBulge: Threat Actor Masquerades as Hacktivist Group Rebelling Against AI.pdf\n- 2024-07-17 - The Return of Ghost Emperor's Demodex.pdf\n- 2024-07-18 - Emerging IoT Wiper Malware: Kaden and New LOLFME Botnet Variants.pdf\n- 2024-07-23 - A Simple Approach to Discovering Oyster Backdoor Infrastructure.pdf\n- 2024-07-24 - APT45: North Korea's Digital Military Machine.pdf\n- 2024-07-24 - Malware Campaign Lures Users With Fake W2 Form.pdf\n- 2024-07-24 - Rhysida using Oyster Backdoor to deliver ransomware.pdf\n- 2024-07-24 - UAC-0063 Attack Detection: Hackers Target Ukrainian Research Institutions Using HATVIBE, CHERRYSPY, and CVE-2024-23692.pdf\n- 2024-07-25 - Growing Number of Threats Leveraging AI.pdf\n- 2024-07-28 - CyberGate Technical Analysis.pdf\n- 2024-07-30 - Too big to care: Our disappointment with Cloudflare's anti-abuse posture.pdf\n- 2024-07-31 - Research Update: Threat Actors Behind the DEV#POPPER Campaign Have Retooled and are Continuing to Target Software Developers via Social Engineering.pdf\n- 2024-08-01", "creation_timestamp": "2024-08-27T20:27:19.000000Z"}