Cobalt Stike Beacon Detected – 47[.]98[.]244[.]206:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: November 2021
Cobalt Stike Beacon Detected – 103[.]228[.]111[.]223:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 54[.]193[.]250[.]131:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 39[.]101[.]69[.]27:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]116[.]252[.]245:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 81[.]68[.]255[.]89:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 52[.]44[.]111[.]242:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 104[.]131[.]88[.]78:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]107[.]76[.]95:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]94[.]170[.]143:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 39[.]96[.]196[.]130:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 62[.]113[.]96[.]124:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 35[.]86[.]162[.]154:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Hundreds of thousands of fake warnings of cyberattacks sent from a hacked FBI email server
Threat actors hacked email servers of the FBI to distribute spam email impersonating FBI warnings of fake cyberattacks. The email...
GravityRAT returns disguised as an end-to-end encrypted chat app
Threat actors are distributing the GravityRATÂ remote access trojan masqueraded as an end-to-end encrypted chat application named SoSafe Chat. Threat actors...
Canadian Furious Beaver – A Tool For Monitoring IRP Handler In Windows Drivers, And Facilitating The Process Of Analyzing, Replaying And Fuzzing Windows Drivers For Vulnerabilities
Furious Beaver is a IRP detailsIRP replayConceptIrpDumper.sys is the driver part of the CFB Broker that will auto-extract and install...
CVE-2021-42286
Summary: Windows Core Shell SI Host Extension Framework for Composable Shell Elevation of Privilege Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42286 CVSS...
CVE-2021-42287
Summary: Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42278, CVE-2021-42282, CVE-2021-42291. Reference Links(if...
CVE-2021-42291
Summary: Active Directory Domain Services Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-42278, CVE-2021-42282, CVE-2021-42287. Reference Links(if...
CVE-2021-42296
Summary: Microsoft Word Remote Code Execution Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-42296 CVSS Score (if available) v2: / MEDIUMAV:L/AC:M/Au:N/C:C/I:C/A:C v3: /...
CVE-2021-31853
Summary: DLL Search Order Hijacking Vulnerability in McAfee Drive Encryption (MDE) prior to 7.3.0 HF2 (7.3.0.183) allows local users to...
Intel and AMD address high severity vulnerabilities in products and drivers
Chipmakers Intel and AMD addressed several vulnerabilities in their products, including high-risk issues in software drivers. Intel and AMD released...
New evolving Abcbot DDoS botnet targets Linux systems
Qihoo 360’s Netlab detailed a new evolving DDoS botnet called Abcbot with wormable capabilities that targets Linux systems. Researchers from...
AzureHunter – A Cloud Forensics Powershell Module To Run Threat Hunting Playbooks On Data From Azure And O365
A Powershell module to run UsageEnsure you connect to ExchangeOnlineIt's recommended that you run Connect-ExchangeOnline before running any AzureHunter commands....
