Cobalt Stike Beacon Detected – 216[.]83[.]57[.]27:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: May 2022
Cobalt Stike Beacon Detected – 39[.]106[.]61[.]222:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 49[.]234[.]224[.]107:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 204[.]15[.]74[.]6:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]227[.]168[.]242:6667
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 44[.]234[.]39[.]108:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 84[.]32[.]190[.]48:8089
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]34[.]243[.]135:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]117[.]9[.]55:8001
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 139[.]155[.]2[.]105:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 165[.]227[.]179[.]21:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 147[.]182[.]242[.]191:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Security Above and Beyond CNAPPs
How Trend Micro’s unified cybersecurity platform is transforming cloud security If you like the site, please consider joining the telegram...
Examining the Black Basta Ransomware’s Infection Routine
We analyze the Black Basta ransomware and examine the malicious actor’s familiar infection tactics. If you like the site, please...
Spring4Shell-Poc – Spring Core RCE 0-day Vulnerability
Description of the vulnerability: https://www.cyberkendra.com/2022/03/springshell-rce-0-day-vulnerability.html Construction of the POC: https://github.com/BobTheShoplifter/Spring4Shell-POC Steps to Build/Run Tested with JDK 11.0.14, Spring Boot 2.6.5,...
APT34 targets Jordan Government using new Saitama backdoor
On April 26th, we identified a suspicious email that targeted a government official from Jordan’s foreign ministry. The email contained...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog,...
HackerOne Bug Bounty Disclosure: misconfigured-rate-limit-in-sending-notifications-to-the-victims-phone-via-the-endpoint-“-/faxes/inbox-“byshamim_12__
Programme HackerOne Alohi Alohi Submitted by shamim_12__ shamim_12__ Report Misconfigured Rate Limit in Sending Notifications to the Victims Phone Via...
CISA: Microsoft Releases Security Advisory for Azure Data Factory and Azure Synapse Pipelines
Microsoft Releases Security Advisory for Azure Data Factory and Azure Synapse Pipelines Microsoft has released a security advisory to address...
CISA: U.S. Government Attributes Cyberattacks on SATCOM Networks to Russian State-Sponsored Malicious Cyber Actors
U.S. Government Attributes Cyberattacks on SATCOM Networks to Russian State-Sponsored Malicious Cyber Actors CISA and the Federal Bureau of Investigation...
Microsoft fixed RCE flaw in a driver used by Azure Synapse and Data Factory
Microsoft disclosed a now-fixed vulnerability in Azure Synapse and Azure Data Factory that could have allowed remote code execution. Microsoft...
Client side scanning may cost more than it delivers
On May 11, 2022, the EU will publicize a proposal for a law on mandatory chat control. The European Commission...
Daily Vulnerability Trends: 5-10-2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-26352Advisory: DotCMS Remote Code Execution (CVE-2022-26352)CVE-2022-1338CVE-2022-1338CVE-2022-29972CVE-2022-29972CVE-2022-22954VMSA-2022-0011 - Server Side Template Injection in...
Spring4Shell-POC – Dockerized Spring4Shell (CVE-2022-22965) PoC Application And Exploit
Run the exploit.py script: python exploit.py --url "http://localhost:8080/helloworld/greeting" Visit the created webshell! Modify the cmd GET parameter for your commands....
