LockBit 3.0 Ransomware Victim: monnensenpartners[.]be
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Month: September 2022
LockBit 3.0 Ransomware Victim: pdh[.]com[.]tw
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
HackerOne Bug Bounty Disclosure: api-key-(api-semrush-com)-leak-in-js-filebya_d_a_m
Programme HackerOne Semrush Semrush Submitted by a_d_a_m a_d_a_m Report API key (api.semrush.com) leak in JS-file Full Report A considerable amount...
Windows Defender identified Chromium, Electron apps as Hive Ransomware
Microsoft released a Windows Defender update to fix a problem that caused Defender antivirus to identify Chromium, Electron, as malware...
LockBit 3.0 Ransomware Victim: eneva[.]com[.]br
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – 188[.]166[.]16[.]172:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 8[.]210[.]57[.]143:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 18[.]117[.]203[.]13:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 139[.]5[.]200[.]18:8099
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 179[.]60[.]150[.]40:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 42[.]202[.]144[.]230:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]29[.]115[.]140:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 220[.]189[.]211[.]75:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]142[.]78[.]138:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 34[.]220[.]165[.]128:7777
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]143[.]175[.]114:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]174[.]78[.]115:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
EvilProxy Phishing-As-A-Service With MFA Bypass Emerged In Dark Web
Resecurity researchers discovered a new Phishing-as-a-Service (PhaaS) called EvilProxy advertised on the Dark Web. Original post: https://resecurity.com/blog/article/evilproxy-phishing-as-a-service-with-mfa-bypass-emerged-in-dark-web Following the recent Twilio hack...
binary code execution | CVE-2022-36078
NAME binary code execution Platforms Affected:binary binary 0.7.0Risk Level:8.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION binary could allow a remote attacker to...
NodeBB cross-site request forgery | CVE-2022-36076
NAME NodeBB cross-site request forgery Platforms Affected:NodeBB NodeBB 1.17.1Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION NodeBB is vulnerable to cross-site request forgery, caused...
SFTPGo security bypass | CVE-2022-36071
NAME SFTPGo security bypass Platforms Affected:SFTPGo SFTPGo 2.2.0 SFTPGo SFTPGo 2.3.3Risk Level:8.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION SFTPGo could allow a remote authenticated...
A new SharkBot variant bypassed Google Play checks again
Experts spotted an upgraded version of the SharkBot malware that was uploaded to the official Google Play Store. Fox IT...
Daily Vulnerability Trends: Mon Sep 05 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-32893An out-of-bounds write issue was addressed with improved bounds checking. This issue...
A new phishing scam targets American Express cardholders
Cybersecurity firm Armorblox discovered a new phishing campaign aimed at American Express customers. Armorblox researchers uncovered a new phishing campaign that is targeting American...
