Cobalt Stike Beacon Detected – 47[.]108[.]216[.]93:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: October 2022
Cobalt Stike Beacon Detected – 106[.]52[.]130[.]164:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 79afe5212a85f53a83ec1cf4d3ef1cb1
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 79afe5212a85f53a83ec1cf4d3ef1cb1SHA1: ede4d779271049a10d83fbd9fbc1394d1b32db47ANALYSIS DATE: 2022-10-07T09:16:28ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – djvu – 782995a03137a524e3568041ceba4fc4
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 782995a03137a524e3568041ceba4fc4SHA1: 8eef8e69d40d085aa00ba2e1e039cbfb71006a86ANALYSIS DATE: 2022-10-07T09:30:51ZTTPS:...
Malware Analysis – smokeloader – 782995a03137a524e3568041ceba4fc4
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 782995a03137a524e3568041ceba4fc4SHA1: 8eef8e69d40d085aa00ba2e1e039cbfb71006a86ANALYSIS DATE: 2022-10-07T09:32:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 573d5adbc8aa739642ae36bedfcbcc0b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 573d5adbc8aa739642ae36bedfcbcc0bSHA1: bedd44262ec356e1e130ae27f6e075e91fef1eb5ANALYSIS DATE: 2022-10-07T09:13:22ZTTPS: T1222, T1053, T1005, T1081,...
Malware Analysis – djvu – e2c04ff0f6965a5cc683a982a199a025
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: e2c04ff0f6965a5cc683a982a199a025SHA1: 12a3c1b0d25a35a9042590f657ba70fbd3e95130ANALYSIS DATE: 2022-10-07T09:42:45ZTTPS: T1012, T1082, T1060, T1112,...
Malware Analysis – djvu – 402a9ad95603a61734fb4930fdd5b6ef
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 402a9ad95603a61734fb4930fdd5b6efSHA1: a4849d63327bc943e5999a37dad4f87000c7f022ANALYSIS DATE: 2022-10-07T09:56:18ZTTPS: T1012, T1082, T1053, T1005,...
Malware Analysis – amadey – 72b054d5ea096ec65e7f765a8bddcedc
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 72b054d5ea096ec65e7f765a8bddcedcSHA1: 0b2a87ffca78fbf6e7341390c864fc3dc3136192ANALYSIS DATE:...
Malware Analysis – smokeloader – 72b054d5ea096ec65e7f765a8bddcedc
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 72b054d5ea096ec65e7f765a8bddcedcSHA1: 0b2a87ffca78fbf6e7341390c864fc3dc3136192ANALYSIS DATE: 2022-10-07T10:01:06ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Hacker stole $566 million worth of Binance Coins from Binance Bridge
Threat actors have stolen 2 million Binance Coins (BNB), worth $566 million, from the popular Binance Bridge. Hackers have reportedly...
Node.js test-mlw2-pated-sedge-flyte-conge module code execution |
NAME Node.js test-mlw2-pated-sedge-flyte-conge module code execution Platforms Affected:Node.js test-mlw2-pated-sedge-flyte-congeRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js test-mlw2-pated-sedge-flyte-conge module could allow a remote attacker...
Node.js 0000-util-logger-js module code execution |
NAME Node.js 0000-util-logger-js module code execution Platforms Affected:Node.js 0000-util-logger-jsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js 0000-util-logger-js module could allow a remote attacker...
Node.js 7h3n00b2 module code execution |
NAME Node.js 7h3n00b2 module code execution Platforms Affected:Node.js 7h3n00b2Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js 7h3n00b2 module could allow a remote attacker...
Enlightenment privilege escalation | CVE-2022-37706
NAME Enlightenment privilege escalation Platforms Affected:Enlightenment Enlightenment 0.25.3-1Risk Level:7.8Exploitability:FunctionalConsequences:Gain Privileges DESCRIPTION Enlightenment could allow a local authenticated attacker to gain...
Rockwell Automation FactoryTalk VantagePoint SQL injection | CVE-2022-3158
NAME Rockwell Automation FactoryTalk VantagePoint SQL injection Platforms Affected:Rockwell Automation FactoryTalk VantagePoint 8.00.00 Rockwell Automation FactoryTalk VantagePoint 8.30.00Risk Level:9.9Exploitability:UnprovenConsequences:Data Manipulation...
Node.js utility-common-v2 module code execution |
NAME Node.js utility-common-v2 module code execution Platforms Affected:Node.js utility-common-v2Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js utility-common-v2 module could allow a remote attacker...
Node.js bytectffe1w0d module code execution |
NAME Node.js bytectffe1w0d module code execution Platforms Affected:Node.js bytectffe1w0dRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js bytectffe1w0d module could allow a remote attacker...
Node.js bytectffe1w0e module code execution |
NAME Node.js bytectffe1w0e module code execution Platforms Affected:Node.js bytectffe1w0eRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js bytectffe1w0e module could allow a remote attacker...
Node.js @octo-org/octo-app module code execution |
NAME Node.js @octo-org/octo-app module code execution Platforms Affected:Node.js @octo-org/octo-appRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js @octo-org/octo-app module could allow a remote attacker...
Node.js cccctftest module code execution |
NAME Node.js cccctftest module code execution Platforms Affected:Node.js cccctftestRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js cccctftest module could allow a remote attacker...
Node.js @trimoz/trimoz-api-wrapper module code execution |
NAME Node.js @trimoz/trimoz-api-wrapper module code execution Platforms Affected:Node.js @trimoz/trimoz-api-wrapperRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js @trimoz/trimoz-api-wrapper module could allow a remote attacker...
Node.js ech0 module code execution |
NAME Node.js ech0 module code execution Platforms Affected:Node.js ech0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js ech0 module could allow a remote attacker...
Node.js console_colored module code execution |
NAME Node.js console_colored module code execution Platforms Affected:Node.js console_coloredRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js console_colored module could allow a remote attacker...
