Cobalt Stike Beacon Detected – 206[.]119[.]205[.]66:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: October 2022
Malware Analysis – djvu – 3ed0eeb175db5df7ac99df301e920ac4
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 3ed0eeb175db5df7ac99df301e920ac4SHA1: 4fa27e4a7dcee126ebbdcff41cfd739e3bb04685ANALYSIS DATE: 2022-10-20T10:31:15ZTTPS: T1060, T1112, T1082, T1053,...
Malware Analysis – darkside – 2cdb06b0f1bea8d0e28392d8181e39f0
Score: 10 MALWARE FAMILY: darksideTAGS:family:darkside, ransomwareMD5: 2cdb06b0f1bea8d0e28392d8181e39f0SHA1: 292a577213b2ca66b92f71ac277028233f6c8f08ANALYSIS DATE: 2022-10-20T10:56:53ZTTPS: T1491, T1112, T1130 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – danabot – a759c799500f95284ea4f9613279551a
Score: 10 MALWARE FAMILY: danabotTAGS:family:danabot, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, banker, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: a759c799500f95284ea4f9613279551aSHA1: 881a1d0a9657d14b90f74d2e55ba4bc502f506b3ANALYSIS...
Malware Analysis – ragnarlocker – 0a7194829f99e72104cefc3bc791c1e5
Score: 10 MALWARE FAMILY: ragnarlockerTAGS:family:ragnarlocker, bootkit, persistence, ransomwareMD5: 0a7194829f99e72104cefc3bc791c1e5SHA1: a1979bb993a079f7f8f23b893690985ca8c04da1ANALYSIS DATE: 2022-10-20T10:18:41ZTTPS: T1012, T1120, T1082, T1067, T1107, T1490 ScoreMeaningExample10Known badA...
Cobalt Stike Beacon Detected – 206[.]119[.]205[.]237:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 206[.]119[.]205[.]126:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]35[.]198[.]64:8013
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 74[.]208[.]219[.]146:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Brazilian police arrested a man suspected of being a member of LAPSUS$ gang
The Federal Police of Brazil arrested an individual who is suspected of being a member of the notorious LAPSUS$ extortionist...
Oracle Virtualization VM VirtualBox Core security bypass | CVE-2022-39427
NAME Oracle Virtualization VM VirtualBox Core security bypass Platforms Affected:Oracle VM VirtualBox 6.1.38Risk Level:8.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Oracle Virtualization VM VirtualBox...
Mozilla Firefox and Firefox ESR code execution | CVE-2022-42928
NAME Mozilla Firefox and Firefox ESR code execution Platforms Affected:Mozilla Firefox ESR 102.3 Mozilla Firefox 105Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Mozilla...
Mozilla Firefox and Firefox ESR code execution | CVE-2022-42932
NAME Mozilla Firefox and Firefox ESR code execution Platforms Affected:Mozilla Firefox ESR 102.3 Mozilla Firefox 105Risk Level:8.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Mozilla...
Linux Kernel denial of service | CVE-2022-3595
NAME Linux Kernel denial of service Platforms Affected:Linux KernelRisk Level:8.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Linux Kernel is vulnerable to a denial of...
Mozilla Firefox and Firefox ESR security bypass | CVE-2022-42927
NAME Mozilla Firefox and Firefox ESR security bypass Platforms Affected:Mozilla Firefox ESR 102.3 Mozilla Firefox 105Risk Level:8.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Mozilla...
Apache Dubbo code execution | CVE-2022-39198
NAME Apache Dubbo code execution Platforms Affected:Apache Dubbo 2.7.0 Apache Dubbo 3.0.0 Apache Dubbo 2.7.17 Apache Dubbo 3.0.11 Apache Dubbo...
Daily Vulnerability Trends: Thu Oct 20 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-42722In the Linux kernel 5.8 through 5.19.x before 5.19.16, local attackers able...
Experts discovered millions of .git folders exposed to public
Nearly two million .git folders containing vital project information are exposed to the public, the Cybernews research team found. Original...
Malware Analysis – cryptolocker – a2481f0e6e6ba5262846a3c9919fc3f0
Score: 10 MALWARE FAMILY: cryptolockerTAGS:family:cryptolocker, persistence, ransomwareMD5: a2481f0e6e6ba5262846a3c9919fc3f0SHA1: ea7f82eb961fe7846d9d50ac256c005722cbdd93ANALYSIS DATE: 2022-10-19T22:00:25ZTTPS: T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – persistence – 82b864cad04aa1496a974cc839a11d60
Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 82b864cad04aa1496a974cc839a11d60SHA1: f60c7f62d69a9988bdc5dc2560c6d3d3e07c0858ANALYSIS DATE: 2022-10-19T22:33:54ZTTPS: T1107, T1490, T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – persistence – 824f46ae1d98c3df4926c37b5c04dc90
Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 824f46ae1d98c3df4926c37b5c04dc90SHA1: 6f34b0da7420988b058dbef6cf49a21b8ae16f0fANALYSIS DATE: 2022-10-19T22:57:35ZTTPS: T1107, T1490, T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – discovery – 91e468a26d3874218232010daf7242fe
Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploitMD5: 91e468a26d3874218232010daf7242feSHA1: 99d849b7b1949ce57d08baa46873aecb5cc6f304ANALYSIS DATE: 2022-10-19T22:09:47ZTTPS: T1222, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – persistence – 836233433c2f3158868a409329f663b0
Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 836233433c2f3158868a409329f663b0SHA1: 1ef7669c2c03f21a7278704cd5d01897bcd64f6eANALYSIS DATE: 2022-10-19T22:44:12ZTTPS: T1060, T1112, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – evasion – a137ede6404c16bb8ff883790c147160
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: a137ede6404c16bb8ff883790c147160SHA1: 664ef9bf0ab4ee4846dca9317dbce1f206afdad2ANALYSIS DATE: 2022-10-19T23:29:39ZTTPS: T1490, T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
