The 10th edition of the ENISA Threat Landscape (ETL) report is out!
I’m proud to announce the release of the 10th edition of the ENISA Threat Landscape (ETL) on the state of...
Month: November 2022
Cisco Identity Services Engine security bypass | CVE-2022-20956
NAME Cisco Identity Services Engine security bypass Platforms Affected:Cisco Identity Services EngineRisk Level:8.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Cisco Identity Services Engine could...
Canteen Management System SQL injection | CVE-2022-43232
NAME Canteen Management System SQL injection Platforms Affected:Risk Level:7.2Exploitability:HighConsequences:Data Manipulation DESCRIPTION Canteen Management System is vulnerable to SQL injection. A...
Cisco BroadWorks CommPilot Application Software code execution | CVE-2022-20958
NAME Cisco BroadWorks CommPilot Application Software code execution Platforms Affected:Cisco BroadWorks CommPilot Application SoftwareRisk Level:8.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Cisco BroadWorks CommPilot...
Cisco Identity Services Engine cross-site request forgery | CVE-2022-20961
NAME Cisco Identity Services Engine cross-site request forgery Platforms Affected:Cisco Identity Services Engine 2.2 Cisco Identity Services Engine 2.6 Patch...
Daily Vulnerability Trends: Fri Nov 04 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2202-3602 No description provided CVE-2022-31692Spring Security, versions 5.7 prior to 5.7.5 and...
Cisco addressed several high-severity flaws in its products
Cisco addressed multiple flaws impacting its products, including high-severity issues in identity, email, and web security solutions. Cisco addressed multiple...
LockBit 3.0 Ransomware Victim: cacula[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: kingteam[.]com[.]tw
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: santimuni[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: hettichbenelux[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Malware Analysis – djvu – c8974837ee9e62f78817492ef2cc71ff
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: c8974837ee9e62f78817492ef2cc71ffSHA1: 7e580765dd04d1c42c33611d39bd2682f0e5aa29ANALYSIS DATE:...
Malware Analysis – djvu – a8cf6c4ce9bae2e0433a9d6f5a9090b0
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:mario23_10, botnet:slovarik1btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: a8cf6c4ce9bae2e0433a9d6f5a9090b0SHA1: 2b33cde4309e82bb278132dfddbf90319b2c9139ANALYSIS...
Malware Analysis – wannacry – 328ec0632c2a5318d3c189eceab6b488
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: 328ec0632c2a5318d3c189eceab6b488SHA1: bbd958285c9744c460f7da1ccda942c47d245cc6ANALYSIS DATE: 2022-11-04T03:00:34ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – – 045f8512e0b82b10dcd510492ae75a02
Score: 1 MALWARE FAMILY: TAGS:MD5: 045f8512e0b82b10dcd510492ae75a02SHA1: db7936f5f9e2f75634f5b39597bd68e1dc2d9618ANALYSIS DATE: 2022-11-04T03:18:03ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
BugCrowd Bug Bounty Disclosure: – Several internal applications have open CORS, allowing external folks to access the content – By bigBugGuy
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Malware Analysis – djvu – 52f22a333f60f4af27239ae51eb9d3d7
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 52f22a333f60f4af27239ae51eb9d3d7SHA1: 3bc9e4286878a61737763f260e5eefec96f1f20bANALYSIS DATE: 2022-11-04T05:51:22ZTTPS: T1012, T1082, T1053, T1005, T1081, T1060,...
Malware Analysis – smokeloader – 8aeee4f03c86f2d4377129edc204d26c
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 8aeee4f03c86f2d4377129edc204d26cSHA1: 931c011b463b6f122ff0009d1cbb022786ea70acANALYSIS DATE: 2022-11-04T05:31:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – dc64e4857ede57bf4a938088261cbce4
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: dc64e4857ede57bf4a938088261cbce4SHA1: 4f35ebc663ef9df15ddd9e5676f63e43a0138665ANALYSIS DATE: 2022-11-04T05:31:17ZTTPS: T1053, T1005, T1081, T1012, T1060, T1112,...
Malware Analysis – smokeloader – 8611fcd3c059993ae37c038f0682507a
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 8611fcd3c059993ae37c038f0682507aSHA1: 82a2f78e8594faff95889690b93fb37ed96ad242ANALYSIS DATE: 2022-11-04T05:05:33ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Cobalt Stike Beacon Detected – 120[.]48[.]9[.]221:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 5[.]44[.]42[.]42:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 152[.]136[.]153[.]12:8009
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 20[.]82[.]145[.]211:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
