Cobalt Stike Beacon Detected – 85[.]208[.]136[.]49:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: November 2022
Cobalt Stike Beacon Detected – 172[.]86[.]123[.]13:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]139[.]156[.]186:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 110[.]40[.]201[.]49:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
BugCrowd Bug Bounty Disclosure: – Impersonation via Broken Link Hijacking on https://sv.hellosign.com – By CoffeeAddict_exe
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – Panel access at https://news-push-88.op-mobile.opera.com/. – By rahul0x01
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Malware Analysis – djvu – a5b4c672812208b47b9a9370902d4e1c
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: a5b4c672812208b47b9a9370902d4e1cSHA1: 0efd3da2bcad33fc6c91fc8a1c2a499c889eb2f6ANALYSIS DATE: 2022-11-24T10:33:48ZTTPS: T1060, T1112, T1222, T1082, T1012 ScoreMeaningExample10Known badA malware...
Malware Analysis – djvu – dfb556e14a10b5145a33f1a3efabdf88
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: dfb556e14a10b5145a33f1a3efabdf88SHA1: adb76813eda263afa706327cf52ef099f024fd36ANALYSIS DATE: 2022-11-24T10:25:26ZTTPS: T1005, T1081, T1130, T1112,...
Malware Analysis – ransomware – fecea0c22b3fc1a848902bcae0d16027
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: fecea0c22b3fc1a848902bcae0d16027SHA1: a5fd3809a7640e4ec3bf7617fff3f70eaff1562bANALYSIS DATE: 2022-11-24T09:02:55ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – banker – 425ca585e1689771f69c442036192d78
Score: 8 MALWARE FAMILY: bankerTAGS:banker, ransomwareMD5: 425ca585e1689771f69c442036192d78SHA1: 3d7e48669307cc962f18de5639ae0697ed950d1eANALYSIS DATE: 2022-11-24T09:53:04ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
An aggressive malware campaign targets US-based companies with Qakbot to deliver Black Basta Ransomware
Researchers warn of an ongoing aggressive Qakbot malware campaign that leads to Black Basta ransomware infections in the US. Experts...
Optilink Networks OP-XT71000N devices cross-site request forgery | CVE-2020-23588
NAME Optilink Networks OP-XT71000N devices cross-site request forgery Platforms Affected:Optilink Networks OP-XT71000N 2.2Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Optilink Networks OP-XT71000N devices...
Optilink Networks OP-XT71000N devices cross-site request forgery | CVE-2020-23592
NAME Optilink Networks OP-XT71000N devices cross-site request forgery Platforms Affected:Optilink Networks OP-XT71000N 2.2Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Optilink Networks OP-XT71000N devices...
RubyGems cgi gem HTTP response splitting | CVE-2021-33621
NAME RubyGems cgi gem HTTP response splitting Platforms Affected:RubyGems cgi gem 0.1.0 RubyGems cgi gem 0.1.0.1 RubyGems cgi gem 0.1.1...
Optilink Networks OP-XT71000N devices cross-site request forgery | CVE-2020-23587
NAME Optilink Networks OP-XT71000N devices cross-site request forgery Platforms Affected:Optilink Networks OP-XT71000N 2.2Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Optilink Networks OP-XT71000N devices...
Optilink Networks OP-XT71000N devices cross-site request forgery | CVE-2020-23585
NAME Optilink Networks OP-XT71000N devices cross-site request forgery Platforms Affected:Optilink Networks OP-XT71000N 2.2Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Optilink Networks OP-XT71000N devices...
Optilink Networks OP-XT71000N devices cross-site request forgery | CVE-2020-23590
NAME Optilink Networks OP-XT71000N devices cross-site request forgery Platforms Affected:Optilink Networks OP-XT71000N 2.2Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Optilink Networks OP-XT71000N devices...
Apache Airflow Hive Provider and Apache Airflow command execution | CVE-2022-41131
NAME Apache Airflow Hive Provider and Apache Airflow command execution Platforms Affected:Apache Airflow 2.2.5 Apache Airflow Hive Provider 4.0.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain...
Optilink Networks OP-XT71000N devices cross-site request forgery | CVE-2020-23589
NAME Optilink Networks OP-XT71000N devices cross-site request forgery Platforms Affected:Optilink Networks OP-XT71000N 2.2Risk Level:8.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Optilink Networks OP-XT71000N devices...
Apache Airflow Spark Provider and Apache Airflow command execution | CVE-2022-40954
NAME Apache Airflow Spark Provider and Apache Airflow command execution Platforms Affected:Apache Airflow 2.2.5 Apache Airflow Spark Provider 3.0.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain...
Zyxel LTE3301-M209 security bypass | CVE-2022-40602
NAME Zyxel LTE3301-M209 security bypass Platforms Affected:Zyxel LTE3301-M209 1.00Risk Level:9.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Zyxel LTE3301-M209 could allow a remote attacker to...
Optilink Networks OP-XT71000N devices cross-site request forgery | CVE-2020-23586
NAME Optilink Networks OP-XT71000N devices cross-site request forgery Platforms Affected:Optilink Networks OP-XT71000N 2.2Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Optilink Networks OP-XT71000N devices...
Apache Airflow Pinot Provider and Apache Airflow command execution | CVE-2022-38649
NAME Apache Airflow Pinot Provider and Apache Airflow command execution Platforms Affected:Apache Airflow 2.2.5 Apache Airflow Pinot Provider 3.0.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain...
Optilink Networks OP-XT71000N devices cross-site request forgery | CVE-2020-23593
NAME Optilink Networks OP-XT71000N devices cross-site request forgery Platforms Affected:Optilink Networks OP-XT71000N 2.2Risk Level:8.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Optilink Networks OP-XT71000N devices...
