Month: November 2022

Optilink Networks OP-XT71000N devices command execution | CVE-2020-23583

November 24, 2022

NAME Optilink Networks OP-XT71000N devices command execution Platforms Affected:Optilink Networks OP-XT71000N 2.2Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Optilink Networks OP-XT71000N devices could...

Apache Airflow Pig Provider and Apache Airflow command execution | CVE-2022-40189

November 24, 2022

NAME Apache Airflow Pig Provider and Apache Airflow command execution Platforms Affected:Apache Airflow 2.2.5 Apache Airflow Pig Provider 3.0.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain...

LockBit 3.0 Ransomware Victim: nelsonautohaus[.]com

November 24, 2022

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

Threat actors exploit discontinues Boa web servers to target critical infrastructure

November 24, 2022

Microsoft reported that hackers have exploited flaws in a now-discontinued web server called Boa in attacks against critical industries. Microsoft experts...

LockBit 3.0 Ransomware Victim: Nihonsakari Co[.] , Ltd

November 24, 2022

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

LockBit 3.0 Ransomware Victim: embalajescapsa[.]com

November 24, 2022

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...

LockBit 3.0 Ransomware Victim: dcashpro[.]com

November 24, 2022

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

Daily Vulnerability Trends: Thu Nov 24 2022

November 24, 2022

Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-41049Windows Mark of the Web Security Feature Bypass Vulnerability. This CVE ID...

Black Friday shoppers beware: online threats so far in 2022

November 24, 2022

The shopping event of the year, Black Friday, is almost here, and while the big day does not officially arrive...

Malware Analysis – evasion – a4cea260c512dde09d9166744e42aba0

November 24, 2022

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: a4cea260c512dde09d9166744e42aba0SHA1: 4f0f80519e424c56db49e6287d92af29812f5791ANALYSIS DATE: 2022-11-24T00:09:21ZTTPS: T1490, T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – ransomware – d63c30ec13eab98c1795858f2f29daa7

November 24, 2022

Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: d63c30ec13eab98c1795858f2f29daa7SHA1: 91af4149274d49d4560ea5ba7de87b07bde283fdANALYSIS DATE: 2022-11-24T02:16:30ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – ransomware – 51b57fc5f41ad44e4e9c1b6b4a7147f3

November 24, 2022

Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 51b57fc5f41ad44e4e9c1b6b4a7147f3SHA1: c9ccaee94962b66a96f8325ddb693e0f8c6ac1a0ANALYSIS DATE: 2022-11-24T02:17:28ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – ransomware – e83cbdb1a9c0a13f007f6fe1e9531453

November 24, 2022

Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: e83cbdb1a9c0a13f007f6fe1e9531453SHA1: e29c7c4321a7e218c447a363710ec36a8f3b35edANALYSIS DATE: 2022-11-24T02:16:24ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – evasion – c7acfecc9e19773876dab3f1a83343ab

November 24, 2022

Score: 6 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: c7acfecc9e19773876dab3f1a83343abSHA1: 893f01007c39ce072592ad6b7e946d53039f64b2ANALYSIS DATE: 2022-11-24T02:17:23ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – ransomware – c9e6806632ff78ae69417a4d9f6d818c

November 24, 2022

Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: c9e6806632ff78ae69417a4d9f6d818cSHA1: df85f86e65db78c3c5bf00397a8c70fbee94109bANALYSIS DATE: 2022-11-23T18:41:39ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – ransomware – a436bdb349c258f805b0c7f0d77e1dd1

November 24, 2022

Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: a436bdb349c258f805b0c7f0d77e1dd1SHA1: 1d0e3678c3cf5531cc0a4f8bf8459528c0198705ANALYSIS DATE: 2022-11-23T18:48:38ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – banker – 4f90c9fb3ee8cb50bfa20a419b2ed5af

November 24, 2022

Score: 8 MALWARE FAMILY: bankerTAGS:banker, ransomwareMD5: 4f90c9fb3ee8cb50bfa20a419b2ed5afSHA1: 671fc353c614eaac33569765626d466620cc350fANALYSIS DATE: 2022-11-23T18:53:34ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – ransomware – 0722215a32cf7944f5cdf38aa4a303b7

November 24, 2022

Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 0722215a32cf7944f5cdf38aa4a303b7SHA1: e844c567f09049c14290c5d93a904c41cc1a202dANALYSIS DATE: 2022-11-23T18:41:37ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – evasion – 5cd95958129921ec92a154bd61aaee85

November 24, 2022

Score: 8 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 5cd95958129921ec92a154bd61aaee85SHA1: 156a50d2c3970653a96d17ee093ba85951eb5f52ANALYSIS DATE: 2022-11-23T18:55:31ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – ransomware – 8d52dada40130dcfef65781a5ae142ca

November 24, 2022

Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 8d52dada40130dcfef65781a5ae142caSHA1: e3db70ed126f922d79453045fb01d7434fe252caANALYSIS DATE: 2022-11-23T18:54:35ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – banker – bc43a7fb149c72b4df21b20b4b1b8a0c

November 24, 2022

Score: 8 MALWARE FAMILY: bankerTAGS:banker, ransomwareMD5: bc43a7fb149c72b4df21b20b4b1b8a0cSHA1: bedb22430b478037e85a1e44c89969ae6dfa6debANALYSIS DATE: 2022-11-23T18:53:36ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – evasion – a7f3d29a081b33f5349b2aeba2b32a53

November 24, 2022

Score: 7 MALWARE FAMILY: evasionTAGS:evasion, infostealer, ransomwareMD5: a7f3d29a081b33f5349b2aeba2b32a53SHA1: 0e9468a71db6f6236d6770d7855e967175dcb174ANALYSIS DATE: 2022-11-23T18:55:35ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Malware Analysis – ransomware – a6c181addb32d32a003cc21a8c45b5b2

November 24, 2022

Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: a6c181addb32d32a003cc21a8c45b5b2SHA1: 5de0b4f378ea8c411f31aa2b830968c57d8ceb0aANALYSIS DATE: 2022-11-23T19:01:47ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – ransomware – 53acf0e9d7a04634083035672a34ef53

November 24, 2022

Score: 5 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 53acf0e9d7a04634083035672a34ef53SHA1: 199eee614b934e4594a38b3f5f9fe98da114e835ANALYSIS DATE: 2022-11-23T18:55:57ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Month: November 2022

Optilink Networks OP-XT71000N devices command execution | CVE-2020-23583

Apache Airflow Pig Provider and Apache Airflow command execution | CVE-2022-40189

LockBit 3.0 Ransomware Victim: nelsonautohaus[.]com

Threat actors exploit discontinues Boa web servers to target critical infrastructure

LockBit 3.0 Ransomware Victim: Nihonsakari Co[.] , Ltd

LockBit 3.0 Ransomware Victim: embalajescapsa[.]com

LockBit 3.0 Ransomware Victim: dcashpro[.]com

Daily Vulnerability Trends: Thu Nov 24 2022

Black Friday shoppers beware: online threats so far in 2022

Malware Analysis – evasion – a4cea260c512dde09d9166744e42aba0

Malware Analysis – ransomware – d63c30ec13eab98c1795858f2f29daa7

Malware Analysis – ransomware – 51b57fc5f41ad44e4e9c1b6b4a7147f3

Malware Analysis – ransomware – e83cbdb1a9c0a13f007f6fe1e9531453

Malware Analysis – evasion – c7acfecc9e19773876dab3f1a83343ab

Malware Analysis – ransomware – c9e6806632ff78ae69417a4d9f6d818c

Malware Analysis – ransomware – a436bdb349c258f805b0c7f0d77e1dd1

Malware Analysis – banker – 4f90c9fb3ee8cb50bfa20a419b2ed5af

Malware Analysis – ransomware – 0722215a32cf7944f5cdf38aa4a303b7

Malware Analysis – evasion – 5cd95958129921ec92a154bd61aaee85

Malware Analysis – ransomware – 8d52dada40130dcfef65781a5ae142ca

Malware Analysis – banker – bc43a7fb149c72b4df21b20b4b1b8a0c

Malware Analysis – evasion – a7f3d29a081b33f5349b2aeba2b32a53

Malware Analysis – ransomware – a6c181addb32d32a003cc21a8c45b5b2

Malware Analysis – ransomware – 53acf0e9d7a04634083035672a34ef53

[RHYSIDA] – Ransomware Victim: Hope Valley Recovery

[CACTUS] – Ransomware Victim: lsst[.]ac

Cobalt Strike Beacon Detected – 121[.]40[.]69[.]150:8888

Massive Git Config Breach Exposes 15,000 Credentials; 10,000 Private Repos Cloned

Microsoft Warns of Chinese Botnet Exploiting Router Flaws for Credential Theft

You may have missed