Cobalt Stike Beacon Detected – 107[.]189[.]28[.]84:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: November 2022
Cobalt Stike Beacon Detected – 43[.]132[.]222[.]36:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]189[.]6[.]239:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 94[.]74[.]105[.]230:8090
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – amadey – 000e96a33f00b6e8f473f96680e97105
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:1827, botnet:517, botnet:mario23_10, botnet:srt, backdoor, collection, discovery, evasion, infostealer, persistence,...
Malware Analysis – dcrat – 079fa9293dc34904e2dc1dfe4450e17a
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:1827, botnet:517, botnet:mario23_10, backdoor, collection, discovery, evasion, infostealer, persistence, ransomware, rat,...
Malware Analysis – amadey – e56bdbd3bbf16c712fd3964d47a2284d
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:1827, botnet:517, botnet:mario23_10, backdoor, collection, discovery, evasion, infostealer, persistence, ransomware, spyware,...
Malware Analysis – smokeloader – 71f0f10d55a7c76842144f85aa453b1e
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 71f0f10d55a7c76842144f85aa453b1eSHA1: 0465ab92492754c17b2fe0ac8a9c77657d4010b0ANALYSIS DATE: 2022-11-16T22:51:58ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Posh C2 Detected – 165[.]22[.]119[.]30:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Will Cloud-Native Network Security Oust Firewalls?
Security threats have already begun to outpace cloud firewalls. It’s a fact. But organizations exploring new cloud-native solution find themselves...
Electricity/Energy Cybersecurity: Trends & Survey Response
Based on our survey of over 900 ICS security leaders in the United States, Germany, and Japan, we dig deeper...
Pilfered Keys: Free App Infected by Malware Steals Keychain Data
Open-source applications are a practical way to save money while keeping up with your productivity. However, this can be abused...
Complete Guide to Protecting 7 Attack Vectors
The quicker a cyberattack is identified, the less it costs. Jon Clay, VP of Threat Intelligence, reviews 7 key initial...
F5 fixed 2 high-severity Remote Code Execution bugs in its products
Researchers at cybersecurity firm Rapid7 have identified several vulnerabilities and other potential security issues affecting F5 products. Rapid7 researchers discovered...
CISA: Cisco Releases Security Updates for Identity Services Engine
Cisco Releases Security Updates for Identity Services Engine Cisco has released security updates for vulnerabilities affecting Cisco Identity Services Engine...
Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs
North Korea-linked Lazarus APT is using a new version of the DTrack backdoor in attacks aimed at organizations in Europe...
Black Basta Ransomware Victim: IMA Financial Group, Inc[.]
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Black Basta Ransomware Victim: Kessing Rechtsanwälte und Fachanwälte in PartGmbB
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
BugCrowd Bug Bounty Disclosure: – Panel access at https://news-push-88.op-mobile.opera.com/. – By rahul0x01
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – Impersonation via Broken Link Hijacking on https://sv.hellosign.com – By CoffeeAddict_exe
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
HackerOne Bug Bounty Disclosure: rce-via-github-importbyyvvdwf
Programme HackerOne GitLab GitLab Submitted by yvvdwf yvvdwf Report RCE via github import Full Report A considerable amount of time...
HackerOne Bug Bounty Disclosure: ability-to-bypass-locked-cloudflare-warp-on-wifi-networks-byjoshatmotion
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by joshatmotion joshatmotion Report Ability to bypass locked Cloudflare...
HackerOne Bug Bounty Disclosure: xss:-`v-safe-html`-is-not-safe-enoughbyyvvdwf
Programme HackerOne GitLab GitLab Submitted by yvvdwf yvvdwf Report XSS: `v-safe-html` is not safe enough Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: new-/add_contacts-/remove_contacts-quick-commands-susseptible-to-xss-from-customer-contact-firstname/lastname-fieldsbycryptopone
Programme HackerOne GitLab GitLab Submitted by cryptopone cryptopone Report New /add_contacts /remove_contacts quick commands susseptible to XSS from Customer Contact...
