Cobalt Stike Beacon Detected – 5[.]181[.]86[.]248:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: November 2022
Cobalt Stike Beacon Detected – 124[.]71[.]145[.]63:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 194[.]165[.]16[.]91:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 5[.]44[.]42[.]46:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 623ec8b8c74e4e45a2380c41b5bb8045
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 623ec8b8c74e4e45a2380c41b5bb8045SHA1: 47e9d882222e753be4ffe638b500c9ae7f74a48dANALYSIS DATE: 2022-11-15T10:27:58ZTTPS: T1053, T1005, T1081, T1012,...
Malware Analysis – ransomware – 01492156ce8b4034c5b1027130f4cf4e
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 01492156ce8b4034c5b1027130f4cf4eSHA1: 6b0deb67a178fe20e81691133b257df3bafa3006ANALYSIS DATE: 2022-11-15T10:46:56ZTTPS: T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – amadey – 086e4feb401610ae41653bd6aa8027e6
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware,...
Malware Analysis – discovery – cff0e1b4af4ef5a2d4cb78ea5d403d58
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, exploitMD5: cff0e1b4af4ef5a2d4cb78ea5d403d58SHA1: 5224506ce265475452aeddf540f5f9b996f84bd6ANALYSIS DATE: 2022-11-15T10:22:20ZTTPS: T1031, T1562, T1489, T1053, T1082, T1130, T1112, T1102, T1222...
Malware Analysis – djvu – 8fc3fff3efe99267c5b2bfffff18d77c
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 8fc3fff3efe99267c5b2bfffff18d77cSHA1: c174206043042369386f0e44826b17ef23e761c7ANALYSIS DATE: 2022-11-15T11:07:33ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – smokeloader – 30f5717c7d19ac946764014ae49b8670
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 30f5717c7d19ac946764014ae49b8670SHA1: f6ec0fa83c48e36ad5457610d0219af07ab8076cANALYSIS DATE: 2022-11-15T11:22:07ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 397ae229dec0f1c462965b2d01109259
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 397ae229dec0f1c462965b2d01109259SHA1: db5c33388009d4e32a41493f0d9c457caecd376cANALYSIS DATE: 2022-11-15T11:21:03ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – amadey – 497e58c722c33d1b5a4674e70a3f67a2
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:@redlinevip cloud (tg: @fatherofcarders), botnet:boy, botnet:mario23_10, botnet:new1, botnet:rozena1114, backdoor, collection,...
Google to Pay a record $391M fine for misleading users about the collection of location data
Google is going to pay $391.5 million to settle with 40 states in the U.S. for secretly collecting personal location...
Intel Active Management Technology (AMT) SDK, Endpoint Management Assistant (EMA), and Manageability Commander privilege escalation | CVE-2022-26341
NAME Intel Active Management Technology (AMT) SDK, Endpoint Management Assistant (EMA), and Manageability Commander privilege escalation Platforms Affected:Risk Level:8.2Exploitability:UnprovenConsequences:Gain Privilege...
Train Scheduler App cross-site scripting | CVE-2022-43079
NAME Train Scheduler App cross-site scripting Platforms Affected:Risk Level:7.2Exploitability:HighConsequences:Data Manipulation DESCRIPTION Train Scheduler App is vulnerable to cross-site scripting, caused...
Previously undetected Earth Longzhi APT group is a subgroup of APT41
Trend Micro reported that the Earth Longzhi group, a previously undocumented subgroup of APT41, targets Ukraine and Asian Countries. Early this...
Avast details Worok espionage group’s compromise chain
Cyber espionage group Worok abuses Dropbox API to exfiltrate data via using a backdoor hidden in apparently innocuous image files. Researchers...
Daily Vulnerability Trends: Tue Nov 15 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-25370An incorrect implementation handling file descriptor in dpu driver prior to SMR...
Advanced threat predictions for 2023
It is fair to say that since last year’s predictions, the world has dramatically changed. While the geopolitical landscape has...
BugCrowd Bug Bounty Disclosure: – Panel access at https://news-push-88.op-mobile.opera.com/. – By rahul0x01
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Malware Analysis – djvu – bf29eecd8ccb668323d7f61ff026b109
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: bf29eecd8ccb668323d7f61ff026b109SHA1: a19a0edf8ba13b93c0a37c14e7a203a97cb94a2cANALYSIS DATE: 2022-11-15T04:49:33ZTTPS: T1005, T1081, T1012, T1060,...
Malware Analysis – amadey – 6b635d80897c987ca64e28cc9004a249
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, botnet:rozena1114, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer,...
Black Basta Ransomware Victim: Kessing Rechtsanwälte und Fachanwälte in PartGmbB
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Malware Analysis – azov – c85b63aa4526b91acc9ad26f2b142688
Score: 10 MALWARE FAMILY: azovTAGS:family:azov, persistence, ransomware, wiperMD5: c85b63aa4526b91acc9ad26f2b142688SHA1: 3adf5f527aa132e874b48a0309f1392f5730430dANALYSIS DATE: 2022-11-15T05:01:13ZTTPS: T1060, T1112, T1012, T1120, T1082 ScoreMeaningExample10Known badA malware...
