Cobalt Stike Beacon Detected – 109[.]206[.]241[.]181:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Year: 2022
Cobalt Stike Beacon Detected – 185[.]244[.]36[.]183:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 16[.]16[.]39[.]1:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 39[.]99[.]45[.]71:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – wannacry – 6e43a41bb24edf2153da4992518e7d79
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: 6e43a41bb24edf2153da4992518e7d79SHA1: 63d4e025ca00e8eb014bc28ed227c38ec0648d14ANALYSIS DATE: 2022-11-03T10:40:33ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – djvu – 6991740950de9d500929f8464e74ba67
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 6991740950de9d500929f8464e74ba67SHA1: 455a42f2f5501641b91cecfc4af109728af57687ANALYSIS DATE: 2022-11-03T10:41:59ZTTPS: T1005, T1081, T1060, T1112, T1222, T1082,...
Malware Analysis – djvu – 6f9bdd58f6e5339a90ae7c38a963ce4c
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 6f9bdd58f6e5339a90ae7c38a963ce4cSHA1: 199064011605cd86388f66865404a7da4d384fa7ANALYSIS DATE: 2022-11-03T10:50:46ZTTPS: T1012, T1082, T1005, T1081, T1222, T1060,...
Malware Analysis – djvu – abb5ecb983c58da88b294807dc776032
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: abb5ecb983c58da88b294807dc776032SHA1: 7c1cfbf0a70f1c7afaea82af0fbfd348499b1f77ANALYSIS DATE: 2022-11-03T11:00:25ZTTPS: T1082, T1053, T1005, T1081, T1012, T1060,...
Malware Analysis – ransomware – f654dfdd05afc48f88ef3ca64e7e69d1
Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: f654dfdd05afc48f88ef3ca64e7e69d1SHA1: 837f2da6127d415c5b063bb5e73c62aadee6b813ANALYSIS DATE: 2022-11-03T11:25:13ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – 4bb5c0ed18f4b7ae33ba272eae17abf2
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:google2, botnet:slovarik1btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: 4bb5c0ed18f4b7ae33ba272eae17abf2SHA1: e0e02b31d3ad2e965d223ebe3451bd9c9e0385faANALYSIS...
Malware Analysis – ransomware – db2c67c513d5bd1edde683e770c77790
Score: 5 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: db2c67c513d5bd1edde683e770c77790SHA1: c7a84b667aacd4b220bacb160c2e990f6bced4baANALYSIS DATE: 2022-11-03T11:38:37ZTTPS: T1491, T1112, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – djvu – e043f277d99b653243078d318e063b46
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:slovarik1btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: e043f277d99b653243078d318e063b46SHA1: baad7c939debbfd879c7c0f62f496ec6dddedd37ANALYSIS DATE:...
Updated TikTok Privacy Policy confirms that Chinese staff can access European users’ data
TikTok updated its privacy policy for European Economic Area (“EEA”) and confirmed that its Chinese staff can access their users’ data....
Fortinet FortiADC cross-site scripting | CVE-2022-35851
NAME Fortinet FortiADC cross-site scripting Platforms Affected:Fortinet FortiADC 7.1.0Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Fortinet FortiADC is vulnerable to cross-site scripting, caused...
Fortinet FortiAnalyzer and Fortinet FortiManager cross-site scripting | CVE-2022-39950
NAME Fortinet FortiAnalyzer and Fortinet FortiManager cross-site scripting Platforms Affected:Risk Level:8Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION Fortinet FortiAnalyzer and Fortinet FortiManager are vulnerable...
IP-COM EW9 command execution | CVE-2022-43367
NAME IP-COM EW9 command execution Platforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION IP-COM EW9 could allow a remote attacker to execute arbitrary...
XenSource Xen Xenstore privilege escalation | CVE-2022-42320
NAME XenSource Xen Xenstore privilege escalation Platforms Affected:XenSource XenRisk Level:8.4Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION XenSource Xen could allow a local attacker to...
Sanitization Management System SQL injection | CVE-2022-43355
NAME Sanitization Management System SQL injection Platforms Affected:Risk Level:7.2Exploitability:HighConsequences:Data Manipulation DESCRIPTION Sanitization Management System is vulnerable to SQL injection. A...
Fortinet FortiADC cross-site scripting | CVE-2022-38374
NAME Fortinet FortiADC cross-site scripting Platforms Affected:Fortinet FortiADC 6.2.0 Fortinet FortiADC 7.0.2 Fortinet FortiADC 7.0.0 Fortinet FortiADC 6.2.4Risk Level:8.8Exploitability:HighConsequences:Cross-Site Scripting...
Fortinet fixed 16 vulnerabilities, 6 rated as high severity
Fortinet addressed 16 vulnerabilities in some of the company’s products, six flaws received a ‘high’ severity rate. One of the...
Daily Vulnerability Trends: Thu Nov 03 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-22241An Improper Input Validation vulnerability in the J-Web component of Juniper Networks...
Server-side attacks, C&C in public clouds and other MDR cases we observed
Introduction This report describes several interesting incidents observed by the Kaspersky Managed Detection and Response (MDR) team. The goal of the...
Malware Analysis – wannacry – 58088f35c31731e82afdc9157e1418c8
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: 58088f35c31731e82afdc9157e1418c8SHA1: fc6fc4739db9e837618ec5d5047cc1a8d5d4a57eANALYSIS DATE: 2022-11-03T03:00:25ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – djvu – bd8f00d5443c21442f9e9ee7dc656504
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:mario23_10, botnet:slovarik1btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: bd8f00d5443c21442f9e9ee7dc656504SHA1: 87335c5e32b8a6609e5e53e50ee47c2167f21f37ANALYSIS...
