Cobalt Stike Beacon Detected – 123[.]57[.]131[.]96:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Year: 2022
Cobalt Stike Beacon Detected – 120[.]26[.]240[.]21:55443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 8[.]134[.]56[.]231:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 179[.]60[.]150[.]99:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 198[.]98[.]55[.]58:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 119[.]3[.]194[.]221:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 139[.]196[.]234[.]164:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Diving into an Old Exploit Chain and Discovering 3 new SIP-Bypass Vulnerabilities
More than two years ago, a researcher, A2nkF demonstrated the exploit chain from root privilege escalation to SIP-Bypass up to...
Raspberry Robin Malware Targets Telecom, Governments
We found samples of the Raspberry Robin malware spreading in telecommunications and government office systems beginning September. The main payload...
Web3 IPFS Only Used for Phishing – So Far
We discuss the use of the InterPlanetary File System (IPFS) in phishing attacks. If you like the site, please consider...
Daily Vulnerability Trends: Tue Dec 20 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-45141 No description provided CVE-2022-37966Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability.CVE-2022-46908SQLite through...
US-CERT Bulletin (SB22-353):Vulnerability Summary for the Week of December 12, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Microsoft announced that a botnet dubbed MCCrash is launching distributed denial-of-service (DDoS) attacks against private Minecraft servers.
Microsoft announced that a botnet dubbed MCCrash is launching distributed denial-of-service (DDoS) attacks against private Minecraft servers. Microsoft spotted a...
Cuba Ransomware Victim: Sae-a
Cuba Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
HackerOne Bug Bounty Disclosure: missing-length-validation-of-user-displayname-allows-to-generate-an-sql-errorbyerrorx404
Programme HackerOne Nextcloud Nextcloud Submitted by errorx404 errorx404 Report Missing length validation of user displayname allows to generate an SQL...
Malware Analysis – djvu – daf392649efbbfda72d564e792a21679
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: daf392649efbbfda72d564e792a21679SHA1: a8e8d94c5887ef837c812a51e528d3244493d98cANALYSIS DATE: 2022-12-20T16:49:37ZTTPS: T1222, T1082, T1005, T1081, T1012, T1060,...
Malware Analysis – djvu – 98f766d73ebce6d6f50e096bf91de915
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 98f766d73ebce6d6f50e096bf91de915SHA1: 66995579b886ad37ca5b6a60251f40c756177dcaANALYSIS DATE: 2022-12-20T16:15:06ZTTPS: T1060, T1112, T1082, T1053, T1012, T1222,...
Malware Analysis – play – 57bcb8cfad510109f7ddedf045e86a70
Score: 10 MALWARE FAMILY: playTAGS:family:play, ransomware, spyware, stealerMD5: 57bcb8cfad510109f7ddedf045e86a70SHA1: e6c381859f53d0c0db9fcd30fa601ecb935b93e0ANALYSIS DATE: 2022-12-20T15:47:27ZTTPS: T1005, T1081, T1012, T1120, T1082 ScoreMeaningExample10Known badA malware...
Malware Analysis – makop – 6a956731b3677dd9d4d18641d40532ab
Score: 10 MALWARE FAMILY: makopTAGS:family:makop, ransomware, spyware, stealerMD5: 6a956731b3677dd9d4d18641d40532abSHA1: 1994ee0b381c5528d5b5c01fb97a14b5ff81e5a5ANALYSIS DATE: 2022-12-20T17:44:04ZTTPS: T1059, T1107, T1490, T1005, T1081 ScoreMeaningExample10Known badA malware...
Microsoft shares details for a Gatekeeper Bypass bug in Apple macOS
Microsoft disclosed technical details of a vulnerability in Apple macOS that could be exploited by an attacker to bypass Gatekeeper....
Royal Ransomware Victim: MARK-TAYLOR
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
HTTPLoot – An Automated Tool Which Can Simultaneously Crawl, Fill Forms, Trigger Error/Debug Pages And “Loot” Secrets Out Of The Client-Facing Code Of Sites
An automated tool which can simultaneously crawl, fill forms, trigger error/debug pages and "loot" secrets out of the client-facing code...
Telling users to ‘avoid clicking bad links’ still isn’t working
Telling users to ‘avoid clicking bad links’ still isn’t working Let's start with a basic premise: several of the established...
Cobalt Stike Beacon Detected – 31[.]42[.]177[.]165:8008
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
