BugCrowd Bug Bounty Disclosure: – Authorized drivers can disable remote monitoring – By KLWTTS
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Year: 2022
Cobalt Stike Beacon Detected – 91[.]240[.]118[.]209:1025
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]227[.]194[.]86:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 85[.]239[.]53[.]101:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 154[.]83[.]17[.]116:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 114[.]132[.]241[.]133:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 121[.]5[.]235[.]93:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]220[.]189[.]243:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 39[.]98[.]50[.]48:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 75de9a4c6e90b43030277ac594c11116
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 75de9a4c6e90b43030277ac594c11116SHA1: 1e30177739c0ab9435466b5d7bc6baadf2e9afa6ANALYSIS DATE: 2022-12-14T20:58:02ZTTPS: T1012, T1005, T1081, T1082, T1053, T1060,...
Malware Analysis – djvu – abdecf396125ed6985112d0b9bc94d2d
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: abdecf396125ed6985112d0b9bc94d2dSHA1: 3eec4c4a8b4b53d4cfe33d394b3d7da5a77fd480ANALYSIS DATE: 2022-12-14T21:46:26ZTTPS: T1053, T1005, T1081, T1012, T1060, T1112,...
Malware Analysis – evasion – 20e59b94354e289a6dda5f3ba89ab17d
Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 20e59b94354e289a6dda5f3ba89ab17dSHA1: ed698b7eb0a1b3cccad034e25a4b9f80fd48b01dANALYSIS DATE: 2022-12-14T21:49:03ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – discovery – 95adff91ef879eca350a62a211fbfb14
Score: 9 MALWARE FAMILY: discoveryTAGS:discovery, evasion, ransomware, upxMD5: 95adff91ef879eca350a62a211fbfb14SHA1: 6bd55fb6bb7e53dc84c514e947ea90e8569e659eANALYSIS DATE: 2022-12-14T22:03:51ZTTPS: T1046, T1158, T1082, T1031, T1562, T1489, T1059, T1112,...
Malware Analysis – djvu – a45ffa4541676303cabc41bb6a1b9cd4
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: a45ffa4541676303cabc41bb6a1b9cd4SHA1: 955427c88ab6ad3c635ad3817d51d4573216d48cANALYSIS DATE: 2022-12-14T23:52:18ZTTPS: T1082, T1012, T1053, T1005, T1081, T1060,...
Malware Analysis – discovery – 31e89ff32e089adc145fb98eff101e46
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomwareMD5: 31e89ff32e089adc145fb98eff101e46SHA1: 004fd8461ed5f925749efbcc7150478f13d4f420ANALYSIS DATE: 2022-12-14T21:50:41ZTTPS: T1112, T1070, T1031, T1222, T1107, T1490, T1562, T1489,...
Malware Analysis – xmrig – 53540062e2853766764ac60dbaa4baab
Score: 10 MALWARE FAMILY: xmrigTAGS:family:xmrig, discovery, evasion, exploit, miner, trojanMD5: 53540062e2853766764ac60dbaa4baabSHA1: 2996181c5ac1ba583516c7fac5dd22e6e87cd857ANALYSIS DATE: 2022-12-14T21:57:38ZTTPS: T1112, T1082, T1031, T1057, T1089, T1222...
Probing Weaponized Chat Applications Abused in Supply-Chain Attacks
This report examines the infection chain and the pieces of malware used by malicious actors in supply-chain attacks that leveraged...
GoTrim botnet actively brute forces WordPress and OpenCart sites
Researchers discovered a new Go-based botnet, dubbed GoTrim, attempting to brute force WordPress websites. Fortinet FortiGuard Labs researchers spotted a...
December 2022 Patch Tuesday fixed 2 zero-day flaws
Microsoft released December 2022 Patch Tuesday security updates that fix 52 vulnerabilities across its products. Microsoft December 2022 Patch Tuesday security updates...
HackerOne Bug Bounty Disclosure: electron-cve-2022-35954-delimiter-injection-vulnerability-in-exportvariablebytheinternetofdefcon_
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by theinternetofdefcon_ theinternetofdefcon_ Report Electron CVE-2022-35954 Delimiter Injection Vulnerability in exportVariable...
Apple fixed the tenth actively exploited zero-day this year
Apple rolled out security updates to iOS, iPadOS, macOS, tvOS, and Safari to fix a new actively exploited zero-day (CVE-2022-42856)....
FarsightAD – PowerShell Script That Aim To Help Uncovering (Eventual) Persistence Mechanisms Deployed By A Threat Actor Following An Active Directory Domain Compromise
FarsightAD is a PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an...
Cobalt Stike Beacon Detected – 104[.]244[.]77[.]185:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 31[.]172[.]83[.]154:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
