CVE-2021-45647
Summary: Certain NETGEAR devices are affected by disclosure of sensitive information. This affects EAX80 before 1.0.1.62, EX7000 before 1.0.1.104, R6120...
Year: 2022
CVE-2021-32993
Summary: IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) contains hard-coded credentials, such as a password or a cryptographic...
CVE-2021-44161
Summary: Changing MOTP (Mobile One Time Password) system’s specific function parameter has insufficient validation for user input. A attacker in...
CVE-2021-44160
Summary: Carinal Tien Hospital Health Report System’s login page has improper authentication, a remote attacker can acquire another general user’s...
Cuba Ransomware Victim: Cle
Cuba Ransomware NOTE: The information on this page is automated and scraped directly from the Cuba Onion Dark Web Tor...
Cuba Ransomware Victim: Regulvar
Cuba Ransomware NOTE: The information on this page is automated and scraped directly from the Cuba Onion Dark Web Tor...
Cuba Ransomware Victim: Strongwell
Cuba Ransomware NOTE: The information on this page is automated and scraped directly from the Cuba Onion Dark Web Tor...
Cuba Ransomware Victim: Delinebox
Cuba Ransomware NOTE: The information on this page is automated and scraped directly from the Cuba Onion Dark Web Tor...
Indian-linked Patchwork APT infected its own system revealing its ops
The India-linked threat actor Patchwork infected one of their own computers with its RAT revealing its operations to researchers. An...
LockBit 2.0 Ransomware Victim: securiteassurance[.]com
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
LockBit 2.0 Ransomware Victim: torann-france[.]fr
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
A week in security (January 3 – 9)
Last week on Malwarebytes Labs: Ransomware attacks Finalsite, renders 8,000 school sites unreachable for daysPatchwork APT caught in its own...
LACheck – Multithreaded C# .NET Assembly Local Administrative Privilege Enumeration
Multithreaded C# .NET Assembly Local Administrative Privilege Enumeration Arguments domain controller to query (if not ran on a domain-joined host)...
Cobalt Stike Beacon Detected – 150[.]158[.]10[.]102:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]116[.]56[.]86:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 81[.]70[.]77[.]79:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 121[.]5[.]76[.]27:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 159[.]75[.]122[.]205:2052
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]76[.]196[.]185:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 18[.]212[.]22[.]50:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]119[.]130[.]119:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]150[.]5[.]76:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
New ZLoader malware campaign hit more than 2000 victims across 111 countries
A malware campaign spreads ZLoader malware by exploiting a Windows vulnerability that was fixed in 2013 but in 2014 Microsoft...
Cobalt Stike Beacon Detected – 69[.]172[.]75[.]132:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
