Cobalt Stike Beacon Detected – 104[.]208[.]73[.]11:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: January 2023
Cobalt Stike Beacon Detected – 100[.]26[.]163[.]51:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
LearnPress plugin for WordPress file inclusion | CVE-2022-47615
NAME__________LearnPress plugin for WordPress file inclusionPlatforms Affected:Risk Level:9.3Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION__________LearnPress plugin for WordPress could allow a remote attacker to include...
Lexmark products server-side request forgery | CVE-2023-23560
NAME__________Lexmark products server-side request forgeryPlatforms Affected:Risk Level:9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Lexmark products are vulnerable to server-side request forgery, caused by improper input...
Jenkins Script Security Plugin code execution | CVE-2023-24422
NAME__________Jenkins Script Security Plugin code executionPlatforms Affected:Jenkins Script Security Plugin 1228.vd93135a_2fb_25Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins Script Security Plugin could allow a...
Dasherr file upload | CVE-2023-23607
NAME__________Dasherr file uploadPlatforms Affected:Risk Level:9.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Dasherr could allow a remote attacker to upload arbitrary files, caused by...
Jenkins OpenId Connect Authentication Plugin security bypass | CVE-2023-24424
NAME__________Jenkins OpenId Connect Authentication Plugin security bypassPlatforms Affected:Jenkins OpenId Connect Authentication Plugin 2.4Risk Level:8.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Jenkins OpenId Connect Authentication Plugin...
Jenkins OpenID Plugin security bypass | CVE-2023-24444
NAME__________Jenkins OpenID Plugin security bypassPlatforms Affected:Jenkins OpenID Plugin 2.4Risk Level:8.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Jenkins OpenID Plugin could allow a remote attacker to...
Jenkins Azure AD Plugin security bypass | CVE-2023-24426
NAME__________Jenkins Azure AD Plugin security bypassPlatforms Affected:Jenkins Azure AD Plugin 303.va_91ef20ee49fRisk Level:8.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Jenkins Azure AD Plugin could allow a...
Jenkins Bitbucket OAuth Plugin security bypass | CVE-2023-24427
NAME__________Jenkins Bitbucket OAuth Plugin security bypassPlatforms Affected:Jenkins Bitbucket OAuth Plugin 0.12Risk Level:8.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Jenkins Bitbucket OAuth Plugin could allow a...
VMware vRealize Log Insight directory traversal | CVE-2022-31706
NAME__________VMware vRealize Log Insight directory traversalPlatforms Affected:VMware vRealize Log Insight 8.0.0 VMware Cloud Foundation 3.0 VMware Cloud Foundation 4.0 VMware...
Daily Vulnerability Trends: Thu Jan 26 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-42864A race condition was addressed with improved state handling. This issue is...
Play Ransomware Victim: ADMIRAL Sportwetten
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
BlackCat/ALPHV Ransomware Victim: IFPA
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: Crescent Crown Distributing
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: Somacis
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: Copper Mountain
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Malware Analysis – djvu – 9d1e9d088036afdacfb2f89ca29dd137
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 9d1e9d088036afdacfb2f89ca29dd137SHA1: 1743eb444c948dbdf2d58508a72851daee0b6d69ANALYSIS DATE: 2023-01-26T03:02:38ZTTPS:...
Malware Analysis – djvu – 5d45ed8d173bcc871ca7c828b09832f3
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 5d45ed8d173bcc871ca7c828b09832f3SHA1: 8281eace3216fd0416ac4a0cf86f9169e8120fb5ANALYSIS DATE: 2023-01-26T03:18:18ZTTPS:...
Malware Analysis – medusalocker – 646698572afbbf24f50ec5681feb2db7
Score: 10 MALWARE FAMILY: medusalockerTAGS:family:medusalocker, evasion, ransomware, spyware, stealer, trojanMD5: 646698572afbbf24f50ec5681feb2db7SHA1: 70530bc23bad38e6aee66cbb2c2f58a96a18fb79ANALYSIS DATE: 2023-01-26T05:33:48ZTTPS: T1082, T1112, T1012, T1120, T1107, T1490,...
Malware Analysis – discovery – c2cf2b9242a2dd7550a36f63467c30b2
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: c2cf2b9242a2dd7550a36f63467c30b2SHA1: 196236477150bd5ccd5fb17b0d01017d9eda47bcANALYSIS DATE: 2023-01-26T05:23:31ZTTPS: T1060, T1082, T1057, T1012 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – discovery – 39945d030f4f19876d81dd4f16ac8369
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 39945d030f4f19876d81dd4f16ac8369SHA1: e4ff8415a04dca259205298d27236092d360dbb3ANALYSIS DATE: 2023-01-26T04:16:30ZTTPS: T1060, T1012, T1120, T1082, T1102 ScoreMeaningExample10Known badA malware family...
Malware Analysis – – f26a8722a6deec5f530ebcfd2469087f
Score: 7 MALWARE FAMILY: TAGS:MD5: f26a8722a6deec5f530ebcfd2469087fSHA1: 7153ef673457d29166228f5977dff128722cf0d4ANALYSIS DATE: 2023-01-26T04:41:36ZTTPS: T1082, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – dharma – 8bacbf2e386dbc47af1f1390e1bdbbf7
Score: 10 MALWARE FAMILY: dharmaTAGS:family:dharma, persistence, ransomware, spyware, stealerMD5: 8bacbf2e386dbc47af1f1390e1bdbbf7SHA1: 1101a108e9ae5aa0a0b905dd3cbbbaa05b7dd41dANALYSIS DATE: 2023-01-26T05:33:52ZTTPS: T1107, T1490, T1005, T1081, T1082, T1112, T1060...
