Git integer overflow | CVE-2022-23521
NAME__________Git integer overflowPlatforms Affected:Git Git 2.30.0 Git Git 2.36 Git Git 2.37 Git Git 2.38.0 GIt Git 2.39Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access...
Month: January 2023
phpMyFAQ cross-site scripting | CVE-2023-0309
NAME__________phpMyFAQ cross-site scriptingPlatforms Affected:Risk Level:8.6Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________phpMyFAQ is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A...
Royal Ransomware Victim: K Azarosian Costello
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Malware Analysis – discovery – f14153bbd95fc26d9ccea77c49cf09b9
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomware, spyware, stealer, trojanMD5: f14153bbd95fc26d9ccea77c49cf09b9SHA1: cb59f900711ea751c4322b4dab50fa2c0ee70b33ANALYSIS DATE: 2023-01-18T03:19:01ZTTPS: T1130, T1112, T1042, T1012, T1082,...
Malware Analysis – – ad3bc99ab03f6fcef0215c0eb185bf6f
Score: 1 MALWARE FAMILY: TAGS:MD5: ad3bc99ab03f6fcef0215c0eb185bf6fSHA1: 135d0497aa12587d1970ff2e6d2eb9bc401c898fANALYSIS DATE: 2023-01-18T03:15:33ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – discovery – 054e745aa82ab8cfa9839012b88be92e
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 054e745aa82ab8cfa9839012b88be92eSHA1: c559315cac54df311c1b8bc99f14bf37c3ddedb3ANALYSIS DATE: 2023-01-18T03:05:38ZTTPS: T1060, T1012, T1120, T1082, T1102, T1112, T1042 ScoreMeaningExample10Known badA...
Malware Analysis – upx – adfd72bcc56ad11b2736584c152e3cdc
Score: 9 MALWARE FAMILY: upxTAGS:upxMD5: adfd72bcc56ad11b2736584c152e3cdcSHA1: 7c2745c476490a68d6a8a3ee3207312c7d7c5ac4ANALYSIS DATE: 2023-01-18T04:09:08ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – 008d06f2da41aff875920ca2fc30dbeb
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 008d06f2da41aff875920ca2fc30dbebSHA1: 48a340ee73ea1f73ce0b5e107f92899fa31a81dfANALYSIS DATE: 2023-01-18T03:45:29ZTTPS: T1082, T1012, T1222, T1053,...
Malware Analysis – discovery – cc11aad00f58586019f729fc87ae0770
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomware, spyware, stealer, trojanMD5: cc11aad00f58586019f729fc87ae0770SHA1: 0ad616a4f634dc25f8d01496ebb4ce2c803036f2ANALYSIS DATE: 2023-01-18T03:44:20ZTTPS: T1082, T1012, T1120, T1112, T1042,...
Malware Analysis – djvu – 7759fcd2fb56a92edd795ce8816beec2
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 7759fcd2fb56a92edd795ce8816beec2SHA1: 485ab66daee6cc85c335f793f0e3817256529ea8ANALYSIS DATE: 2023-01-18T05:41:10ZTTPS: T1222, T1005, T1081, T1082,...
Royal Ransomware Victim: Livingston
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Researchers to release PoC exploit for critical ManageEngine RCE bug, patch now
Proof-of-concept exploit code will be released later this week for a critical vulnerability allowing remote code execution (RCE) without authentication...
MSI accidentally breaks Secure Boot for hundreds of motherboards
Over 290 MSI motherboards are reportedly affected by an insecure default UEFI Secure Boot setting settings that allows any operating...
Over 4,000 Sophos Firewall devices vulnerable to RCE attacks
Over 4,000 Sophos Firewall devices exposed to Internet access are vulnerable to attacks targeting a critical remote code execution (RCE)...
Nissan North America data breach caused by vendor-exposed database
Nissan North America has begun sending data breach notifications informing customers of a breach at a third-party service provider that...
Hackers can use GitHub Codespaces to host and deliver malware
Researchers have demonstrated how threat actors can abuse the GitHub Codespaces' port forwarding' feature to host and distribute malware and...
Git patches two critical remote code execution security flaws
Git has patched two critical severity security vulnerabilities that could allow attackers to execute arbitrary code after successfully exploiting heap-based...
Hackers turn to Google search ads to push info-stealing malware
Hackers are setting up fake websites for popular free and open-source software to promote malicious downloads through advertisements in Google...
IT Burnout may be Putting Your Organization at Risk
The heavy responsibility of securing organizations against cyber-attacks is overwhelming and weighs heavier on security professionals, recent data shows. In...
Cobalt Stike Beacon Detected – 179[.]43[.]156[.]148:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 91[.]240[.]118[.]212:82
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]221[.]169[.]111:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 66[.]165[.]243[.]44:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – ransomware – 0bfcb2a4ad4975ee352cf455ccbbb9a7
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 0bfcb2a4ad4975ee352cf455ccbbb9a7SHA1: 9333b2b05821edffe504039afa7e30245b93def2ANALYSIS DATE: 2023-01-17T22:17:13ZTTPS: T1082, T1005, T1081, T1491, T1112 ScoreMeaningExample10Known badA malware family...