Cobalt Stike Beacon Detected – 91[.]213[.]50[.]35:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: January 2023
Cobalt Stike Beacon Detected – 52[.]18[.]131[.]129:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 60[.]249[.]20[.]183:9000
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Posh C2 Detected – 45[.]87[.]43[.]114:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Multiple ManageEngine products code execution | CVE-2022-47966
NAME__________Multiple ManageEngine products code executionPlatforms Affected:ManageEngine Access Manager Plus 4307 ManageEngine Active Directory 360 4309 ManageEngine ADAudit Plus 7080 ManageEngine...
Apache Superset cross-site request forgery | CVE-2022-43719
NAME__________Apache Superset cross-site request forgeryPlatforms Affected:Apache Superset 1.5.2 Apache Superset 2.0.0Risk Level:8.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apache Superset is vulnerable to cross-site request...
MAIF Izanami security bypass | CVE-2023-22495
NAME__________MAIF Izanami security bypassPlatforms Affected:MAIF Izanami 1.10.21Risk Level:9.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________MAIF Izanami could allow a remote attacker to bypass security restrictions,...
Gatsby cross-site scripting | CVE-2023-22491
NAME__________Gatsby cross-site scriptingPlatforms Affected:Gatsby Gatsby 5.25.0 Gatsby Gatsby 6.3.1Risk Level:8.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Gatsby is vulnerable to cross-site scripting, caused by improper...
Lead Management System SQL injection | CVE-2022-47859
NAME__________Lead Management System SQL injectionPlatforms Affected:SourceCodester Lead management system 1.0Risk Level:9.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Lead Management System is vulnerable to SQL injection....
RSSHub | CVE-2023-22493
NAME__________RSSHubPlatforms Affected:RSSHub RSSHubRisk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________RSSHub is vulnerable to server-side request forgery, caused by improper input validation. By sending a...
Cisco Small Business RV016, RV042, RV042G, and RV082 Routers security bypass | CVE-2023-20025
NAME__________Cisco Small Business RV016, RV042, RV042G, and RV082 Routers security bypassPlatforms Affected:Risk Level:9Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Cisco Small Business RV016, RV042, RV042G,...
Tor weak security | CVE-2023-23589
NAME__________Tor weak securityPlatforms Affected:Tor Project Tor 0.4.7Risk Level:9.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Tor could provide weaker than expected security, caused by a logic...
Royal Ransomware Victim: Autodelta
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Cobalt Stike Beacon Detected – 124[.]222[.]105[.]70:6789
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 20[.]253[.]66[.]206:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]99[.]62[.]199:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 38[.]47[.]100[.]176:8099
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 198[.]98[.]50[.]31:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]106[.]193[.]75:7777
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 3[.]114[.]28[.]125:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – bootkit – d2f9b86aded4ecd4b309d460d5ded850
Score: 10 MALWARE FAMILY: bootkitTAGS:bootkit, discovery, evasion, persistence, ransomware, trojanMD5: d2f9b86aded4ecd4b309d460d5ded850SHA1: 5d1d8f05d6bdc025f4edac3db52873779b8975a2ANALYSIS DATE: 2023-01-16T22:31:14ZTTPS: T1012, T1497, T1082, T1060, T1112, T1031,...
Malware Analysis – djvu – d53ebb314c2c89b7057c4449b8356314
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: d53ebb314c2c89b7057c4449b8356314SHA1: c7daac2a127bc9672ca5fca6bd0177838e7b561eANALYSIS DATE: 2023-01-16T22:28:06ZTTPS: T1130, T1112, T1012, T1005,...
Malware Analysis – djvu – 55602580c3b839262b5c51c02c784e33
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 55602580c3b839262b5c51c02c784e33SHA1: 1ca65ac61268be63416abe9034681f368fbf59eeANALYSIS DATE: 2023-01-16T23:11:51ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – djvu – f0ed4abc044e5d3d555b9a7a567c3f68
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, stealerMD5: f0ed4abc044e5d3d555b9a7a567c3f68SHA1: 6cfc80ce713f433b764189611195df7ed2fa3d77ANALYSIS DATE: 2023-01-16T22:05:53ZTTPS: T1222, T1082, T1130, T1112, T1060...
