Royal Ransomware Victim: Samuels and Son Seafood
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Month: January 2023
HackerOne Bug Bounty Disclosure: uninstalling-mattermost-launcher-for-windows-(64-bit),-then-reinstalling-keeps-you-logged-in-without-authenticationbyannonmous
Programme HackerOne Mattermost Mattermost Submitted by annonmous annonmous Report Uninstalling Mattermost Launcher for Windows (64-bit), then reinstalling keeps you logged...
Fuzzable – Framework For Automating Fuzzable Target Discovery With Static Analysis
Framework for Automating Fuzzable Target Discovery with Static Analysis. Introduction Vulnerability researchers conducting security assessments on software will often harness...
Cobalt Stike Beacon Detected – 54[.]91[.]42[.]123:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 84[.]32[.]128[.]43:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 79[.]137[.]202[.]45:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 82[.]157[.]148[.]189:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 110[.]40[.]204[.]180:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 173[.]208[.]226[.]186:31337
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 79[.]137[.]202[.]45:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 121[.]4[.]253[.]90:8003
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 161[.]35[.]232[.]68:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]172[.]97[.]151:8066
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – chaos – 664d942a2f98e3bf196dc627a1ee3ae9
Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, ransomwareMD5: 664d942a2f98e3bf196dc627a1ee3ae9SHA1: 925b0ef9d0e2f6ce159945138f97dda492fab4b8ANALYSIS DATE: 2023-01-14T08:58:12ZTTPS: T1064 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – djvu – ff660cfc3188548169fb503f22ec7333
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: ff660cfc3188548169fb503f22ec7333SHA1: a9f496bc96e2375a713a1664162b3556f62bd966ANALYSIS DATE: 2023-01-14T09:46:49ZTTPS: T1053, T1012, T1082, T1005,...
Malware Analysis – djvu – e30884dd5b5487ff1afab6301420abd2
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: e30884dd5b5487ff1afab6301420abd2SHA1: fbda6109e87f008034869c7405d0a839868690d7ANALYSIS DATE: 2023-01-14T09:18:42ZTTPS: T1060, T1112, T1222, T1053,...
Malware Analysis – djvu – 3a862f889fa5aa53e46a40692624a13f
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 3a862f889fa5aa53e46a40692624a13fSHA1: 8967ffdfe1b02094e376ae9aadec9339f1d9d92eANALYSIS DATE: 2023-01-14T11:21:49ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – discovery – 0ac22daa944ab6c3be7bbdbff316be63
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 0ac22daa944ab6c3be7bbdbff316be63SHA1: 42a248e33566687c80783751d4b01af0ee48af15ANALYSIS DATE: 2023-01-14T11:26:45ZTTPS: T1082, T1060, T1012 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Empire C2 Detected – 45[.]76[.]150[.]166:80
The Information provided at the time of posting was detected as "Empire C2". Depending on when you are viewing this...
AMD EPYC Processors code execution | CVE-2021-26396
NAME__________AMD EPYC Processors code executionPlatforms Affected:AMD 3rd Generation EPYCRisk Level:8.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________AMD EPYC Processors could allow a local attacker to...
NVIDIA DGX A100 Server buffer overflow | CVE-2022-42271
NAME__________NVIDIA DGX A100 Server buffer overflowPlatforms Affected:Risk Level:8.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NVIDIA DGX A100 Server is vulnerable to a buffer overflow, caused...
Microsoft Edge (Chromium-based) code execution | CVE-2023-21775
NAME__________Microsoft Edge (Chromium-based) code executionPlatforms Affected:Microsoft Edge (Chromium-based)Risk Level:8.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Microsoft Edge (Chromium-based) could allow a remote attacker to execute...
Microsoft Edge (Chromium-based) privilege escalation | CVE-2023-21796
NAME__________Microsoft Edge (Chromium-based) privilege escalationPlatforms Affected:Microsoft Edge (Chromium-based)Risk Level:8.3Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION__________Microsoft Edge (Chromium-based) could allow a remote attacker to gain...
NVIDIA DGX A100 Server buffer overflow | CVE-2022-42272
NAME__________NVIDIA DGX A100 Server buffer overflowPlatforms Affected:Risk Level:8.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NVIDIA DGX A100 Server is vulnerable to a buffer overflow, caused...
