Cobalt Stike Beacon Detected – 43[.]139[.]146[.]60:2222
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: January 2023
Malware Analysis – discovery – a7798f8706cb8c4c347da090eb320de9
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: a7798f8706cb8c4c347da090eb320de9SHA1: 66a8b77a2ab4a5b4598f84895559edb0e44873daANALYSIS DATE: 2023-01-11T20:49:11ZTTPS: T1112, T1042, T1012, T1082, T1060 ScoreMeaningExample10Known badA malware family...
Malware Analysis – djvu – 793032b03418e42783b294836132e84e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 793032b03418e42783b294836132e84eSHA1: a395aca39b0a1ce4b5af893f4014f1a96687f2bcANALYSIS DATE: 2023-01-11T22:44:58ZTTPS: T1053, T1005, T1081, T1060,...
Malware Analysis – evasion – 26b5b59d0c9ff7a575eced46612d8e25
Score: 5 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 26b5b59d0c9ff7a575eced46612d8e25SHA1: f28ecc9dda6c7c3848c2e20913b3bd39155004bdANALYSIS DATE: 2023-01-11T22:43:03ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – amadey – b4be08f67e4b5fed600bf5558b119168
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:aurora, family:dcrat, family:djvu, family:icedid, family:smokeloader, family:vidar, botnet:19, campaign:3131022508, backdoor, banker, discovery, infostealer, loader, persistence, ransomware,...
Malware Analysis – discovery – 1e262e85af7822f199da3f27c7f5d406
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 1e262e85af7822f199da3f27c7f5d406SHA1: 3b934e6d859308cc9af07a1b184ea90021ff7a36ANALYSIS DATE: 2023-01-11T23:05:24ZTTPS: T1112, T1012, T1082, T1060, T1042 ScoreMeaningExample10Known badA malware family...
US-CERT Bulletin (SB23-009):Vulnerability Summary for the Week of January 2, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
CISA: NCSC-UK Releases Guidance on Using MSP for Administering Cloud Services
NCSC-UK Releases Guidance on Using MSP for Administering Cloud Services The United Kingdom’s National Cyber Security Centre (NCSC-UK) has released...
BlackCat/ALPHV Ransomware Victim: TIME TECHNOPLAST LIMITED
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: Liebra Permana
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
HackerOne Bug Bounty Disclosure: security-issue-into-wallet-lock-protectionbybug_vs_me
Programme HackerOne Hiro Hiro Submitted by bug_vs_me bug_vs_me Report Security Issue into Wallet lock protection Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: take-over-subdomain-undici-nodejs-org-cdn-cloudflare-netbyalgisec1337
Programme HackerOne Node.js Node.js Submitted by algisec1337 algisec1337 Report Take over subdomain undici.nodejs.org.cdn.cloudflare.net Full Report A considerable amount of time...
HackerOne Bug Bounty Disclosure: csrf-vulnerability-in-nextcloud-desktop-client-3-6-1-on-windows-when-clicking-malicious-linkbylukasreschke
Programme HackerOne Nextcloud Nextcloud Submitted by lukasreschke lukasreschke Report CSRF vulnerability in Nextcloud Desktop Client 3.6.1 on Windows when clicking...
BugCrowd Bug Bounty Disclosure: – I found a text injection – By Orange_hacker
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
PowerHuntShares – Audit Script Designed In Inventory, Analyze, And Report Excessive Privileges Configured On Active Directory Domains
PowerHuntShares is design to automatically inventory, analyze, and report excessive privilege assigned to SMB shares on Active Directory domain joined...
LockBit 3.0 Ransomware Victim: circlevillecourt[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: datair[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – 116[.]204[.]211[.]163:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]132[.]122[.]84:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 87[.]251[.]67[.]166:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – lockbit – a8e0d56f8c67f1f7b6e592c12d87acab
Score: 10 MALWARE FAMILY: lockbitTAGS:family:lockbit, ransomwareMD5: a8e0d56f8c67f1f7b6e592c12d87acabSHA1: ed555f0162ea6ec5b8b8bada743cfc628d376274ANALYSIS DATE: 2023-01-11T09:07:12ZTTPS: T1491, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Cobalt Stike Beacon Detected – 129[.]152[.]2[.]128:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 173[.]82[.]196[.]58:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 157[.]245[.]102[.]164:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...