Month: January 2023

Froxlor security bypass | CVE-2022-4868

January 4, 2023

NAME Froxlor security bypass Platforms Affected:Froxlor Froxlor 0.10.38.3Risk Level:8.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Froxlor could allow a remote authenticated attacker to bypass...

memos cross-site request forgery | CVE-2022-4848

January 4, 2023

NAME memos cross-site request forgery Platforms Affected:Risk Level:8.6Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION memos is vulnerable to cross-site request forgery, caused...

Qualcomm BIOS buffer overflow | CVE-2022-40516

January 4, 2023

NAME Qualcomm BIOS buffer overflow Platforms Affected:Qualcomm BIOSRisk Level:8.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Qualcomm BIOS is vulnerable to a stack-based buffer overflow,...

Qualcomm BIOS buffer overflow | CVE-2022-40520

January 4, 2023

Daily Vulnerability Trends: Wed Jan 04 2023

January 4, 2023

Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-41040Microsoft Exchange Server Elevation of Privilege Vulnerability.CVE-2022-29455DOM-based Reflected Cross-Site Scripting (XSS) vulnerability...

Malware Analysis – djvu – 4d50334081024a62178c18193ad7640a

January 4, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 4d50334081024a62178c18193ad7640aSHA1: 89f06b69f0acf9f1e625c5097b82b74c20030c8bANALYSIS DATE: 2023-01-04T03:04:12ZTTPS: T1005, T1081, T1012, T1082,...

Malware Analysis – smokeloader – a83bee74074204ce9dd5e9780187aa0f

January 4, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: a83bee74074204ce9dd5e9780187aa0fSHA1: f80dca4216a824bdaea42ea1ce115ac8f66c05dbANALYSIS DATE: 2023-01-04T03:11:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – ransomware – 4b95b42cac7a11602b26caa41574d764

January 4, 2023

Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 4b95b42cac7a11602b26caa41574d764SHA1: f64b7f29ecf8516d9d55bca8443f33d041b2b16aANALYSIS DATE: 2023-01-04T03:28:40ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...

Malware Analysis – evasion – cebed8210feb0d37479d62199049e0ba

January 4, 2023

Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: cebed8210feb0d37479d62199049e0baSHA1: eec586742f917b65c73d2f99c11dd65072c4f298ANALYSIS DATE: 2023-01-04T03:41:58ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – meow – 80637ef09441d910ae7bdda488eb9989

January 4, 2023

Score: 10 MALWARE FAMILY: meowTAGS:family:meow, ransomware, spyware, stealerMD5: 80637ef09441d910ae7bdda488eb9989SHA1: 638e3ca8c66e218a3bdc666d52c2a91a116b60d7ANALYSIS DATE: 2023-01-04T03:36:27ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – amadey – 03a2ae7e3d0fabcf4858e10a822d9a99

January 4, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojan,...

Malware Analysis – djvu – 2fd0cc05f8b64718dc4d894e14a0e8d1

January 4, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 2fd0cc05f8b64718dc4d894e14a0e8d1SHA1: c9fae77309397f25dfdb9bf3b3515494f061b8ecANALYSIS DATE: 2023-01-04T04:37:04ZTTPS: T1222, T1053, T1005, T1081,...

Malware Analysis – djvu – 943d8bacdfa116ec3a2e87fe7c8d8e63

January 4, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 943d8bacdfa116ec3a2e87fe7c8d8e63SHA1: 6fa3d75154f39ffed44291a9f1d6b12760cb5454ANALYSIS DATE: 2023-01-04T05:32:12ZTTPS: T1012, T1082, T1005, T1081,...

Malware Analysis – evasion – 0c5cbe64b5cc615c77b6d2676300495e

January 4, 2023

Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 0c5cbe64b5cc615c77b6d2676300495eSHA1: 58aef51084d93563d9b4081c1b51acdb7745e931ANALYSIS DATE: 2023-01-04T04:19:32ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – djvu – 54e06155a4b0a099b9fe1ddc9f209329

January 4, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 54e06155a4b0a099b9fe1ddc9f209329SHA1: 48b0ad39a74137e45a0d93cc5b339847b88d971cANALYSIS DATE: 2023-01-04T05:50:25ZTTPS: T1060, T1112, T1053, T1222,...

Month: January 2023

Froxlor security bypass | CVE-2022-4868

memos cross-site request forgery | CVE-2022-4848

Qualcomm BIOS buffer overflow | CVE-2022-40516

Qualcomm BIOS buffer overflow | CVE-2022-40520

Daily Vulnerability Trends: Wed Jan 04 2023

Malware Analysis – djvu – 4d50334081024a62178c18193ad7640a

Malware Analysis – smokeloader – a83bee74074204ce9dd5e9780187aa0f

Malware Analysis – ransomware – 4b95b42cac7a11602b26caa41574d764

Malware Analysis – evasion – cebed8210feb0d37479d62199049e0ba

Malware Analysis – meow – 80637ef09441d910ae7bdda488eb9989

Malware Analysis – amadey – 03a2ae7e3d0fabcf4858e10a822d9a99

Malware Analysis – djvu – 2fd0cc05f8b64718dc4d894e14a0e8d1

Malware Analysis – djvu – 943d8bacdfa116ec3a2e87fe7c8d8e63

Malware Analysis – evasion – 0c5cbe64b5cc615c77b6d2676300495e

Malware Analysis – djvu – 54e06155a4b0a099b9fe1ddc9f209329

Ransomware impacts over 200 govt, edu, healthcare orgs in 2022

Over 60,000 Exchange servers vulnerable to ProxyNotShell attacks

Synology fixes maximum severity vulnerability in VPN routers

BleepingComputer’s most popular cybersecurity stories of 2022

BitRAT malware campaign uses stolen bank data for phishing

Rail giant Wabtec discloses data breach after Lockbit ransomware attack

Royal ransomware claims attack on Queensland University of Technology

Ongoing Flipper Zero phishing attacks target infosec community

Poland warns of attacks by Russia-linked Ghostwriter hacking group

[QILIN] – Ransomware Victim: Zimmerman & Frachtman PA Law Firm

[QILIN] – Ransomware Victim: Calvert Home Mortgage Investment

[QILIN] – Ransomware Victim: LBCO Contracting LTD

Unveiling Blockchain Security: Safeguarding the Digital Ledger

A Fifth of UK Enterprises Uncertain About NIS2 Compliance Requirements

You may have missed