Daily Vulnerability Trends: Thu Feb 23 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-21839Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component:...
Month: February 2023
Cobalt Stike Beacon Detected – 45[.]227[.]255[.]223:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 54[.]152[.]152[.]67:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – d59846fef2700c7e393a1bde832f3fff
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, backdoor, discovery, evasion, persistence, ransomware, stealer, trojan, vmprotectMD5: d59846fef2700c7e393a1bde832f3fffSHA1: dac2d5ee6f98dedb67993e4175f0034096ddd055ANALYSIS DATE: 2023-02-22T22:00:24ZTTPS: T1060,...
Malware Analysis – fantom – 7d80230df68ccba871815d68f016c282
Score: 10 MALWARE FAMILY: fantomTAGS:family:fantom, evasion, ransomwareMD5: 7d80230df68ccba871815d68f016c282SHA1: e10874c6108a26ceedfc84f50881824462b5b6b6ANALYSIS DATE: 2023-02-22T21:35:23ZTTPS: T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Cobalt Stike Beacon Detected – 43[.]206[.]245[.]250:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 121[.]4[.]211[.]243:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 167[.]179[.]93[.]21:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 64[.]176[.]2[.]167:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 5188ebfc21007691e2eb5ee66bac41b7
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 5188ebfc21007691e2eb5ee66bac41b7SHA1: cff08763330ab8893871ba1d1fe20151fe5a5cfdANALYSIS DATE: 2023-02-22T22:31:59ZTTPS: T1005, T1081, T1222, T1053, T1012,...
Malware Analysis – blackcat – 0dc67d37e95c8914099e8d7d41d1f893
Score: 10 MALWARE FAMILY: blackcatTAGS:family:blackcat, ransomwareMD5: 0dc67d37e95c8914099e8d7d41d1f893SHA1: 05cee6b9f37594e4c34ad396d877d75231e671e2ANALYSIS DATE: 2023-02-22T22:16:40ZTTPS: T1012, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – djvu – 408ae0e0e69262cb228537ed1201e910
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 408ae0e0e69262cb228537ed1201e910SHA1: 45e1725e3cd7b607c3e4a9eae82c4fb273a4cea5ANALYSIS DATE: 2023-02-22T23:51:43ZTTPS: T1222, T1053, T1012, T1082, T1005,...
Malware Analysis – djvu – b6d0e016bb0ecb0221b4ca9a488f6f3f
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: b6d0e016bb0ecb0221b4ca9a488f6f3fSHA1: d5d110899e221d26203052f17e79016bedfde226ANALYSIS DATE: 2023-02-22T22:22:29ZTTPS: T1082, T1012, T1053, T1005, T1081,...
LockBit 3.0 Ransomware Victim: ziapueblo[.]org
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: kboattorneys[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
BlackCat/ALPHV Ransomware Victim: Markas
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: La Filipina
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: FUTURE BUILDINGS WAS HACKED[.] MORE THAN 150GB SENSETIVE DATA LEAKED
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: Summit Brands
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: EncinoEnergy
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: City of Lakewood
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
HackerOne Bug Bounty Disclosure: crlf-injection-in-nodejs-undici-via-hostbytimon8
Programme HackerOne Node.js Node.js Submitted by timon8 timon8 Report CRLF Injection in Nodejs undici via host Full Report A considerable...
HackerOne Bug Bounty Disclosure: sql-injection-+-insecure-deserialization-leads-to-remote-code-execution-on-https://krisp-aibymikemyers
Programme HackerOne Krisp Krisp Submitted by mikemyers mikemyers Report SQL Injection + Insecure Deserialization leads to Remote Code Execution on...
Malware Analysis – djvu – 77df036ecc85c3fc827a597835bb154f
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:pseudomanuscrypt, family:smokeloader, family:vidar, backdoor, discovery, evasion, loader, persistence, ransomware, stealer, trojan, vmprotectMD5: 77df036ecc85c3fc827a597835bb154fSHA1: 59b5795d86c5484928642e46aeb7c53a8bfbc2edANALYSIS DATE:...
