Eye4Fraud – 16,000,591 breached accounts
HIBP In February 2023, data alleged to have been taken from the fraud protection service Eye4Fraud was listed for sale...
Month: March 2023
How to prevent Microsoft OneNote files from infecting Windows with malware
The seemingly innocuous Microsoft OneNote file has become a popular file format used by hackers to spread malware and breach...
FTC to ban BetterHelp from sharing mental health data with advertisers
The Federal Trade Commission (FTC) has proposed to ban the online counseling service BetterHelp from sharing its customers’ sensitive mental...
Core DoppelPaymer ransomware gang members targeted in Europol operation
Europol has announced that law enforcement in Germany and Ukraine targeted two individuals believed to be core members of the...
Old Windows ‘Mock Folders’ UAC bypass used to drop malware
A new phishing campaign targets organizations in Eastern European countries with the Remcos RAT malware with aid from an old...
Securing cloud workloads with Wazuh – an open source, SIEM and XDR platform
Organizations rapidly adopt the cloud as they rely heavily on data and technology to drive their businesses. These organizations utilize...
Proof-of-Concept released for critical Microsoft Word RCE bug
A proof-of-concept for CVE-2023-21716, a critical vulnerability in Microsoft Word that allows remote code execution, has been published over the...
New malware infects business routers for data theft, surveillance
An ongoing hacking campaign called 'Hiatus' targets DrayTek Vigor router models 2960 and 3900 to steal data from victims and...
Sandbox blockchain game breached to send emails linking to malware
The Sandbox blockchain game is warnings its community that a security incident caused some users to receive fraudulent emails impersonating...
Cobalt Stike Beacon Detected – 119[.]29[.]187[.]225:8084
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 120[.]79[.]64[.]164:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – ransomware – fe10cd5cf0833d15d53c84b956561bdc
Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: fe10cd5cf0833d15d53c84b956561bdcSHA1: 74221c41dbf8a41bea500be933fec7daf834517fANALYSIS DATE: 2023-03-06T21:14:49ZTTPS: T1158, T1082, T1491, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Cobalt Stike Beacon Detected – 121[.]40[.]133[.]193:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 164[.]90[.]184[.]80:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]61[.]186[.]18:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – persistence – edc87da8654e966bee0e5c9b92ed67cb
Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, spyware, stealerMD5: edc87da8654e966bee0e5c9b92ed67cbSHA1: db99fc79a64873bef25998681392ac9be2c1c99cANALYSIS DATE: 2023-03-06T22:19:44ZTTPS: T1012, T1120, T1082, T1005, T1081, T1060, T1112 ScoreMeaningExample10Known...
Malware Analysis – djvu – 854439726bdbc1f245bc97da0cc21bac
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: 854439726bdbc1f245bc97da0cc21bacSHA1: e6d7aad11cbabb495852c24b7c856efd5636c0edANALYSIS DATE: 2023-03-06T23:30:47ZTTPS: T1053, T1060, T1112, T1222, T1082 ScoreMeaningExample10Known badA malware...
Malware Analysis – djvu – f6e0c1108047ed4e6afb828840ad9341
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: f6e0c1108047ed4e6afb828840ad9341SHA1: b46cc39f9c6cdc803ef24d840772e296b4d2edd5ANALYSIS DATE: 2023-03-06T22:58:11ZTTPS: T1222, T1060, T1112, T1082, T1012, T1053 ScoreMeaningExample10Known badA...
Malware Analysis – djvu – 35b17795f1f3dc06ca329522fd6ef9da
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: 35b17795f1f3dc06ca329522fd6ef9daSHA1: 0be3c5dddb404e85f448996b4c91b06c1253e796ANALYSIS DATE: 2023-03-06T21:41:04ZTTPS: T1130, T1112, T1222, T1060, T1082 ScoreMeaningExample10Known badA malware...
Cobalt Stike Beacon Detected – 185[.]112[.]151[.]108:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 163[.]123[.]142[.]213:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 119[.]3[.]176[.]226:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 106[.]14[.]144[.]30:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Experts Reveal Google Cloud Platform’s Blind Spot for Data Exfiltration Attacks
Malicious actors can take advantage of "insufficient" forensic visibility into Google Cloud Platform (GCP) to exfiltrate sensitive data, a new...
