US-CERT Vulnerability Summary for the Week of April 17, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Month: April 2023
Malware Analysis – ransomware – f221915cf579c55a805c1a109d079bba
Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomware, upxMD5: f221915cf579c55a805c1a109d079bbaSHA1: 62e631a90d1ad721aa67e1328fb00e446f0be69eANALYSIS DATE: 2023-04-30T15:54:04ZTTPS: T1491, T1112, T1012, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – e1c8709a50dea0c5375707bc0f35704f
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, spyware, stealerMD5: e1c8709a50dea0c5375707bc0f35704fSHA1: 8fcc189ac74ec1062c5fded765d14bbac321e42fANALYSIS DATE: 2023-04-30T16:13:45ZTTPS: T1222, T1053, T1012, T1005,...
Malware Analysis – ransomware – ba619bc7920ba0650482c133ccea5c5c
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: ba619bc7920ba0650482c133ccea5c5cSHA1: cd8fb4ccba1004f8590d0a3560ce55269a5622c1ANALYSIS DATE: 2023-04-30T16:09:52ZTTPS: T1082, T1012, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – amadey – edf83adc1b164b2f076bf78ca19524f7
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:icedid, family:smokeloader, family:vidar, family:xmrig, botnet:1616034f091df9fd0229bc38dd17597f, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:pub1, botnet:sprg, campaign:252847557, backdoor, banker, discovery, evasion, loader,...
Malware Analysis – amadey – 544ca3fb991856aada9cc5d7b83cfdba
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:icedid, family:smokeloader, family:vidar, botnet:1616034f091df9fd0229bc38dd17597f, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:pub1, botnet:sprg, campaign:252847557, backdoor, banker, discovery, evasion, loader, persistence,...
Malware Analysis – amadey – 9d54aae2994dec26029909916dfc208a
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:1616034f091df9fd0229bc38dd17597f, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:pub1, botnet:sprg, backdoor, discovery, evasion, persistence, ransomware, spyware, stealer, trojanMD5:...
Malware Analysis – djvu – e7ea90686ee11d235596640d76e18c31
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, spyware, stealerMD5: e7ea90686ee11d235596640d76e18c31SHA1: f7626cce1a1983522fc95b3737842e10c067439cANALYSIS DATE: 2023-04-30T16:47:34ZTTPS: T1222, T1082, T1012, T1005,...
Black Basta Ransomware Victim: Colvillbanks
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: ourrelentlesschurch[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
IBM Java information disclosure | CVE-2023-30441
NAME__________IBM Java information disclosurePlatforms Affected:IBM WebSphere Application Server 8.5 IBM WebSphere Application Server 9.0 IBM InfoSphere Information Server 11.7 IBM...
Service Location Protocol (SLP, RFC 2608) denial of service | CVE-2023-29552
NAME__________Service Location Protocol (SLP, RFC 2608) denial of servicePlatforms Affected:Risk Level:6.8Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Service Location Protocol (SLP, RFC 2608) is...
IBM DB2 for Linux, UNIX and Windows denial of service | CVE-2023-29255
NAME__________IBM DB2 for Linux, UNIX and Windows denial of servicePlatforms Affected:IBM DB2 for Linux UNIX and Windows 10.5 IBM DB2...
Daily Vulnerability Trends: Sun Apr 30 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-21707Microsoft Exchange Server Remote Code Execution VulnerabilityCVE-2019-5736runc through 1.0-rc6, as used in...
Karakurt Ransomware Victim: Our Sunday Visitor
KARAKURT RANSOMWARE NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Hackers target vulnerable Veeam backup servers exposed online
Veeam backup servers are being targeted by at least one group of threat actors known to work with multiple high-profile...
CISA: Drupal Releases Security Advisory to Address Vulnerability in Drupal Core
Drupal Releases Security Advisory to Address Vulnerability in Drupal Core Drupal has released a security advisory to address an access...
CISA: CISA Releases Two SBOM Documents
CISA Releases Two SBOM Documents Today, CISA released two community-drafted documents around Software Bill of Materials (SBOM): Types of SBOM...
CISA: VMware Releases Security Update for Aria Operations for Logs
VMware Releases Security Update for Aria Operations for Logs VMware has released a security update to address multiple vulnerabilities in...
CISA: Oracle Releases Security Updates
Oracle Releases Security Updates Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for...
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco has released security updates for vulnerabilities affecting Industrial Network Director (IND), Modeling...
CISA: CISA Requests for Comment on Secure Software Self-Attestation Form
CISA Requests for Comment on Secure Software Self-Attestation Form CISA has issued requests for comment on the Secure Software Self-Attestation...
CISA: CISA Releases One Industrial Control Systems Medical Advisory
CISA Releases One Industrial Control Systems Medical Advisory CISA released one Industrial Control Systems Medical (ICS) medical advisory on April...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on April 25, 2023. These...
