CISA: VMware Releases Security Update for Aria Operations for Logs
VMware Releases Security Update for Aria Operations for Logs VMware has released a security update to address multiple vulnerabilities in...
Month: April 2023
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
CISA: Drupal Releases Security Advisory to Address Vulnerability in Drupal Core
Drupal Releases Security Advisory to Address Vulnerability in Drupal Core Drupal has released a security advisory to address an access...
Empire C2 Detected – 66[.]42[.]48[.]188:80
The Information provided at the time of posting was detected as "Empire C2". Depending on when you are viewing this...
US-CERT Vulnerability Summary for the Week of April 10, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Striker – A Command And Control (C2)
Striker is a simple Command and Control (C2) program. Disclaimer This project is under active development. Most of the features...
Royal Ransomware Victim: GKS Hydraulik
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
CISA: VMware Releases Security Update for Aria Operations for Logs
VMware Releases Security Update for Aria Operations for Logs VMware has released a security update to address multiple vulnerabilities in...
CISA: Drupal Releases Security Advisory to Address Vulnerability in Drupal Core
Drupal Releases Security Advisory to Address Vulnerability in Drupal Core Drupal has released a security advisory to address an access...
Malware Analysis – – ac5b83224a5aaafe540805a2555b62c2
Score: 1 MALWARE FAMILY: TAGS:MD5: ac5b83224a5aaafe540805a2555b62c2SHA1: adc510b4447f3ecfcd3406be1f79027c73ed0dfbANALYSIS DATE: 2023-04-08T19:50:01ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – 2507457dc74ba35692289735b816bc33
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:bf58e1879f88b222ba2391682babf9d8, discovery, persistence, ransomware, spyware, stealerMD5: 2507457dc74ba35692289735b816bc33SHA1: fee3651f12fedaf4cd149dbfdd5da55ac773280eANALYSIS DATE: 2023-04-21T15:50:27ZTTPS: T1060, T1112, T1005, T1081,...
Malware Analysis – djvu – a6d373430a8ca2e93109f8791508f2bc
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:bf58e1879f88b222ba2391682babf9d8, discovery, persistence, ransomware, spyware, stealerMD5: a6d373430a8ca2e93109f8791508f2bcSHA1: e9a58acd2626dd03d484fa23ed8a83410ff96672ANALYSIS DATE: 2023-04-21T15:40:23ZTTPS: T1082, T1012, T1005, T1081,...
Malware Analysis – smokeloader – d299c57057e47b1a81dd5c49bb822566
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: d299c57057e47b1a81dd5c49bb822566SHA1: 4369f3fccf494cec03cee057b86db29e6fcbef05ANALYSIS DATE: 2023-04-21T15:38:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – ransomware – 459085283ba0c03ae143d25791cc1880
Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 459085283ba0c03ae143d25791cc1880SHA1: 688f769f302d06443ae42a794f0d2d36be8c7886ANALYSIS DATE: 2023-04-21T17:43:04ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – amadey – ecf6c8be4adce2f2f2edd00b366a9087
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:raccoon, family:rhadamanthys, family:smokeloader, family:vidar, family:xmrig, botnet:bf58e1879f88b222ba2391682babf9d8, botnet:fc8427198f843d72c1aa8a66db1a98f3, botnet:pub1, backdoor, collection, discovery, evasion, miner,...
Malware Analysis – smokeloader – 11472d7a71e987834c71c1dfe9eea130
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 11472d7a71e987834c71c1dfe9eea130SHA1: 285c43fa2d98c92e9fd43dd979219ec49603341bANALYSIS DATE: 2023-04-21T17:21:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – amadey – a1a830ec32763ae045f543eba5b94059
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:raccoon, family:rhadamanthys, family:smokeloader, family:vidar, botnet:bf58e1879f88b222ba2391682babf9d8, botnet:fc8427198f843d72c1aa8a66db1a98f3, botnet:pub1, backdoor, discovery, evasion, persistence, ransomware, spyware,...
Daily Threat Intelligence – April 21 – 2023
‘EvilExtractor’ - the name gives it away that nothing noble can be associated with it, let alone an education tool....
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco has released security updates for vulnerabilities affecting Industrial Network Director (IND), Modeling...
CISA: Oracle Releases Security Updates
Oracle Releases Security Updates Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
CISA: CISA Releases Two SBOM Documents
CISA Releases Two SBOM Documents Today, CISA released two community-drafted documents around Software Bill of Materials (SBOM): Types of SBOM...
GhostToken Flaw Could Let Attackers Hide Malicious Apps in Google Cloud Platform
Cybersecurity researchers have disclosed details of a now-patched zero-day flaw in Google Cloud Platform (GCP) that could have enabled threat...
Kubernetes RBAC Exploited in Large-Scale Campaign for Cryptocurrency Mining
A large-scale attack campaign discovered in the wild has been exploiting Kubernetes (K8s) Role-Based Access Control (RBAC) to create backdoors...