US-CERT Vulnerability Summary for the Week of April 10, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Month: April 2023
Royal Ransomware Victim: Stanley Electric U[.]S[.]
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Royal Ransomware Victim: 5Design
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Daily Threat Intelligence – April 20 – 2023
Google scrambles to address another high-severity zero-day in Chrome web browser, coming hot on the heels of Google releasing a...
Malware Analysis – medusalocker – 0f025715a5cb507fc46a4df12cfa74d4
Score: 10 MALWARE FAMILY: medusalockerTAGS:family:medusalocker, ransomware, spyware, stealerMD5: 0f025715a5cb507fc46a4df12cfa74d4SHA1: f8b2c1eb3d8c77aa3dd57e5b86018d10c2f5c4fcANALYSIS DATE: 2023-04-20T15:22:55ZTTPS: T1005, T1081, T1012, T1082 ScoreMeaningExample10Known badA malware family...
Malware Analysis – ransomware – 87efacafafb9523be9b750bce4c1332a
Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 87efacafafb9523be9b750bce4c1332aSHA1: e6c47408e5e8b5dfd3bab7e56583b8f4bd4dc747ANALYSIS DATE: 2023-04-20T17:01:56ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – banker – b4cec5711d8bc5b1b9782c951b7a5eeb
Score: 8 MALWARE FAMILY: bankerTAGS:banker, evasion, ransomwareMD5: b4cec5711d8bc5b1b9782c951b7a5eebSHA1: f35c96d80e38bf3485f3b3f21c61825bb0d4630eANALYSIS DATE: 2023-04-20T17:35:39ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – smokeloader – 0b1c074daebb8f8e9895910d927585aa
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 0b1c074daebb8f8e9895910d927585aaSHA1: 53f470a57886dab6fd1fa5ac5fa02931a2fd9270ANALYSIS DATE: 2023-04-20T15:35:48ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – a4de03e4d5a12f369a7fd14c99b16f7f
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: a4de03e4d5a12f369a7fd14c99b16f7fSHA1: 82c21edfa238036f90176823f7a6c78ade7b2510ANALYSIS DATE: 2023-04-20T15:28:39ZTTPS: T1130, T1112, T1060, T1222, T1082, T1012 ScoreMeaningExample10Known badA...
CISA: CISA Releases Malware Analysis Report on ICONICSTEALER
CISA Releases Malware Analysis Report on ICONICSTEALER CISA has released a new Malware Analysis Report (MAR) on an infostealer known...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on April 20, 2023. These...
HackerOne Bug Bounty Disclosure: cve-2018-6389-exploitation—using-scripts-loaderbysalokin
Programme HackerOne Fastly VDP Fastly VDP Submitted by salokin salokin Report CVE-2018-6389 exploitation - using scripts loader Full Report ...
HackerOne Bug Bounty Disclosure: reentrancy-attack-in-eth-monero-atomic-swapbyfarinavito123
Programme HackerOne Monero Monero Submitted by farinavito123 farinavito123 Report Reentrancy attack in eth-monero atomic swap Full Report A considerable...
Beyond Traditional Security: NDR’s Pivotal Role in Safeguarding OT Networks
Why is Visibility into OT Environments Crucial?# The significance of Operational Technology (OT) for businesses is undeniable as the OT...
Two Critical Flaws Found in Alibaba Cloud’s PostgreSQL Databases
A chain of two critical flaws has been disclosed in Alibaba Cloud's ApsaraDB RDS for PostgreSQL and AnalyticDB for PostgreSQL...
Lazarus Group Adds Linux Malware to Arsenal in Operation Dream Job
The notorious North Korea-aligned state-sponsored actor known as the Lazarus Group has been attributed to a new campaign aimed at...
UDPX – Fast A nd Lightweight, UDPX Is A Single-Packet UDP Scanner Written In Go That Supports The Discovery Of Over 45 Services With The Ability To Add Custom Ones
Fast and lightweight, UDPX is a single-packet UDP scanner written in Go that supports the discovery of over 45 services...
ChatGPT’s Data Protection Blind Spots and How Security Teams Can Solve Them
In the short time since their inception, ChatGPT and other generative AI platforms have rightfully gained the reputation of ultimate...
Fortra Sheds Light on GoAnywhere MFT Zero-Day Exploit Used in Ransomware Attacks
Fortra, the company behind Cobalt Strike, shed light on a zero-day remote code execution (RCE) vulnerability in its GoAnywhere MFT...
NSO Group Used 3 Zero-Click iPhone Exploits Against Human Rights Defenders
Israeli spyware maker NSO Group deployed at least three novel "zero-click" exploits against iPhones in 2022 to infiltrate defenses erected...
Daggerfly Cyberattack Campaign Hits African Telecom Services Providers
Telecommunication services providers in Africa are the target of a new campaign orchestrated by a China-linked threat actor at least...
LockBit 3.0 Ransomware Victim: intuview[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: crossinggroup[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Control iD RHiD SQL injecition | CVE-2023-2043
NAME__________Control iD RHiD SQL injecitionPlatforms Affected:Risk Level:6.5Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Control iD RHiD is vulnerable to SQL injection. A remote attacker could...
