CISA: Abuse of the Service Location Protocol May Lead to DoS Attacks
Abuse of the Service Location Protocol May Lead to DoS Attacks The Service Location Protocol (SLP, RFC 2608(link is external))...
Month: April 2023
US-CERT Vulnerability Summary for the Week of April 17, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
PhoneSploit-Pro – An All-In-One Hacking Tool To Remotely Exploit Android Devices Using ADB And Metasploit-Framework To Get A Meterpreter Session
An all-in-one hacking tool written in Python to remotely exploit Android devices using ADB (Android Debug Bridge) and Metasploit-Framework. Complete...
Malware Analysis – amadey – bbf0b55abc4ca7fc1b9c4c466e0271e5
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:smokeloader, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:pub1, backdoor, discovery, evasion, persistence, ransomware, spyware, stealer, trojanMD5: bbf0b55abc4ca7fc1b9c4c466e0271e5SHA1:...
Malware Analysis – evasion – cfa24958fbf3252ae18c9ff59d740ba5
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: cfa24958fbf3252ae18c9ff59d740ba5SHA1: 3ad7265383ff3d43cdc5802b3339106f2e7aef6eANALYSIS DATE: 2023-04-27T15:17:02ZTTPS: T1070, T1031, T1562, T1489 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 5831b53317ba956aaf51e6b5d7e532ab
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, spyware, stealerMD5: 5831b53317ba956aaf51e6b5d7e532abSHA1: 457917dd86216bb1031b012eed3c21f0b38fbbb8ANALYSIS DATE: 2023-04-27T16:21:09ZTTPS: T1222, T1005, T1081, T1060,...
Malware Analysis – djvu – 95b67bb3125cc3cb0052df60027907af
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, spyware, stealerMD5: 95b67bb3125cc3cb0052df60027907afSHA1: 8fb0c5fc196fb70c0739cb289ea7e5a72536f650ANALYSIS DATE: 2023-04-27T15:24:49ZTTPS: T1005, T1081, T1060, T1112,...
Malware Analysis – – c2ef48c7322c941dc4699fd5fafbaed8
Score: 1 MALWARE FAMILY: TAGS:MD5: c2ef48c7322c941dc4699fd5fafbaed8SHA1: 44c9b1547258d672994c4297d8b17ed839d0954cANALYSIS DATE: 2023-04-27T16:53:22ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – amadey – 0d54474c200d1ecddc41c0a860ca8d88
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:smokeloader, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:pub1, backdoor, discovery, evasion, persistence, ransomware, spyware, stealer, trojanMD5: 0d54474c200d1ecddc41c0a860ca8d88SHA1:...
Malware Analysis – amadey – 036f9407ef3f17bca4e0e9f815abdbf5
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:smokeloader, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:pub1, backdoor, discovery, evasion, persistence, ransomware, spyware, stealer, trojanMD5: 036f9407ef3f17bca4e0e9f815abdbf5SHA1:...
Malware Analysis – amadey – 28cda8e2c5311765b5b4cbc1380e0cee
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:smokeloader, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:pub1, backdoor, discovery, evasion, persistence, ransomware, spyware, stealer, trojanMD5: 28cda8e2c5311765b5b4cbc1380e0ceeSHA1:...
Malware Analysis – djvu – e63a2e22193d1af2fe67db7362e1dc6e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, spyware, stealerMD5: e63a2e22193d1af2fe67db7362e1dc6eSHA1: 4a0043b3fb991ace6daf50d6ced0aad179335db0ANALYSIS DATE: 2023-04-27T17:41:35ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – ransomware – bb00788c9e1d68dc42525ba0c379eda4
Score: 5 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: bb00788c9e1d68dc42525ba0c379eda4SHA1: e0488c0968f9596e22dd7a9590be2b6d2fb390a6ANALYSIS DATE: 2023-04-27T17:57:59ZTTPS: T1082, T1112, T1491 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Daily Threat Intelligence – April 27 – 2023
The cyber adversaries abusing PaperCut flaws have been identified. Microsoft security team has reported that the recent attacks exploiting vulnerabilities...
CISA: CISA Releases One Industrial Control Systems Medical Advisory
CISA Releases One Industrial Control Systems Medical Advisory CISA released one Industrial Control Systems Medical (ICS) medical advisory on April...
HackerOne Bug Bounty Disclosure: [indy_node]pool_upgrade-command-injection,-trustee-node-can-execute-command-in-any-other-node`s-system-bykmhlyxj0
Programme HackerOne Hyperledger Hyperledger Submitted by kmhlyxj0 kmhlyxj0 Report POOL_UPGRADE command injection, Trustee Node can execute command in any other...
HackerOne Bug Bounty Disclosure: credential-leak-on-github:-https://github-com///-(peoplesoft-crm)bypentestor
Programme HackerOne 8x8 8x8 Submitted by pentestor pentestor Report Credential leak on GitHub: https://github.com/// (Peoplesoft CRM) Full Report A...
Google Gets Court Order to Take Down CryptBot That Infected Over 670,000 Computers
Google on Wednesday said it obtained a temporary court order in the U.S. to disrupt the distribution of a Windows-based...
Paperbug Attack: New Politically-Motivated Surveillance Campaign in Tajikistan
A little-known Russian-speaking cyber-espionage group has been linked to a new politically-motivated surveillance campaign targeting high-ranking government officials, telecom services,...
Black Basta Ransomware Victim: Gates Corporation
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Black Basta Ransomware Victim: mastercorp
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Black Basta Ransomware Victim: COACHCOMM
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Microsoft Confirms PaperCut Servers Used to Deliver LockBit and Cl0p Ransomware
Microsoft has confirmed that the active exploitation of PaperCut servers is linked to attacks that are designed to deliver Cl0p...
RTM Locker’s First Linux Ransomware Strain Targeting NAS and ESXi Hosts
The threat actors behind RTM Locker have developed a ransomware strain that's capable of targeting Linux machines, marking the group's...
