Cobalt Stike Beacon Detected – 1[.]14[.]184[.]10:8088
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: May 2023
Cobalt Stike Beacon Detected – 124[.]223[.]189[.]175:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 110[.]40[.]156[.]244:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 120[.]55[.]100[.]163:7777
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 138[.]91[.]107[.]208:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
US-CERT Vulnerability Summary for the Week of May 8, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
CISA: CISA and Partners Release BianLian Ransomware Cybersecurity Advisory
CISA and Partners Release BianLian Ransomware Cybersecurity Advisory CISA, the Federal Bureau of Investigation (FBI), and the Australian Cyber Security...
Malware Analysis – ransomware – 913ec579a6bbbd0347b42fd7504effd1
Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 913ec579a6bbbd0347b42fd7504effd1SHA1: 2c2c89c193f6a527a9980f659a27ca1820d08de3ANALYSIS DATE: 2023-05-16T15:24:37ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – amadey – 0ec4a63f542b0950ad234dfea89ff66c
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:379b0d0a9ef2b4ae960ec452f90e3e8b, botnet:9dfa7ee730fa2f1efb5ed51dbbec22f5, backdoor, discovery, ransomware, spyware, stealer, trojanMD5: 0ec4a63f542b0950ad234dfea89ff66cSHA1: efd68444aa8943aad102219eaded8e819dc40679ANALYSIS DATE: 2023-05-16T15:30:38ZTTPS:...
Daily Threat Intelligence – May 16 – 2023
A Go implementation of Cobalt Strike called Geacon is being used by cybercriminals in attacks against macOS devices. Cyber experts...
Malware Analysis – djvu – 5a8e2f2bdcc6be8d189e1badb8717ca0
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:9dfa7ee730fa2f1efb5ed51dbbec22f5, discovery, persistence, ransomware, spyware, stealerMD5: 5a8e2f2bdcc6be8d189e1badb8717ca0SHA1: 08d6fbe62d6bfbff71e9cb54d04bd995de47ea0dANALYSIS DATE: 2023-05-16T15:46:00ZTTPS: T1060, T1112, T1082, T1005,...
Malware Analysis – djvu – 669a891fe610e110917fad79b6876f55
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:9dfa7ee730fa2f1efb5ed51dbbec22f5, discovery, persistence, ransomware, spyware, stealerMD5: 669a891fe610e110917fad79b6876f55SHA1: a762faa446f6a8da5770ecca619fc2cffdf33ab1ANALYSIS DATE: 2023-05-16T15:47:04ZTTPS: T1060, T1112, T1053, T1005,...
Malware Analysis – djvu – dc8396334e68e4ad4a8de1ae8dd3fbe8
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:9dfa7ee730fa2f1efb5ed51dbbec22f5, discovery, persistence, ransomware, spyware, stealerMD5: dc8396334e68e4ad4a8de1ae8dd3fbe8SHA1: 599785fc24bf60cc66234af1302e2afbdf7768c6ANALYSIS DATE: 2023-05-16T16:30:39ZTTPS: T1012, T1082, T1053, T1005,...
Malware Analysis – discovery – 87208f8f5babd537eb42ced3831018bd
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, ransomware, trojanMD5: 87208f8f5babd537eb42ced3831018bdSHA1: 1bf91f8c00d9af85bce514f0c70d99ebff800e68ANALYSIS DATE: 2023-05-16T16:39:21ZTTPS: T1012, T1120, T1082, T1222, T1130, T1112 ScoreMeaningExample10Known badA...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on May 16, 2023. These...
Play Ransomware Victim: SOWITEC
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
HackerOne Bug Bounty Disclosure: redos-in-time-rfc2822byooooooo_q
Programme HackerOne Ruby Ruby Submitted by ooooooo_q ooooooo_q Report ReDoS in Time.rfc2822 Full Report A considerable amount of time...
HackerOne Bug Bounty Disclosure: no-rate-limit-while-adding-additional-emails-featurebycryptographer
Programme HackerOne Nextcloud Nextcloud Submitted by cryptographer cryptographer Report No rate limit while adding Additional emails feature Full Report ...
Inside Qilin Ransomware: Affiliates Take Home 85% of Ransom Payouts
Ransomware affiliates associated with the Qilin ransomware-as-a-service (RaaS) scheme earn anywhere between 80% to 85% of each ransom payment, according...
China’s Mustang Panda Hackers Exploit TP-Link Routers for Persistent Attacks
The Chinese nation-state actor known as Mustang Panda has been linked to a new set of sophisticated and targeted attacks...
Medusa Locker Ransomware Victim: BAMSI
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Hackers Using Golang Variant of Cobalt Strike to Target Apple macOS Systems
A Golang implementation of Cobalt Strike called Geacon is likely to garner the attention of threat actors looking to target...
CopperStealer Malware Crew Resurfaces with New Rootkit and Phishing Kit Modules
The threat actors behind the CopperStealer malware resurfaced with two new campaigns in March and April 2023 that are designed...
Cyolo Product Overview: Secure Remote Access to All Environments
Operational technology (OT) cybersecurity is a challenging but critical aspect of protecting organizations' essential systems and resources. Cybercriminals no longer...
