Cobalt Stike Beacon Detected – 101[.]35[.]152[.]19:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: June 2023
Cobalt Stike Beacon Detected – 163[.]197[.]221[.]204:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]200[.]197[.]112:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
US-CERT Vulnerability Summary for the Week of May 29, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
PythonMemoryModule – Pure-Python Implementation Of MemoryModule Technique To Load Dll And Unmanaged Exe Entirely From Memory
"Python memory module" AI generated pic - hotpot.ai pure-python implementation of MemoryModule technique to load a dll or unmanaged exe...
Malware Analysis – – 15d1b37503fb24d31cf612c4a8120275
Score: 7 MALWARE FAMILY: TAGS:MD5: 15d1b37503fb24d31cf612c4a8120275SHA1: e7fbf54a50583562c4a08259051a64cfafabfcf0ANALYSIS DATE: 2023-06-10T16:53:59ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – evasion – 7ef84720d7b30286bff9483fe53bba62
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, ransomware, trojanMD5: 7ef84720d7b30286bff9483fe53bba62SHA1: b8dbb845cc37fa555d5a3f52e4bbb76aa2be0933ANALYSIS DATE: 2023-06-10T17:47:08ZTTPS: T1112, T1031, T1089, T1053, T1082, T1107, T1490, T1491 ScoreMeaningExample10Known...
Malware Analysis – ransomware – 823f34b23eb518220b8ab28a689706c2
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 823f34b23eb518220b8ab28a689706c2SHA1: 3cf174d35998d92f24d4fe46757248304be2820cANALYSIS DATE: 2023-06-10T17:46:11ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – banker – a5acb875e755e10e19f486dffceff586
Score: 9 MALWARE FAMILY: bankerTAGS:banker, evasion, ransomwareMD5: a5acb875e755e10e19f486dffceff586SHA1: 309ff20c940ff5cb2a0b750cbb9b97ff55f47cadANALYSIS DATE: 2023-06-10T17:48:25ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
New SPECTRALVIPER Backdoor Targeting Vietnamese Public Companies
Vietnamese public companies have been targeted as part of an ongoing campaign that deploys a novel backdoor called SPECTRALVIPER. "SPECTRALVIPER...
How to Improve Your API Security Posture
APIs, more formally known as application programming interfaces, empower apps and microservices to communicate and share data. However, this level...
How to Improve Your API Security Posture
APIs, more formally known as application programming interfaces, empower apps and microservices to communicate and share data. However, this level...
New Critical MOVEit Transfer SQL Injection Vulnerabilities Discovered – Patch Now!
Progress Software, the company behind the MOVEit Transfer application, has released patches to address brand new SQL injection vulnerabilities affecting...
LockBit 3.0 Ransomware Victim: wsisd[.]net
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: gruppomercurio[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – 114[.]115[.]185[.]41:5555
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 121[.]4[.]154[.]20:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]174[.]138[.]166:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]35[.]141[.]80:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 130[.]61[.]95[.]82:8085
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Advent/SSC Tamale RMS directory traversal | CVE-2023-33524
NAME__________Advent/SSC Tamale RMS directory traversalPlatforms Affected:Advent/SSC Tamale RMS 23.0Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Advent/SSC Tamale RMS could allow a remote attacker to...
Page Builder: KingComposer plugin for WordPress cross-site scripting | CVE-2020-36709
NAME__________Page Builder: KingComposer plugin for WordPress cross-site scriptingPlatforms Affected:King-Theme Page Builder: KingComposer plugin for WordPress 2.9.3Risk Level:5.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Page Builder:...
ListingPro theme for WordPress information disclosure | CVE-2020-36723
NAME__________ListingPro theme for WordPress information disclosurePlatforms Affected:CridioStudio ListingPro theme for WordPress 2.6.0Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________ListingPro theme for WordPress could allow...
Gatsby local file include | CVE-2023-34238
NAME__________Gatsby local file includePlatforms Affected:Gatsby Gatsby 4.25.6 Gatsby Gatsby 5.9.0Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Gatsby could allow a remote attacker to include...
