BlackCat/ALPHV Ransomware Victim: PRESTIGE MAINTENANCE USA WAS HACKED
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Year: 2023
BlackCat/ALPHV Ransomware Victim: Kendall Hunt Publishing
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Cobalt Stike Beacon Detected – 104[.]168[.]68[.]35:8000
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 118[.]107[.]11[.]150:8899
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 162[.]33[.]179[.]164:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]42[.]101[.]185:8008
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]143[.]134[.]147:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]15[.]155[.]15:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]139[.]116[.]197:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 5[.]183[.]81[.]215:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – bec27e89d69d057e4dd42ba85db35130
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: bec27e89d69d057e4dd42ba85db35130SHA1: dd233921bc0b900fc7f661cc35c4d914e991d4e2ANALYSIS DATE: 2023-02-23T09:00:51ZTTPS: T1082, T1005, T1081, T1012, T1060,...
Malware Analysis – djvu – 5295dd60a35b55ad49a709d9d2601b62
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 5295dd60a35b55ad49a709d9d2601b62SHA1: 180c7fb35bc98fbd5a31afc27248efa4744af236ANALYSIS DATE: 2023-02-23T10:32:21ZTTPS: T1222, T1005, T1081, T1060, T1112,...
Malware Analysis – djvu – 05c2ad3a05f5d1d00c70b8d9118a93ad
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 05c2ad3a05f5d1d00c70b8d9118a93adSHA1: a4191491d990c61c49167206e9e1d373aff2b61eANALYSIS DATE: 2023-02-23T10:45:34ZTTPS: T1222, T1082, T1012, T1053, T1005,...
Malware Analysis – djvu – 40f1ef64ddef4159773b49a10289b9df
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, backdoor, discovery, evasion, persistence, ransomware, stealer, trojan, vmprotectMD5: 40f1ef64ddef4159773b49a10289b9dfSHA1: 304b0390f20f510ee0ed3065227b2265c8de02d5ANALYSIS DATE: 2023-02-23T10:39:30ZTTPS: T1222,...
Nautobot code execution | CVE-2023-25657
NAME__________Nautobot code executionPlatforms Affected:Nautobot Nautobot 1.5.6Risk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Nautobot could allow a remote authenticated attacker to execute arbitrary code on...
Cisco Firepower 4100, 9300 Security Appliances, and UCS Fabric Interconnects command execution | CVE-2023-20015
NAME__________Cisco Firepower 4100, 9300 Security Appliances, and UCS Fabric Interconnects command executionPlatforms Affected:Cisco UCS 6200 Series Fabric Interconnects Cisco UCS...
Apple iOS, iPadOS and macOS Ventura privilege escalation | CVE-2023-23531
NAME__________Apple iOS, iPadOS and macOS Ventura privilege escalationPlatforms Affected:Apple macOS Ventura 13.1 Apple iOS 16.2 Apple iPadOS 16.2Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges...
Minio privilege escalation | CVE-2023-25812
NAME__________Minio privilege escalationPlatforms Affected:Minio Minio RELEASE.2023-02-10T18-48-39ZRisk Level:5.3Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Minio could allow a remote attacker to gain elevated privileges on the...
Modoboa cross-site scripting | CVE-2023-0949
NAME__________Modoboa cross-site scriptingPlatforms Affected:Risk Level:4.8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Modoboa is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by...
Best POS Management System cross-site scripting | CVE-2023-0945
NAME__________Best POS Management System cross-site scriptingPlatforms Affected:Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Best POS Management System is vulnerable to cross-site scripting, caused by...
Japanized For WooCommerce plugin for WordPress cross-site scripting | CVE-2023-0942
NAME__________Japanized For WooCommerce plugin for WordPress cross-site scriptingPlatforms Affected:Risk Level:6.1Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Japanized For WooCommerce plugin for WordPress is vulnerable to...
Cisco Nexus 9300-FX3 Series Fabric Extender for UCS Fabric Interconnects security bypass | CVE-2023-20012
NAME__________Cisco Nexus 9300-FX3 Series Fabric Extender for UCS Fabric Interconnects security bypassPlatforms Affected:Cisco Nexus 9300-FX3 Series FEXRisk Level:5.4Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Cisco...
ThingsBoard privilege escalation |
NAME__________ThingsBoard privilege escalationPlatforms Affected:ThingsBoard ThingsBoard 3.4.1Risk Level:6.5Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________ThingsBoard could allow a remote authenticated attacker to gain elevated privileges on...
IBM Sterling B2B Integrator Standard Edition cross-site scripting | CVE-2022-43578
NAME__________IBM Sterling B2B Integrator Standard Edition cross-site scriptingPlatforms Affected:IBM Sterling B2B Integrator 6.0.0.0 IBM Sterling B2B Integrator 6.1.0.0 IBM Sterling...
