LockBit 3.0 Ransomware Victim: nougat-carlier[.]be
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Year: 2023
U.S. Cybersecurity Agency CISA Adds Three New Vulnerabilities in KEV Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three security flaws to its Known Exploited Vulnerabilities (KEV)...
Gcore Thwarts Massive 650 Gbps DDoS Attack on Free Plan Client
At the beginning of January, Gcore faced an incident involving several L3/L4 DDoS attacks with a peak volume of 650...
Attackers Flood NPM Repository with Over 15,000 Spam Packages Containing Phishing Links
In what's a continuing assault on the open source ecosystem, over 15,000 spam packages have flooded the npm repository in...
3 Steps to Automate Your Third-Party Risk Management Program
If you Google "third-party data breaches" you will find many recent reports of data breaches that were either caused by...
Hydrochasma: New Threat Actor Targets Shipping Companies and Medical Labs in Asia
Shipping companies and medical laboratories in Asia have been the subject of a suspected espionage campaign carried out by a...
Apple Warns of 3 New Vulnerabilities Affecting iPhone, iPad, and Mac Devices
Apple has revised the security advisories it released last month to include three new vulnerabilities impacting iOS, iPadOS, and macOS....
Threat Actors Adopt Havoc Framework for Post-Exploitation in Targeted Attacks
An open source command-and-control (C2) framework known as Havoc is being adopted by threat actors as an alternative to other...
LockBit 3.0 Ransomware Victim: skylinetrisource[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Malware Analysis – djvu – ea746870e963dfa82938756374ca769b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: ea746870e963dfa82938756374ca769bSHA1: a4ce68ec85dd371a8be61bb42409c9825a44432eANALYSIS DATE: 2023-02-22T10:03:04ZTTPS: T1012, T1082, T1222, T1053,...
Malware Analysis – glupteba – 23f59ddcd11358b08e491b19a3f5bb53
Score: 10 MALWARE FAMILY: gluptebaTAGS:family:glupteba, discovery, dropper, evasion, loader, persistence, ransomware, rootkit, trojanMD5: 23f59ddcd11358b08e491b19a3f5bb53SHA1: 1820b968b20c4cc20ae9eb5013eb9ab1def75c60ANALYSIS DATE: 2023-02-22T10:01:53ZTTPS: T1012, T1031, T1082,...
Malware Analysis – smokeloader – 6bc7191f01f23be6ba8357774482f793
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 6bc7191f01f23be6ba8357774482f793SHA1: 0ab05f8739fc671bca7bad965a1d620685636e26ANALYSIS DATE: 2023-02-22T09:58:05ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Cobalt Stike Beacon Detected – 139[.]224[.]189[.]177:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]242[.]204[.]38:8990
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]222[.]47[.]83:4646
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 20fd15790c7efd6c9d1adea6a173c876
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, evasion, persistence, ransomware, stealer, trojan, vmprotectMD5: 20fd15790c7efd6c9d1adea6a173c876SHA1: 5cb377821a019ab0db82c9a493022ee083824a19ANALYSIS DATE: 2023-02-22T10:11:30ZTTPS:...
Malware Analysis – djvu – c0e4c0955f80dcbf2099c2ffb2fc8461
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: c0e4c0955f80dcbf2099c2ffb2fc8461SHA1: f9839880808345143a87a37ab2f6101f1f89edefANALYSIS DATE: 2023-02-22T10:33:16ZTTPS: T1060, T1112, T1005, T1081,...
Malware Analysis – djvu – dae95ad4f51a6a765e8065a4d21ade1a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, evasion, persistence, ransomware, stealer, trojan, vmprotectMD5: dae95ad4f51a6a765e8065a4d21ade1aSHA1: 443b5fe4e30839244962003b666c08b952fcaafeANALYSIS DATE: 2023-02-22T10:42:27ZTTPS:...
Malware Analysis – djvu – 3ca2f51c8e5250840893415bb49031a6
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 3ca2f51c8e5250840893415bb49031a6SHA1: 4491dc36f7b2aed7ee61cde93803b7b1dee7f3a4ANALYSIS DATE: 2023-02-22T10:21:41ZTTPS: T1005, T1081, T1012, T1082,...
Cobalt Stike Beacon Detected – 195[.]189[.]96[.]146:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 159[.]65[.]140[.]121:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 35[.]89[.]195[.]215:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 179[.]43[.]156[.]134:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – smokeloader – f77d72707555a26065e33dc12449fd6f
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: f77d72707555a26065e33dc12449fd6fSHA1: a5ad0c808420aea73737299ba482797959835541ANALYSIS DATE: 2023-02-22T11:15:07ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
