Cobalt Stike Beacon Detected – 120[.]46[.]185[.]86:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Year: 2023
Cobalt Stike Beacon Detected – 47[.]100[.]215[.]156:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 199[.]195[.]249[.]113:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – e57762afc5371e7b0c32ac6712c85e78
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: e57762afc5371e7b0c32ac6712c85e78SHA1: 348ad22c24a2c90b0067f524120eb5799d8b8c94ANALYSIS DATE: 2023-02-15T10:30:09ZTTPS: T1060, T1112, T1222, T1005,...
Malware Analysis – – 2e3bdf628e9bfaa6fe04786c390bdc6e
Score: 8 MALWARE FAMILY: TAGS:MD5: 2e3bdf628e9bfaa6fe04786c390bdc6eSHA1: 09e783f6b97b7e84e0b736b8db308d25a8c22633ANALYSIS DATE: 2023-02-15T10:05:30ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – djvu – e6c4eb245ab9d0b8435986f7d0d3283e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: e6c4eb245ab9d0b8435986f7d0d3283eSHA1: 7c790fd8289e60f5de7f54525d6fcddcd71cbca8ANALYSIS DATE: 2023-02-15T10:10:30ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – djvu – 89af5f0e7d2b08f92443bd39f80948c8
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 89af5f0e7d2b08f92443bd39f80948c8SHA1: 05d2b1ac67cc405e10a0d82872ddc1befbd9151bANALYSIS DATE: 2023-02-15T10:06:31ZTTPS: T1005, T1081, T1053, T1222,...
Malware Analysis – djvu – d24826e0fe7505e1f34a9c90b740407e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: d24826e0fe7505e1f34a9c90b740407eSHA1: a87ff01742a668029e92ff16cd7c957080ea4f0aANALYSIS DATE: 2023-02-15T10:45:27ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – collection – 017214b2759268c211cb65b9df140857
Score: 10 MALWARE FAMILY: collectionTAGS:collection, evasion, ransomware, spyware, stealerMD5: 017214b2759268c211cb65b9df140857SHA1: 87953d31303e156302a1939c7dffd538c116af22ANALYSIS DATE: 2023-02-15T11:17:17ZTTPS: T1082, T1158, T1112, T1491, T1114, T1130, T1005,...
Malware Analysis – maze – 61b32a82577a7ea823ff7303ab6b4283
Score: 10 MALWARE FAMILY: mazeTAGS:family:maze, ransomware, spyware, stealer, trojanMD5: 61b32a82577a7ea823ff7303ab6b4283SHA1: 9107c719795fa5768498abb4fed11d907e44d55eANALYSIS DATE: 2023-02-15T11:35:21ZTTPS: T1491, T1112, T1005, T1081, T1107, T1490 ScoreMeaningExample10Known...
Malware Analysis – djvu – e46127da689e4443d5332c16019ec1fe
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:laplas, family:smokeloader, family:vidar, botnet:19, backdoor, clipper, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: e46127da689e4443d5332c16019ec1feSHA1: c0fc40e9389822e01d80463a304e5b4349e5be99ANALYSIS...
NameCheap’s email hacked to send Metamask, DHL phishing emails
Domain registrar Namecheap had their email account breached Sunday night, causing a flood of MetaMask and DHL phishing emails that...
The Week in Ransomware – February 10th 2023 – Clop’s Back
From ongoing attacks targeting ESXi servers to sanctions on Conti/TrickBot members, it has been quite a busy week regarding ransomware....
Microsoft WinGet package manager failing from expired SSL certificate
Microsoft's WinGet package manager is currently having problems installing or upgrading packages after WinGet CDN's SSL/TLS certificate expired. Released in May...
Devs targeted by W4SP Stealer malware in malicious PyPi packages
Five malicious packages were found on the Python Package Index (PyPI), stealing passwords, Discord authentication cookies, and cryptocurrency wallets from...
Pepsi Bottling Ventures suffers data breach after malware attack
Pepsi Bottling Ventures LLC suffered a data breach caused by a network intrusion that resulted in the installation of information-stealing...
Spain, U.S. dismantle phishing gang that stole $5 million in a year
Spain's National Police and the U.S. Secret Service have dismantled a Madrid-based international cybercrime ring comprised of nine members who...
FTC: $1.3 billion lost by 70,000 Americans to romance scams last year
The U.S. Federal Trade Commission (FTC) says Americans once again reported record losses of $1.3 billion to romance scams in...
Lazarus hackers use new mixer to hide $100 million in stolen crypto
North Korean hackers have found a way around U.S.-imposed sanctions to launder the cryptocurrency proceeds from their heists, according to...
Ransomware hits Technion university to protest tech layoffs and Israel
A new ransomware group going by the name 'DarkBit' has hit Technion - Israel Institute of Technology, one of Israel's leading...
Apple fixes new WebKit zero-day exploited to hack iPhones, Macs
Apple has released emergency security updates to address a new zero-day vulnerability used in attacks to hack iPhones, iPads, and...
New ‘MortalKombat’ ransomware targets systems in the U.S.
Hackers conducting a new financially motivated campaign are using a variant of the Xortist commodity ransomware named 'MortalKombat,' together with...
451 PyPI packages install Chrome extensions to steal crypto
Over 450 malicious PyPI python packages were found installing malicious browser extensions to hijack cryptocurrency transactions made through browser-based crypto...
Cloudflare blocks record-breaking 71 million RPS DDoS attack
This weekend, Cloudflare blocked what it describes as the largest volumetric distributed denial-of-service (DDoS) attack to date. The company said...
