Researchers to release PoC exploit for critical ManageEngine RCE bug, patch now
Proof-of-concept exploit code will be released later this week for a critical vulnerability allowing remote code execution (RCE) without authentication...
Year: 2023
MSI accidentally breaks Secure Boot for hundreds of motherboards
Over 290 MSI motherboards are reportedly affected by an insecure default UEFI Secure Boot setting settings that allows any operating...
Over 4,000 Sophos Firewall devices vulnerable to RCE attacks
Over 4,000 Sophos Firewall devices exposed to Internet access are vulnerable to attacks targeting a critical remote code execution (RCE)...
Nissan North America data breach caused by vendor-exposed database
Nissan North America has begun sending data breach notifications informing customers of a breach at a third-party service provider that...
Hackers can use GitHub Codespaces to host and deliver malware
Researchers have demonstrated how threat actors can abuse the GitHub Codespaces' port forwarding' feature to host and distribute malware and...
Git patches two critical remote code execution security flaws
Git has patched two critical severity security vulnerabilities that could allow attackers to execute arbitrary code after successfully exploiting heap-based...
Hackers turn to Google search ads to push info-stealing malware
Hackers are setting up fake websites for popular free and open-source software to promote malicious downloads through advertisements in Google...
IT Burnout may be Putting Your Organization at Risk
The heavy responsibility of securing organizations against cyber-attacks is overwhelming and weighs heavier on security professionals, recent data shows. In...
Cobalt Stike Beacon Detected – 179[.]43[.]156[.]148:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 91[.]240[.]118[.]212:82
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]221[.]169[.]111:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 66[.]165[.]243[.]44:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – ransomware – 0bfcb2a4ad4975ee352cf455ccbbb9a7
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 0bfcb2a4ad4975ee352cf455ccbbb9a7SHA1: 9333b2b05821edffe504039afa7e30245b93def2ANALYSIS DATE: 2023-01-17T22:17:13ZTTPS: T1082, T1005, T1081, T1491, T1112 ScoreMeaningExample10Known badA malware family...
Malware Analysis – djvu – 8a8c49b680a83c2393bffa1f436c1123
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, stealerMD5: 8a8c49b680a83c2393bffa1f436c1123SHA1: 314c05651c18a4485744f17244c2d175e7883198ANALYSIS DATE: 2023-01-17T21:59:52ZTTPS: T1082, T1012, T1053, T1060, T1112,...
Malware Analysis – discovery – 1bf2e99364940f8a814104325b4ee679
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 1bf2e99364940f8a814104325b4ee679SHA1: 6e68aa272b02059cab325334ace34fe505e994caANALYSIS DATE: 2023-01-17T22:19:03ZTTPS: T1057, T1012, T1060, T1082 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – djvu – 1dbe2a7afbed81c1d517f0d29c08cd03
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 1dbe2a7afbed81c1d517f0d29c08cd03SHA1: 06bb32dd20d2726d9d1fb859c70846d70e6988eaANALYSIS DATE: 2023-01-17T23:52:48ZTTPS: T1005, T1081, T1222, T1082,...
Cobalt Stike Beacon Detected – 77[.]73[.]134[.]51:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]154[.]23[.]98:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]227[.]203[.]14:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]100[.]48[.]185:8007
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Brute Ratel C4 Detected – 54[.]150[.]84[.]227:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
US-CERT Bulletin (SB23-016):Vulnerability Summary for the Week of January 9, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
CISA: CISA Updates Best Practices for Mapping to MITRE ATT&CK®
CISA Updates Best Practices for Mapping to MITRE ATT&CK® Today, CISA updated Best Practices for MITRE ATT&CK® Mapping. The MITRE...
HIVE Ransomware Victim: R C Stevens Construction
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
