Cobalt Stike Beacon Detected – 161[.]35[.]232[.]68:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Year: 2023
Cobalt Stike Beacon Detected – 107[.]172[.]97[.]151:8066
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – chaos – 664d942a2f98e3bf196dc627a1ee3ae9
Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, ransomwareMD5: 664d942a2f98e3bf196dc627a1ee3ae9SHA1: 925b0ef9d0e2f6ce159945138f97dda492fab4b8ANALYSIS DATE: 2023-01-14T08:58:12ZTTPS: T1064 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – djvu – ff660cfc3188548169fb503f22ec7333
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: ff660cfc3188548169fb503f22ec7333SHA1: a9f496bc96e2375a713a1664162b3556f62bd966ANALYSIS DATE: 2023-01-14T09:46:49ZTTPS: T1053, T1012, T1082, T1005,...
Malware Analysis – djvu – e30884dd5b5487ff1afab6301420abd2
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: e30884dd5b5487ff1afab6301420abd2SHA1: fbda6109e87f008034869c7405d0a839868690d7ANALYSIS DATE: 2023-01-14T09:18:42ZTTPS: T1060, T1112, T1222, T1053,...
Malware Analysis – djvu – 3a862f889fa5aa53e46a40692624a13f
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 3a862f889fa5aa53e46a40692624a13fSHA1: 8967ffdfe1b02094e376ae9aadec9339f1d9d92eANALYSIS DATE: 2023-01-14T11:21:49ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – discovery – 0ac22daa944ab6c3be7bbdbff316be63
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 0ac22daa944ab6c3be7bbdbff316be63SHA1: 42a248e33566687c80783751d4b01af0ee48af15ANALYSIS DATE: 2023-01-14T11:26:45ZTTPS: T1082, T1060, T1012 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Empire C2 Detected – 45[.]76[.]150[.]166:80
The Information provided at the time of posting was detected as "Empire C2". Depending on when you are viewing this...
AMD EPYC Processors code execution | CVE-2021-26396
NAME__________AMD EPYC Processors code executionPlatforms Affected:AMD 3rd Generation EPYCRisk Level:8.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________AMD EPYC Processors could allow a local attacker to...
NVIDIA DGX A100 Server buffer overflow | CVE-2022-42271
NAME__________NVIDIA DGX A100 Server buffer overflowPlatforms Affected:Risk Level:8.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NVIDIA DGX A100 Server is vulnerable to a buffer overflow, caused...
Microsoft Edge (Chromium-based) code execution | CVE-2023-21775
NAME__________Microsoft Edge (Chromium-based) code executionPlatforms Affected:Microsoft Edge (Chromium-based)Risk Level:8.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Microsoft Edge (Chromium-based) could allow a remote attacker to execute...
Microsoft Edge (Chromium-based) privilege escalation | CVE-2023-21796
NAME__________Microsoft Edge (Chromium-based) privilege escalationPlatforms Affected:Microsoft Edge (Chromium-based)Risk Level:8.3Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION__________Microsoft Edge (Chromium-based) could allow a remote attacker to gain...
NVIDIA DGX A100 Server buffer overflow | CVE-2022-42272
NAME__________NVIDIA DGX A100 Server buffer overflowPlatforms Affected:Risk Level:8.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NVIDIA DGX A100 Server is vulnerable to a buffer overflow, caused...
NVIDIA DGX A100 Server buffer overflow | CVE-2022-42273
NAME__________NVIDIA DGX A100 Server buffer overflowPlatforms Affected:Risk Level:8.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NVIDIA DGX A100 Server is vulnerable to a buffer overflow, caused...
AMD EPYC Processors code execution | CVE-2021-26398
NAME__________AMD EPYC Processors code executionPlatforms Affected:AMD 1st Generation EPYC AMD 2nd Generation EPYC AMD 3rd Generation EPYCRisk Level:8.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________AMD...
AMD EPYC Processors buffer overflow | CVE-2021-26409
NAME__________AMD EPYC Processors buffer overflowPlatforms Affected:AMD 3rd Generation EPYCRisk Level:8.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________AMD EPYC Processors are vulnerable to a buffer overflow,...
Cisco Small Business RV016, RV042, RV042G, and RV082 Routers security bypass | CVE-2023-20025
NAME__________Cisco Small Business RV016, RV042, RV042G, and RV082 Routers security bypassPlatforms Affected:Risk Level:9Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Cisco Small Business RV016, RV042, RV042G,...
InHand Networks InRouter302 and InHand Networks InRouter615 information disclosure | CVE-2023-22601
NAME__________InHand Networks InRouter302 and InHand Networks InRouter615 information disclosurePlatforms Affected:Risk Level:10Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________InHand Networks InRouter302 and InHand Networks InRouter615 could...
InHand Networks InRouter302 and InHand Networks InRouter615 security bypass | CVE-2023-22600
NAME__________InHand Networks InRouter302 and InHand Networks InRouter615 security bypassPlatforms Affected:Risk Level:10Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________InHand Networks InRouter302 and InHand Networks InRouter615 could...
Daily Vulnerability Trends: Sat Jan 14 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-20452In initializeFromParcelLocked of BaseBundle.java, there is a possible method arbitrary code execution...
BugCrowd Bug Bounty Disclosure: – Improper Authorization – Second (Additional) Driver can list “add-driver” invitation links – By sagarparmar121
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Malware Analysis – djvu – b4fb108e628474068b70b975ee54817f
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: b4fb108e628474068b70b975ee54817fSHA1: 05a0863ba7cb981d91807961c1dad86887d8867dANALYSIS DATE: 2023-01-14T03:25:23ZTTPS: T1222, T1012, T1053, T1082,...
Malware Analysis – lockbit – 260235a69a60ca8f424e1809fc01fd2b
Score: 10 MALWARE FAMILY: lockbitTAGS:family:lockbit, ransomware, spyware, stealerMD5: 260235a69a60ca8f424e1809fc01fd2bSHA1: 0647b7f536beeefa04eafbe877ad9e7227334aadANALYSIS DATE: 2023-01-14T03:06:36ZTTPS: T1082, T1005, T1081, T1012, T1112 ScoreMeaningExample10Known badA malware...
Malware Analysis – djvu – ec606e5e431b4d6be09c3362a40cf60b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:rhadamanthys, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, persistence, ransomware, spyware, stealer, trojanMD5: ec606e5e431b4d6be09c3362a40cf60bSHA1: d807d99153a82a491d19420eb133d4415aa0c057ANALYSIS DATE: 2023-01-14T03:02:49ZTTPS:...
