US-CERT Vulnerability Summary for the Week of June 12, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Year: 2023
The Power of Browser Fingerprinting: Personalized UX, Fraud Detection, and Secure Logins
The case for browser fingerprinting: personalizing user experience, improving fraud detection, and optimizing login security Have you ever heard of...
Researchers Find Way to Recover Cryptographic Keys by Analyzing LED Flickers
In what's an ingenious side-channel attack, a group of academics has found that it's possible to recover secret keys from...
Malware Analysis – coper – d00b594a574947ececc0630f637c4c58
Score: 10 MALWARE FAMILY: coperTAGS:family:coper, family:octo, banker, infostealer, ransomware, rat, trojanMD5: d00b594a574947ececc0630f637c4c58SHA1: f3a4f9bd42a4952264f84b77f7bb506348dfa3cdANALYSIS DATE: 2023-06-26T14:00:48ZTTPS: ScoreMeaningExample10Known badA malware family was...
Malware Analysis – evasion – dacea68da8d3f322e31b2e6c0e161c36
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: dacea68da8d3f322e31b2e6c0e161c36SHA1: d23044acb63042afe12a4eadbe440e907676a843ANALYSIS DATE: 2023-06-26T17:31:48ZTTPS: T1102 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – coper – 9e479a1a43a81d4fbe696b1ab96033a7
Score: 10 MALWARE FAMILY: coperTAGS:family:coper, family:octo, banker, infostealer, ransomware, rat, trojanMD5: 9e479a1a43a81d4fbe696b1ab96033a7SHA1: 8c5de39def7f6d5e06b38c3a7f008c55e530077dANALYSIS DATE: 2023-06-26T14:01:21ZTTPS: ScoreMeaningExample10Known badA malware family was...
Malware Analysis – discovery – ff25f4db981a5980797d736f97adaab6
Score: 7 MALWARE FAMILY: discoveryTAGS:discovery, evasion, trojan, upxMD5: ff25f4db981a5980797d736f97adaab6SHA1: 77ccf75074599fc076f89060f257feeda5607d33ANALYSIS DATE: 2023-06-26T15:27:22ZTTPS: T1130, T1112, T1012, T1082 ScoreMeaningExample10Known badA malware family...
Malware Analysis – coper – 43eda5ddda5bf59b2c47563772ba6d6e
Score: 10 MALWARE FAMILY: coperTAGS:family:coper, family:octo, banker, evasion, infostealer, ransomware, rat, trojanMD5: 43eda5ddda5bf59b2c47563772ba6d6eSHA1: 5ce865148092d0fe1303b5d8b01001b13d17b7b8ANALYSIS DATE: 2023-06-26T14:01:56ZTTPS: ScoreMeaningExample10Known badA malware family...
Japanese Cryptocurrency Exchange Falls Victim to JokerSpy macOS Backdoor Attack
An unknown cryptocurrency exchange located in Japan was the target of a new attack earlier this month to deploy an...
The Power of Browser Fingerprinting: Personalized UX, Fraud Detection, and Secure Logins
The case for browser fingerprinting: personalizing user experience, improving fraud detection, and optimizing login security Have you ever heard of...
How Generative AI Can Dupe SaaS Authentication Protocols — And Effective Ways To Prevent Other Key AI Risks in SaaS
Security and IT teams are routinely forced to adopt software before fully understanding the security risks. And AI tools are...
Microsoft Warns of Widescale Credential Stealing Attacks by Russian Hackers
Microsoft has disclosed that it's detected a spike in credential-stealing attacks conducted by the Russian state-affiliated hacker group known as...
Cobalt Stike Beacon Detected – 122[.]112[.]192[.]110:8805
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 106[.]55[.]102[.]97:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]220[.]31[.]186:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]33[.]205[.]73:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Silicon Labs Z/IP Gateway information disclosure | CVE-2023-0969
NAME__________Silicon Labs Z/IP Gateway information disclosurePlatforms Affected:Silicon Labs Z/IP Gateway 7.18.01Risk Level:3.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Silicon Labs Z/IP Gateway could allow a...
Wildix WSG24POE security bypass | CVE-2023-29709
NAME__________Wildix WSG24POE security bypassPlatforms Affected:Wildix WSG24POE 103SP7D190822Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Wildix WSG24POE could allow a remote attacker to bypass security restrictions,...
Vaadin information disclosure | CVE-2023-25500
NAME__________Vaadin information disclosurePlatforms Affected:Vaadin Vaadin 10.0.0 Vaadin Vaadin 11.0.0 Vaadin Vaadin 15.0.0 Vaadin Vaadin 22.0.28 Vaadin Vaadin 24.0.0 Vaadin Vaadin...
HCL OSD Bare Metal Server weak security | CVE-2023-28006
NAME__________HCL OSD Bare Metal Server weak securityPlatforms Affected:HCL BigFix OSD Bare Metal Server 311.12Risk Level:7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________HCL OSD Bare Metal...
HCL BigFix OSD Bare Metal Server clickjacking | CVE-2023-23343
NAME__________HCL BigFix OSD Bare Metal Server clickjackingPlatforms Affected:HCL BigFix OSD Bare Metal Server 311.12Risk Level:2.4Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________HCL BigFix OSD Bare...
Vaadin information disclosure | CVE-2023-25499
NAME__________Vaadin information disclosurePlatforms Affected:Vaadin Vaadin 10.0.22 Vaadin Vaadin 14.10.0 Vaadin Vaadin 22.0.28 Vaadin Vaadin 23.3.12 Vaadin Vaadin 24.0.0 Vaadin Vaadin...
Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance cross-site scripting | CVE-2023-20120
NAME__________Cisco Secure Email and Web Manager, Cisco Secure Email Gateway, and Cisco Secure Web Appliance cross-site scriptingPlatforms Affected:Cisco Secure Email...
HCL BigFix WebUI Insights site security bypass | CVE-2023-23344
NAME__________HCL BigFix WebUI Insights site security bypassPlatforms Affected:HCL BigFix WebUI Insights site 14Risk Level:3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________HCL BigFix WebUI Insights site...
