CISA: CISA Releases Two SBOM Documents
CISA Releases Two SBOM Documents Today, CISA released two community-drafted documents around Software Bill of Materials (SBOM): Types of SBOM...
Year: 2023
Brute Ratel C4 Detected – 2600:9000:201b:aa00:16:f834:8940:93a1:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
US-CERT Vulnerability Summary for the Week of April 17, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
PortEx – Java Library To Analyse Portable Executable Files With A Special Focus On Malware Analysis And PE Malformation Robustness
PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness,...
Daily Threat Intelligence – April 26 – 2023
Chinese cybercriminals were reported using new malware variants in their espionage attacks against South Africa and Nepal. The campaign includes...
Malware Analysis – amadey – 2e2d214abd61d6b40e8ad5e9e437df45
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:smokeloader, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:pub1, botnet:sprg, backdoor, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 2e2d214abd61d6b40e8ad5e9e437df45SHA1:...
Malware Analysis – djvu – 51a4106e8f56ecb11ff22995f4cfd3e1
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, spyware, stealerMD5: 51a4106e8f56ecb11ff22995f4cfd3e1SHA1: 2781e07822cf8b54406d5785e0e71e3158f4666fANALYSIS DATE: 2023-04-26T15:49:43ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – amadey – fd68d6d16b3b5a68311907694d3c5967
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:redline, family:smokeloader, family:vidar, botnet:1379752987, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:sprg, backdoor, discovery, evasion, infostealer, persistence, ransomware, spyware,...
Malware Analysis – – 33868397a64763f16d88e37d4289697a
Score: 1 MALWARE FAMILY: TAGS:MD5: 33868397a64763f16d88e37d4289697aSHA1: 2bd06371967738d0101dc73ed3fa321cbeac4db6ANALYSIS DATE: 2023-04-26T16:00:59ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – amadey – 05cd8d500f128d1c1ab6844e5b98eb4e
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:smokeloader, botnet:pub1, botnet:sprg, backdoor, discovery, ransomware, stealer, trojanMD5: 05cd8d500f128d1c1ab6844e5b98eb4eSHA1: 76211cea5ed0667e98e9b99312d6a40cd6ffb1faANALYSIS DATE: 2023-04-26T15:37:31ZTTPS: T1012,...
HackerOne Bug Bounty Disclosure: redos(-ruby,-time)byooooooo_q
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by ooooooo_q ooooooo_q Report ReDoS( Ruby, Time) Full Report A...
HackerOne Bug Bounty Disclosure: cve-2023-28755:-redos-vulnerability-in-uribydee-see
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by dee-see dee-see Report CVE-2023-28755: ReDoS vulnerability in URI Full Report...
HackerOne Bug Bounty Disclosure: blind-ssrf-with-escalation-possibilities-in-matrix-preview_link-apibyrevolte
Programme HackerOne Reddit Reddit Submitted by revolte revolte Report Blind SSRF with Escalation possibilities in matrix preview_link API Full Report...
HackerOne Bug Bounty Disclosure: the-endpoint-‘/test/webhooks’-is-vulnerable-to-dns-rebindingbymuhammadilyas
Programme HackerOne Omise Omise Submitted by muhammadilyas muhammadilyas Report The endpoint '/test/webhooks' is vulnerable to DNS Rebinding Full Report ...
Charming Kitten’s New BellaCiao Malware Discovered in Multi-Country Attacks
The prolific Iranian nation-state group known as Charming Kitten is actively targeting multiple victims in the U.S., Europe, the Middle...
Chinese Hackers Spotted Using Linux Variant of PingPull in Targeted Cyberattacks
The Chinese nation-state group dubbed Alloy Taurus is using a Linux variant of a backdoor called PingPull as well as...
Chinese Hackers Using MgBot Malware to Target International NGOs in Mainland China
The advanced persistent threat (APT) group referred to as Evasive Panda has been observed targeting an international non-governmental organization (NGO)...
Black Basta Ransomware Victim: GTT
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Apache Superset Vulnerability: Insecure Default Configuration Exposes Servers to RCE Attacks
The maintainers of the Apache Superset open source data visualization software have released fixes to plug an insecure default configuration...
Browser Security Survey: 87% of SaaS Adopters Exposed to Browser-borne Attacks
The browser serves as the primary interface between the on-premises environment, the cloud, and the web in the modern enterprise....
LockBit 3.0 Ransomware Victim: keystonesmiles[.]org
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: summerweine[.]at
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: vcclawservices[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: ewwanfried[.]de
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
