CISA: CISA Releases Sixteen Industrial Control Systems Advisories
CISA Releases Sixteen Industrial Control Systems Advisories CISA released sixteen Industrial Control Systems (ICS) advisories on April 13, 2023. These...
Year: 2023
CISA: Microsoft Releases Guidance for the BlackLotus Campaign
Microsoft Releases Guidance for the BlackLotus Campaign Microsoft has released Guidance for investigating attacks using CVE-2022-21894: The BlackLotus Campaign(link is...
CISA: IRS Warns of New Tax Scams
IRS Warns of New Tax Scams The Internal Revenue Service (IRS) has issued a reminder urging taxpayers to be vigilant...
CISA: CISA Releases Software Bill of Materials (SBOM) Sharing Lifecycle Report
CISA Releases Software Bill of Materials (SBOM) Sharing Lifecycle Report CISA has released the SBOM Sharing Lifecycle Report to the cybersecurity...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
Karakurt Ransomware Victim: Pharm-Pacc Corporation
KARAKURT RANSOMWARE NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Ex-Conti members and FIN7 devs team up to push new Domino malware
Ex-Conti ransomware members have teamed up with the FIN7 threat actors to distribute a new malware family named 'Domino' in...
New QBot email attacks use PDF and WSF combo to install malware
QBot malware is now distributed in phishing campaigns utilizing PDFs and Windows Script Files (WSF) to infect Windows devices. Qbot...
New Chameleon Android malware mimics bank, govt, and crypto apps
A new Android trojan called ‘Chameleon’ has been targeting users in Australia and Poland since the start of the year,...
Hackers abuse Google Command and Control red team tool in attacks
The Chinese state-sponsored hacking group APT41 was found abusing the GC2 (Google Command and Control) red teaming tool in data...
US-CERT Vulnerability Summary for the Week of April 3, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Scriptkiddi3 – Streamline Your Recon And Vulnerability Detection Process With SCRIPTKIDDI3, A Recon And Initial Vulnerability Detection Tool Built Using Shell Script And Open Source Tools
Streamline your recon and vulnerability detection process with SCRIPTKIDDI3, A recon and initial vulnerability detection tool built using shell script...
Nmap-API – Uses Python3.10, Debian, python-Nmap, And Flask Framework To Create A Nmap API That Can Do Scans With A Good Speed Online And Is Easy To Deploy
Uses python3.10, Debian, python-Nmap, and flask framework to create a Nmap API that can do scans with a good speed...
Royal Ransomware Victim: Swanson Group
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Royal Ransomware Victim: Stanley Electric U[.]S[.]
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Royal Ransomware Victim: Moon Capital
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Royal Ransomware Victim: 5Design
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
New QBot Banking Trojan Campaign Hijacks Business Emails to Spread Malware
A new QBot malware campaign is leveraging hijacked business correspondence to trick unsuspecting victims into installing the malware, new findings...
What’s the Difference Between CSPM & SSPM?
Cloud Security Posture Management (CSPM) and SaaS Security Posture Management (SSPM) are frequently confused. The similarity of the acronyms notwithstanding,...
Israeli Spyware Vendor QuaDream to Shut Down Following Citizen Lab and Microsoft Expose
Israeli spyware vendor QuaDream is allegedly shutting down its operations in the coming days, less than a week after its...
Malware Analysis – ransomware – 9fd40b68825eb9aa79d9f2b106aaf59e
Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 9fd40b68825eb9aa79d9f2b106aaf59eSHA1: 9b30c9ed81fea0f414a7cb9f1496616a35339f18ANALYSIS DATE: 2023-04-11T16:19:29ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – smokeloader – da7ba70077b15294e39bd92ff7989b99
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: da7ba70077b15294e39bd92ff7989b99SHA1: 66584515852401e7e4b90fb810d2df7a599f7201ANALYSIS DATE: 2023-04-17T15:41:05ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – ransomware – 163e651162f292028ca9a8d7f1ed7340
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 163e651162f292028ca9a8d7f1ed7340SHA1: a85ff9091f298ea2d6823a7b0053daa08b237423ANALYSIS DATE: 2023-04-17T15:08:20ZTTPS: T1005, T1081, T1107, T1490, T1082, T1012, T1120 ScoreMeaningExample10Known badA...
Malware Analysis – smokeloader – cb64985632f35fa9bdd30b7b348b1522
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: cb64985632f35fa9bdd30b7b348b1522SHA1: b0caef4db6825c18c024fc4b93e0e7b164cb59c5ANALYSIS DATE: 2023-04-17T16:09:19ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
