RansomHouse Ransomware Victim: Tanbridge House School
RansomHouse Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Year: 2023
Malware Analysis – smokeloader – 9d29f5640c968ae41824e3999937b4ed
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 9d29f5640c968ae41824e3999937b4edSHA1: 31560a3776918e01b6cd2e9d87fbf2ad1028ec7fANALYSIS DATE: 2023-03-27T15:24:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 23f7d98ddb2bafaefd121c30aeb2a7b1
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:00d92484c9b27bc8482a2cc94cacc508, discovery, persistence, ransomware, spyware, stealerMD5: 23f7d98ddb2bafaefd121c30aeb2a7b1SHA1: 56e0967ba750cc8b8a7eaaad287210ff494e32a9ANALYSIS DATE: 2023-03-27T16:43:01ZTTPS: T1012, T1082, T1053, T1005,...
Malware Analysis – amadey – 49cd88e363a5f738cbbd54d592512330
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:rhadamanthys, family:smokeloader, family:xmrig, botnet:koreamon, botnet:pub1, botnet:sprg, backdoor, discovery, evasion, infostealer, miner, persistence, ransomware,...
Malware Analysis – djvu – fc6df56b8d1755886817103249d35cef
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:00d92484c9b27bc8482a2cc94cacc508, discovery, persistence, ransomware, spyware, stealerMD5: fc6df56b8d1755886817103249d35cefSHA1: 0959b12645c9713c2a06485f5190c3e748d3f879ANALYSIS DATE: 2023-03-27T16:55:43ZTTPS: T1005, T1081, T1012, T1060,...
Malware Analysis – ransomware – df134a54ae5dca7963e49d97dd104660
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: df134a54ae5dca7963e49d97dd104660SHA1: 9bddcce91756469051f2385ef36ba8171d99686dANALYSIS DATE: 2023-03-27T17:29:03ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
HackerOne Bug Bounty Disclosure: bypassing-creation-of–api-tokens-without-email-verificationbyboy_child_
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by boy_child_ boy_child_ Report Bypassing creation of API tokens...
New MacStealer macOS Malware Steals iCloud Keychain Data and Passwords
A new information-stealing malware has set its sights on Apple's macOS operating system to siphon sensitive information from compromised devices....
Where SSO Falls Short in Protecting SaaS
Single sign-on (SSO) is an authentication method that allows users to authenticate their identity for multiple applications with just one...
Microsoft Issues Patch for aCropalypse Privacy Flaw in Windows Screenshot Tools
Microsoft has released an out-of-band update to address a privacy-defeating flaw in its screenshot editing tool for Windows 10 and...
LockBit 3.0 Ransomware Victim: mcna[.]net
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: ulmacarretillas[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: ita-moulding-process[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
MEGAFEIS, BOFEI DBD+ Application for IOS & Android information disclosure | CVE-2022-45634
NAME__________MEGAFEIS, BOFEI DBD+ Application for IOS & Android information disclosurePlatforms Affected:Risk Level:7.5Exploitability:Proof of ConceptConsequences:Obtain Information DESCRIPTION__________MEGAFEIS, BOFEI DBD+ Application for...
MEGAFEIS, BOFEI DBD+ Application for IOS & Android information disclosure | CVE-2022-45635
NAME__________MEGAFEIS, BOFEI DBD+ Application for IOS & Android information disclosurePlatforms Affected:Risk Level:7.5Exploitability:Proof of ConceptConsequences:Obtain Information DESCRIPTION__________MEGAFEIS, BOFEI DBD+ Application for...
crewjam/saml go library denial of service | CVE-2023-28119
NAME__________crewjam/saml go library denial of servicePlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________crewjam/saml go library is vulnerable to a denial of service,...
Cisco ASA, FTD, IOS and IOS XE Software denial of service | CVE-2023-20081
NAME__________Cisco ASA, FTD, IOS and IOS XE Software denial of servicePlatforms Affected:Cisco Adaptive Security Appliance Software Cisco IOS Software Cisco...
Emotet malware distributed as fake W-9 tax forms from the IRS
A new Emotet phishing campaign is targeting U.S. taxpayers by impersonating W-9 tax forms allegedly sent by the Internal Revenue...
FBI: Business email compromise tactics used to defraud U.S. vendors
The Federal Bureau of Investigation is warning companies in the U.S. of threat actors using tactics similar to business email...
Brute Ratel C4 Detected – 52[.]192[.]166[.]233:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
US-CERT Vulnerability Summary for the Week of March 13, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Malware Analysis – smokeloader – 4293ec458e657eeb42ca2ec2eb09b76d
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 4293ec458e657eeb42ca2ec2eb09b76dSHA1: 2589d4a26f3462d7bb19756c291b6ad9235abd21ANALYSIS DATE: 2023-03-26T15:23:02ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 4337baca641bc801e6223757534aee9d
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:00d92484c9b27bc8482a2cc94cacc508, discovery, persistence, ransomware, spyware, stealerMD5: 4337baca641bc801e6223757534aee9dSHA1: 6b73961e68d5988454ad04de870c7ea6570aeaf1ANALYSIS DATE: 2023-03-26T15:05:04ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – djvu – c2c9766bc21d684fdb277faa414fd9ce
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:00d92484c9b27bc8482a2cc94cacc508, discovery, persistence, ransomware, spyware, stealerMD5: c2c9766bc21d684fdb277faa414fd9ceSHA1: 0570ff0ab1e3de949f78a28c3baad118cfaf3e14ANALYSIS DATE: 2023-03-26T15:15:31ZTTPS: T1222, T1082, T1005, T1081,...
