Coinbase Wallet ‘Red Pill’ flaw allowed attacks to evade detection
Coinbase wallet and other decentralized crypto apps (dapps) were found to be vulnerable to "red pill attacks," a method that...
Year: 2023
Breached hacking forum shuts down, fears it’s not ‘safe’ from FBI
The notorious Breached hacking forum has shut down after the remaining administrator, Baphomet, disclosed that they believe law enforcement has...
Clop ransomware claims Saks Fifth Avenue, retailer says mock data stolen
The Clop ransomware gang claims to have attacked Saks Fifth Avenue on its dark web leak site. The cyber security...
LockBit ransomware gang now also claims City of Oakland breach
Another ransomware operation, the LockBit gang, now threatens to leak what it describes as files stolen from the City of Oakland's...
Hackers use new PowerMagic and CommonMagic malware to steal data
Security researchers have discovered attacks from an advanced threat actor that used “a previously unseen malicious framework” called CommonMagic and...
BreachForums Administrator Baphomet Shuts Down Infamous Hacking Forum
In a sudden turn of events, Baphomet, the current administrator of BreachForums, said in an update on March 21, 2023,...
RansomHouse Ransomware Victim: Design CATAPULT
RansomHouse Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Invoke-PSObfuscation – An In-Depth Approach To Obfuscating The Individual Components Of A PowerShell Payload Whether You’Re On Windows Or Kali Linux
Traditional obfuscation techniques tend to add layers to encapsulate standing code, such as base64 or compression. These payloads do continue...
Malware Analysis – amadey – 6cdaede49ef2e633127488885fb06030
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:pseudomanuscrypt, family:redline, family:rhadamanthys, family:smokeloader, family:vidar, botnet:fronx2, botnet:pub1, botnet:sprg, backdoor, discovery, infostealer, loader, persistence, ransomware,...
Malware Analysis – djvu – 4fb20686bc89af2e05086d23acd03ded
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 4fb20686bc89af2e05086d23acd03dedSHA1: 1819399d18736fef25382b70f566a343a0190a4dANALYSIS DATE: 2023-03-21T16:32:32ZTTPS: T1012, T1082, T1005, T1081, T1060,...
Malware Analysis – djvu – 137e1a10363bdc6bcda337cc0366c4a0
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 137e1a10363bdc6bcda337cc0366c4a0SHA1: 17bb4a66bcf72c91dd19dba83ef0df2b75999d8bANALYSIS DATE: 2023-03-21T16:39:21ZTTPS: T1222, T1053, T1005, T1081, T1012,...
Malware Analysis – djvu – eedc8762268992134adfad53f79e8f2b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: eedc8762268992134adfad53f79e8f2bSHA1: 8fbb0774255716c23ecf56467ca61a978bca5ac0ANALYSIS DATE: 2023-03-21T17:11:02ZTTPS: T1005, T1081, T1012, T1082, T1060,...
Malware Analysis – djvu – 1aa5f5e7075595564871a31581070efc
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 1aa5f5e7075595564871a31581070efcSHA1: 403f1d459972dba30f392d869e6ab2d88f5971deANALYSIS DATE: 2023-03-21T18:49:32ZTTPS: T1053, T1012, T1082, T1005, T1081,...
Malware Analysis – evasion – 53ce3a5d1987f019f63a0679a2f25bce
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, trojan, upxMD5: 53ce3a5d1987f019f63a0679a2f25bceSHA1: 1db064653e30ca5e82d122bdc4782dac9e941fbbANALYSIS DATE: 2023-03-21T18:04:33ZTTPS: T1089, T1112, T1018 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 3e24b4dda34ee179d93408970ef1fced
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 3e24b4dda34ee179d93408970ef1fcedSHA1: 5408863a9b5f28a232f4c6d3422c56e16ddd170eANALYSIS DATE: 2023-03-21T17:51:02ZTTPS: T1222, T1053, T1005, T1081, T1060,...
Malware Analysis – amadey – ade7133a2f4a50a1b7dc122b55778280
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:rhadamanthys, family:smokeloader, family:vidar, botnet:pub1, botnet:sprg, backdoor, discovery, persistence, ransomware, spyware, stealer, trojanMD5: ade7133a2f4a50a1b7dc122b55778280SHA1: 8413e88ec4b203116cb03cb8c099556be1bee557ANALYSIS...
New ‘Bad Magic’ Cyber Threat Disrupt Ukraine’s Key Sectors Amid War
Amid the ongoing war between Russia and Ukraine, government, agriculture, and transportation organizations located in Donetsk, Lugansk, and Crimea have...
New ShellBot DDoS Malware Variants Targeting Poorly Managed Linux Servers
Poorly managed Linux SSH servers are being targeted as part of a new campaign that deploys different variants of a...
From Ransomware to Cyber Espionage: 55 Zero-Day Vulnerabilities Weaponized in 2022
As many as 55 zero-day vulnerabilities were exploited in the wild in 2022, with most of the flaws discovered in...
The Best Defense Against Cyber Threats for Lean Security Teams
H0lyGh0st, Magecart, and a slew of state-sponsored hacker groups are diversifying their tactics and shifting their focus to… You. That...
LockBit 3.0 Ransomware Victim: telepizza[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: alyasrafoods[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: hendrickcorp[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: oaklandca[.]gov
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
