Cobalt Stike Beacon Detected – 1[.]65[.]218[.]184:8023
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 81[.]161[.]229[.]111:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 180[.]76[.]247[.]230:2345
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 195[.]189[.]96[.]249:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]42[.]104[.]211:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 106[.]126[.]12[.]87:8808
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 3[.]22[.]116[.]191:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 70[.]39[.]93[.]88:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]223[.]22[.]86:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]61[.]188[.]128:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 13[.]80[.]122[.]178:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
TRENDnet TEW-811DRU command execution |
NAME__________TRENDnet TEW-811DRU command executionPlatforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________TRENDnet TEW-652BRP could allow a remote attacker to execute arbitrary commands on the...
IBM WebSphere Application Server code execution | CVE-2023-23477
NAME__________IBM WebSphere Application Server code executionPlatforms Affected:IBM WebSphere Application Server 8.5 IBM WebSphere Application Server 9.0Risk Level:8.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________IBM WebSphere...
PHPGurukul Employee Leaves Management System weak security | CVE-2023-0641
NAME__________PHPGurukul Employee Leaves Management System weak securityPlatforms Affected:Risk Level:8.8Exploitability:UnprovenConsequences:Other DESCRIPTION__________PHPGurukul Employee Leaves Management System could provide weaker than expected security,...
Tenable tenable.io, tenable.sc and Nessus privilege escalation | CVE-2023-0524
NAME__________Tenable tenable.io, tenable.sc and Nessus privilege escalationPlatforms Affected:Tenable Network Security Nessus Tenable Tenable.io Tenable Tenable.scRisk Level:9.1Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Tenable tenable.io, tenable.sc...
NOSH ChartingSystem file upload | CVE-2023-24610
NAME__________NOSH ChartingSystem file uploadPlatforms Affected:Risk Level:8.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NOSH ChartingSystem could allow a remote authenticated attacker to upload arbitrary files, caused...
femanager extension for TYPO3 security bypass | CVE-2023-25014
NAME__________femanager extension for TYPO3 security bypassPlatforms Affected:TYPO3 Femanager extension TYPO3 6.3.0 TYPO3 femanager extension for TYPO3 6.0.0 TYPO3 femanager extension...
GNU C Library (glibc) buffer overflow | CVE-2023-25139
NAME__________GNU C Library (glibc) buffer overflowPlatforms Affected:GNU glibc 2.37Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________GNU C Library (glibc) is vulnerable to a buffer...
TRENDnet TEW-652BRP command execution | CVE-2023-0640
NAME__________TRENDnet TEW-652BRP command executionPlatforms Affected:Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________TRENDnet TEW-652BRP could allow a remote authenticated attacker to execute arbitrary commands on...
Daily Vulnerability Trends: Sun Feb 05 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2019-2215A use-after-free in binder.c allows an elevation of privilege from an application...
Malware Analysis – ransomware – cccc83f84ef321c7d604c17234c40f24
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: cccc83f84ef321c7d604c17234c40f24SHA1: 7c9cd1a4d93077974869f421490303efb8823615ANALYSIS DATE: 2023-02-04T03:46:39ZTTPS: T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – amadey – aa5cdf45ddc9c7cdcd6d5aee1e1c80e2
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:laplas, family:smokeloader, family:vidar, botnet:19, backdoor, clipper, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: aa5cdf45ddc9c7cdcd6d5aee1e1c80e2SHA1:...
Malware Analysis – chaos – 2c6f8e680a400cb2b5426090ccbdea93
Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, evasion, ransomware, spyware, stealerMD5: 2c6f8e680a400cb2b5426090ccbdea93SHA1: 47a691c438547b27fac9896f3783026d8be4dbe9ANALYSIS DATE: 2023-02-04T05:25:11ZTTPS: T1490, T1059, T1107, T1082, T1005, T1081, T1491,...
Malware Analysis – amadey – fbb4581199f9cce736dc01aca56b1be2
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:fabookie, family:laplas, family:smokeloader, family:vidar, botnet:19, backdoor, clipper, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5:...
