Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, ransomwareMD5: d7b6db1727fbce074304a7f52e745410SHA1: 05289d8730edcf6998f7ca1ee04c15fb1287a106ANALYSIS DATE: 2022-11-05T22:00:32ZTTPS: T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 0714fef21fa2058d90d1bc67b2356cc9SHA1: c8ac3e16023a064e54384f1eef93d57c71dc2b04ANALYSIS DATE: 2022-11-05T22:14:54ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: f7bb27e406c5b92ec0438699eb76c2afSHA1: e65e3a09b9eff143917a6ca5283e5c22016634c3ANALYSIS DATE: 2022-11-05T22:31:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: b0f8a4260a89b630ba09bd866b6fae36SHA1: 54f8db159fee8cec990873f2a0013e3e4b078dd7ANALYSIS DATE: 2022-11-05T23:52:46ZTTPS: T1060, T1112, T1222, T1082, T1005, T1081,...
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 3581e600b562f13a0a23d301cf45e97fSHA1: 7bbc34ed95d9f65e08a6440748b1676ef6cf16d8ANALYSIS DATE: 2022-11-05T23:16:20ZTTPS: T1005, T1081, T1060, T1112, T1012, T1053,...
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:mast1000, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: 5039097901c0a2d3a17f528c80e49a52SHA1: fed22f4080fe0cbbf6e7755e71748f53db4c1adcANALYSIS DATE:...
Score: 7 MALWARE FAMILY: TAGS:MD5: 250a23219a576180547734430d71b0e6SHA1: a5bcdb824d325d44c5e0feb5bf9389da520e6f82ANALYSIS DATE: 2022-11-05T22:45:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Cybersecurity researchers discovered 29 malicious PyPI packages delivering the W4SP stealer to developers’ systems. Cybersecurity researchers have discovered 29 packages...
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Microsoft warns of an uptick among threat actors increasingly using publicly-disclosed zero-day exploits in their attacks. According to the Digital...
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Motivation During the forensic analysis of a Windows machine, you may find the name of a deleted prefetch file. While...
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
NAME Rukovoditel cross-site scripting Platforms Affected:Risk Level:10Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Rukovoditel is vulnerable to cross-site scripting, caused by improper validation of...
NAME D-Link DIR-878 command execution Platforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION D-Link DIR-878 could allow a remote attacker to execute arbitrary...
NAME Rukovoditel SQL injection Platforms Affected:Risk Level:9.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION Rukovoditel is vulnerable to SQL injection. A remote attacker could send...
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-32250net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able...
