Black Basta Ransomware Victim: Michael Sullivan & Associates
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Black Basta Ransomware Victim: CSW GmbH
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – 46[.]175[.]148[.]74:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 31[.]41[.]244[.]192:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]143[.]94[.]214:8000
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 46[.]175[.]148[.]53:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 9dead8d771b215649c86c1374a591799
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 9dead8d771b215649c86c1374a591799SHA1: 5298328fabb9c73665793e0b93051567408db8a7ANALYSIS DATE: 2022-10-12T10:22:17ZTTPS: T1005, T1081, T1012, T1060,...
Malware Analysis – ermac – 24b1ce69f7066a7bc9bc32e3c969d8d9
Score: 10 MALWARE FAMILY: ermacTAGS:family:ermac, banker, evasion, infostealer, ransomware, trojanMD5: 24b1ce69f7066a7bc9bc32e3c969d8d9SHA1: f36ff949217f3340a717a0e5a4d079b254b876beANALYSIS DATE: 2022-10-12T10:25:27ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 6801db35f78978c4b99f6d78a5753eff
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 6801db35f78978c4b99f6d78a5753effSHA1: afeb1ce64b59ea20876bc2fee8a70023e56d6797ANALYSIS DATE: 2022-10-12T10:23:03ZTTPS: T1053, T1005, T1081, T1222,...
Malware Analysis – smokeloader – 5d93dd4f046d16989f0dc53f6bb3326f
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 5d93dd4f046d16989f0dc53f6bb3326fSHA1: cc20ab38c977b233a38730174b58bb04a7d1e646ANALYSIS DATE: 2022-10-12T10:35:48ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Web Based Student Clearance System file upload | CVE-2022-3436
NAME Web Based Student Clearance System file upload Platforms Affected:Sourcecodester Web-Based Student Clearance System 1.0Risk Level:8.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION...
Microsoft SharePoint Server code execution | CVE-2022-38053
NAME Microsoft SharePoint Server code execution Platforms Affected:Microsoft SharePoint Foundation 2013 SP1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Enterprise...
Apache Kylin command execution | CVE-2022-24697
NAME Apache Kylin command execution Platforms Affected:Apache Kylin 4.0.1Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apache Kylin could allow a remote attacker to...
Microsoft Windows Local Security Authority (LSA) privilege escalation | CVE-2022-38016
NAME Microsoft Windows Local Security Authority (LSA) privilege escalation Platforms Affected:Microsoft Windows Server 2019 Microsoft Windows 10 1809 for x64-based...
Dell EMC XtremIO security bypass | CVE-2022-31228
NAME Dell EMC XtremIO security bypass Platforms Affected:Dell EMC XtremIO 6.3.0Risk Level:8.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Dell EMC XtremIO could allow a...
Microsoft Azure Arc-enabled Kubernetes cluster Connect privilege escalation | CVE-2022-37968
NAME Microsoft Azure Arc-enabled Kubernetes cluster Connect privilege escalation Platforms Affected:Microsoft Azure Arc Connected ClustersRisk Level:10Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Microsoft Azure...
CREALOGIX AG Electronic Banking Internet Communication Standard (EBICS) cross-site scripting |
NAME CREALOGIX AG Electronic Banking Internet Communication Standard (EBICS) cross-site scripting Platforms Affected:CREALOGIX AG Electronic Banking Internet Communication Standard (EBICS)Risk...
ZenTao model.php code execution |
NAME ZenTao model.php code execution Platforms Affected:EasyCorp ZenTao 17.0Risk Level:8.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION ZenTao could allow a remote authenticated...
Microsoft Windows Point-to-Point Tunneling Protocol code execution | CVE-2022-38047
NAME Microsoft Windows Point-to-Point Tunneling Protocol code execution Platforms Affected:Microsoft Windows Server 2008 SP2 x64 Microsoft Windows 7 SP1 x32...
Microsoft Windows WDAC OLE DB provider for SQL Server code execution | CVE-2022-37982
NAME Microsoft Windows WDAC OLE DB provider for SQL Server code execution Platforms Affected:Microsoft Windows 7 SP1 x32 Microsoft Windows...
SAP Manufacturing Execution directory traversal | CVE-2022-39802
NAME SAP Manufacturing Execution directory traversal Platforms Affected:SAP Manufacturing Execution 15.1 SAP Manufacturing Execution 15.2 SAP Manufacturing Execution 15.3Risk Level:9.9Exploitability:UnprovenConsequences:Obtain...
Microsoft Windows WDAC OLE DB provider for SQL Server code execution | CVE-2022-38031
NAME Microsoft Windows WDAC OLE DB provider for SQL Server code execution Platforms Affected:Microsoft Windows 7 SP1 x32 Microsoft Windows...
Microsoft SharePoint Server code execution | CVE-2022-41038
NAME Microsoft SharePoint Server code execution Platforms Affected:Microsoft SharePoint Foundation 2013 SP1 Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Enterprise...
Adobe ColdFusion buffer overflow | CVE-2022-35690
NAME Adobe ColdFusion buffer overflow Platforms Affected:Adobe ColdFusion 2018 Update 14 Adobe ColdFusion 2021 Update 4Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Adobe...
