Cobalt Stike Beacon Detected – 154[.]16[.]118[.]14:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 118[.]195[.]221[.]184:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 114[.]117[.]0[.]225:53
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 159[.]223[.]177[.]172:8081
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 103[.]146[.]141[.]98:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 84[.]32[.]188[.]170:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 204[.]13[.]154[.]22:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]227[.]184[.]116:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 121[.]40[.]242[.]200:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
SessionManager Backdoor employed in attacks on Microsoft IIS servers worldwide
Researchers warn of a new ‘SessionManager’ Backdoor that was employed in attacks targeting Microsoft IIS Servers since March 2021. Researchers...
BlackCat/ALPHV Ransomware Victim: HANSA KONTAKT
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
A long-running cryptomining campaign conducted by 8220 hackers now targets Linux servers
Microsoft spotted a cloud threat actor tracked as 8220 that is now targeting Linux servers in a long-running cryptomining campaign....
awsEnum – Enumerate AWS Cloud Resources Based On Provided Credential
Enumrate AWS services! with no nosies awsEnum is a python script enumrate AWS services through the provided credential. ▄▄▄▄▄▄ ▄...
BlackCat/ALPHV Ransomware Victim: Continental Management
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
ZuoRAT is a sophisticated malware that mainly targets SOHO routers
Researchers have analysed a campaign leveraging infected SOHO routers to target predominantly North American and European networks of interest. The...
Update now! Mozilla fixes security vulnerabilities and introduces a new privacy feature for Firefox
Mozilla released version 102.0 of the Firefox browser to Release channel users on June 28, 2022. The new version fixes...
Amazon Photos vulnerability could have given attackers access to user files and data
Amazon has patched a flaw in the Amazon Photos app which could have allowed an attacker to steal and use...
Immigration organisations targeted by APT group Evilnum
Organisations working in the immigration sector are advised to be on high alert for Advanced Persistent Threat (APT) attacks. Bleeping...
Raccoon Stealer returns with a new bag of tricks
The popular malware Raccoon stealer, which suspended operations after a developer allegedly died in the Ukraine invasion, has returned. Raccoon...
Pro-Russian hackers launched a massive DDoS attack against Norway
Norway’s National Security Authority (NSM) confirmed that a DDoS attack took down some of the country’s most important websites. Norway’s...
Daily Vulnerability Trends: Fri Jul 01 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-1134 No description provided CVE-2022-0847A flaw was found in the way the...
The SessionManager IIS backdoor
Following on from our earlier Owowa discovery, we continued to hunt for more backdoors potentially set up as malicious modules...
Korean cybersecurity agency released a free decryptor for Hive ransomware
Good news for the victims of the Hive ransomware, Korean security researchers have released a free decryptor for some versions....
Cobalt Stike Beacon Detected – 47[.]93[.]185[.]190:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
