Cobalt Stike Beacon Detected – 144[.]34[.]184[.]150:2095
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]12[.]223[.]184:8112
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]227[.]190[.]205:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 123[.]56[.]98[.]161:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 185[.]239[.]227[.]11:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 216[.]70[.]80[.]16:8099
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Examining Log4j Vulnerabilities in Connected Cars and Charging Stations
In this entry we look into how Log4j vulnerabilities affect devices or properties embedded in or used for connected cars,...
MultiPotato – Another Potato to get SYSTEM via SeImpersonate privileges
First of all - credit to CreateProcessAsUserW with SpoolSample trigger:c:tempMultiPotato> MultiPotato.exe -t CreateProcessAsUserW -p "pwnedpipespoolss" -e "C:tempstage2.exe"And trigger it viac:tempMultiPotato>MS-RPRN.exe...
AvosLocker ransomware reboots in Safe Mode and installs tools for remote access
In a recent wave of attacks, AvosLocker ransomware is rebooting systems into Windows Safe Mode to disable endpoint security solutions....
CVE-2021-43891
Summary: Visual Studio Code Remote Code Execution Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43891 CVSS Score (if available) v2: / MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P v3:...
CVE-2021-43891
Summary: Visual Studio Code Remote Code Execution Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43891 CVSS Score (if available) v2: / MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P v3:...
CVE-2021-43883
Summary: Windows Installer Elevation of Privilege Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43883 CVSS Score (if available) v2: / MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P v3: /...
CVE-2021-43883
Summary: Windows Installer Elevation of Privilege Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43883 CVSS Score (if available) v2: / MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P v3: /...
CVE-2021-43883
Summary: Windows Installer Elevation of Privilege Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43883 CVSS Score (if available) v2: / MEDIUMAV:L/AC:L/Au:N/C:P/I:P/A:P v3: /...
CVE-2021-43888
Summary: Microsoft Defender for IoT Information Disclosure Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43888 CVSS Score (if available) v2: / MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N v3:...
CVE-2021-43888
Summary: Microsoft Defender for IoT Information Disclosure Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43888 CVSS Score (if available) v2: / MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N v3:...
CVE-2021-43853
Summary: Ajax.NET Professional (AjaxPro) is an AJAX framework available for Microsoft ASP.NET. Affected versions of this package are vulnerable to...
CVE-2021-43889
Summary: Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-41365, CVE-2021-42310, CVE-2021-42311, CVE-2021-42313, CVE-2021-42314,...
CVE-2021-43889
Summary: Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-41365, CVE-2021-42310, CVE-2021-42311, CVE-2021-42313, CVE-2021-42314,...
Crooks bypass a Microsoft Office patch for CVE-2021-40444 to spread Formbook malware
Crooks discovered how to bypass the patch for a recent Microsoft Office vulnerability (CVE-2021-40444) and are using it to distribute...
Three trivial bugs in Microsoft Teams Software remain unpatched
Researchers disclosed four vulnerabilities in the Teams business communication software, but Microsoft will not address three of them. Researchers from...
TrojanSourceFinder – Help Find Trojan Source Vulnerability In Code
TrojanSourceFinder helps developers detect "Trojan Source"  Homoglyph AlternativeAs mentioned by @ioah86 here, trojan source could also been detected w/ a one...
FBI traces and grabs back $150 million theft that was turned into bitcoins
On December 1, 2021, the Tokyo police arrested an employee of Sony Life Insurance on suspicion of fraudulently obtaining 17...
Cobalt Stike Beacon Detected – 179[.]43[.]176[.]100:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
