Cobalt Strike Beacon Detected – 47[.]238[.]103[.]180:54322
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
OSINT
Cobalt Strike Beacon Detected – 92[.]118[.]170[.]81:54322
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 124[.]222[.]164[.]43:6667
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 101[.]200[.]193[.]211:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 147[.]45[.]47[.]88:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 101[.]35[.]228[.]105:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 120[.]46[.]212[.]33:81
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Posh C2 Detected – 185[.]147[.]124[.]104:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
CVE Alert: CVE-2024-51470
Vulnerability Summary: CVE-2024-51470 IBM MQ 9.1 LTS, 9.2 LTS, 9.3 LTS, 9.3 CD, 9.4 LTS, 9.4 CD, IBM MQ Appliance...
CVE Alert: CVE-2024-56053
Vulnerability Summary: CVE-2024-56053 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes WPLMS allows...
CVE Alert: CVE-2024-49363
Vulnerability Summary: CVE-2024-49363 Misskey is an open source, federated social media platform. In affected versions FileServerService (media proxy) in github.com/misskey-dev/misskey...
CVE Alert: CVE-2024-52579
Vulnerability Summary: CVE-2024-52579 Misskey is an open source, federated social media platform. Some APIs using `HttpRequestService` do not properly check...
CVE Alert: CVE-2024-12741
Vulnerability Summary: CVE-2024-12741 A deserialization of untrusted data vulnerability exists in NI DAQExpress that may result in remote code execution....
CVE Alert: CVE-2024-12686
Vulnerability Summary: CVE-2024-12686 A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS) which can allow...
CVE Alert: CVE-2024-56140
Vulnerability Summary: CVE-2024-56140 Astro is a web framework for content-driven websites. In affected versions a bug in Astro’s CSRF-protection middleware...
CVE Alert: CVE-2024-53271
Vulnerability Summary: CVE-2024-53271 Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions envoy does not properly handle http 1.1...
CVE Alert: CVE-2024-53269
Vulnerability Summary: CVE-2024-53269 Envoy is a cloud-native high-performance edge/middle/service proxy. When additional address are not ip addresses, then the Happy...
CVE Alert: CVE-2024-53270
Vulnerability Summary: CVE-2024-53270 Envoy is a cloud-native high-performance edge/middle/service proxy. In affected versions `sendOverloadError` is going to assume the active...
[CLOP] – Ransomware Victim: IMSPLGROUP[.]COM
Ransomware Group: CLOP VICTIM NAME: IMSPLGROUPCOM NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[CLOP] – Ransomware Victim: EMPRESARIA[.]COM
Ransomware Group: CLOP VICTIM NAME: EMPRESARIACOM NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[FUNKSEC] – Ransomware Victim: agti[.]eng[.]br
Ransomware Group: FUNKSEC VICTIM NAME: agtiengbr NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[FUNKSEC] – Ransomware Victim: web[.]vaips[.]cl
Ransomware Group: FUNKSEC VICTIM NAME: webvaipscl NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[ABYSS] – Ransomware Victim: bataviacontainer[.]com
Ransomware Group: ABYSS VICTIM NAME: bataviacontainercom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2024-39804
Vulnerability Summary: CVE-2024-39804 A library injection vulnerability exists in Microsoft PowerPoint 16.83 for macOS. A specially crafted library can leverage...
