Cobalt Stike Beacon Detected – 43[.]142[.]185[.]150:10001
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Security
Cobalt Stike Beacon Detected – 62[.]204[.]41[.]120:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 85[.]239[.]34[.]118:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 119[.]91[.]153[.]107:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 8[.]129[.]79[.]193:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 8[.]210[.]168[.]140:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
GAIROSCOPE attack allows to exfiltrate data from Air-Gapped systems via ultrasonic tones
GAIROSCOPE: An Israeli researcher demonstrated how to exfiltrate data from air-gapped systems using ultrasonic tones and smartphone gyroscopes. The popular...
Threat actors are using the Tox P2P messenger as C2 server
Threat actors are using the Tox peer-to-peer instant messaging service as a command-and-control server, Uptycs researchers reported. Tox is a...
Kimsuky’s GoldDragon cluster and its C2 operations
Kimsuky (also known as Thallium, Black Banshee and Velvet Chollima) is a prolific and active threat actor primarily targeting Korea-related...
Ransomware updates & 1-day exploits
Introduction In our crimeware reporting service, we analyze the latest crime-related trends we come across. Last month, we again posted...
Plex discloses data breach and urges password reset
The streaming media platform Plex is urging its users to reset passwords after threat actors gained access to its database....
Cobalt Stike Beacon Detected – 45[.]89[.]106[.]126:5555
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]222[.]131[.]194:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]172[.]102[.]68:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]134[.]29[.]177:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 128[.]199[.]138[.]206:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 179[.]60[.]149[.]8:8088
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 121[.]36[.]164[.]9:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 192[.]144[.]234[.]75:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]104[.]212[.]159:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 8[.]210[.]76[.]6:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus
We investigate mhyprot2.sys, a vulnerable anti-cheat driver for the popular role-playing game Genshin Impact. The driver is currently being abused...
CISA: Preparing Critical Infrastructure for Post-Quantum Cryptography
Preparing Critical Infrastructure for Post-Quantum Cryptography CISA has released CISA Insights: Preparing Critical Infrastructure for Post-Quantum Cryptography, which outlines the...
AiTM phishing campaign also targets G Suite users
The threat actors behind a large-scale adversary-in-the-middle (AiTM) phishing campaign now target Google G Suite users The threat actors behind a large-scale...
