Cobalt Stike Beacon Detected – 124[.]71[.]84[.]65:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Security
Cobalt Stike Beacon Detected – 191[.]101[.]78[.]79:8090
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 8[.]134[.]56[.]231:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 120[.]26[.]240[.]21:55443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 123[.]57[.]131[.]96:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]189[.]12[.]60:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 139[.]196[.]234[.]164:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 119[.]3[.]194[.]221:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 198[.]98[.]55[.]58:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 179[.]60[.]150[.]99:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Diving into an Old Exploit Chain and Discovering 3 new SIP-Bypass Vulnerabilities
More than two years ago, a researcher, A2nkF demonstrated the exploit chain from root privilege escalation to SIP-Bypass up to...
Raspberry Robin Malware Targets Telecom, Governments
We found samples of the Raspberry Robin malware spreading in telecommunications and government office systems beginning September. The main payload...
Web3 IPFS Only Used for Phishing – So Far
We discuss the use of the InterPlanetary File System (IPFS) in phishing attacks. If you like the site, please consider...
Malware Analysis – djvu – daf392649efbbfda72d564e792a21679
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: daf392649efbbfda72d564e792a21679SHA1: a8e8d94c5887ef837c812a51e528d3244493d98cANALYSIS DATE: 2022-12-20T16:49:37ZTTPS: T1222, T1082, T1005, T1081, T1012, T1060,...
Malware Analysis – makop – 6a956731b3677dd9d4d18641d40532ab
Score: 10 MALWARE FAMILY: makopTAGS:family:makop, ransomware, spyware, stealerMD5: 6a956731b3677dd9d4d18641d40532abSHA1: 1994ee0b381c5528d5b5c01fb97a14b5ff81e5a5ANALYSIS DATE: 2022-12-20T17:44:04ZTTPS: T1059, T1107, T1490, T1005, T1081 ScoreMeaningExample10Known badA malware...
Malware Analysis – play – 57bcb8cfad510109f7ddedf045e86a70
Score: 10 MALWARE FAMILY: playTAGS:family:play, ransomware, spyware, stealerMD5: 57bcb8cfad510109f7ddedf045e86a70SHA1: e6c381859f53d0c0db9fcd30fa601ecb935b93e0ANALYSIS DATE: 2022-12-20T15:47:27ZTTPS: T1005, T1081, T1012, T1120, T1082 ScoreMeaningExample10Known badA malware...
Malware Analysis – djvu – 98f766d73ebce6d6f50e096bf91de915
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 98f766d73ebce6d6f50e096bf91de915SHA1: 66995579b886ad37ca5b6a60251f40c756177dcaANALYSIS DATE: 2022-12-20T16:15:06ZTTPS: T1060, T1112, T1082, T1053, T1012, T1222,...
Microsoft shares details for a Gatekeeper Bypass bug in Apple macOS
Microsoft disclosed technical details of a vulnerability in Apple macOS that could be exploited by an attacker to bypass Gatekeeper....
HTTPLoot – An Automated Tool Which Can Simultaneously Crawl, Fill Forms, Trigger Error/Debug Pages And “Loot” Secrets Out Of The Client-Facing Code Of Sites
An automated tool which can simultaneously crawl, fill forms, trigger error/debug pages and "loot" secrets out of the client-facing code...
Cobalt Stike Beacon Detected – 45[.]81[.]128[.]189:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 62[.]204[.]41[.]155:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 82[.]157[.]251[.]237:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 31[.]42[.]177[.]165:8008
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – a921630469b9a90ee06e2eb1162518d0
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: a921630469b9a90ee06e2eb1162518d0SHA1: 285f2fe0ccd5404066abd5aa2e2cdc35e8fcbd55ANALYSIS DATE: 2022-12-20T10:21:55ZTTPS: T1222, T1082, T1005, T1081, T1012, T1060,...
