How a Cloud Security Broker Reduces SaaS App Risks – SASE Part 4
Responsibility for protecting users and critical data in cloud applications falls to the organizations that use them. Discover how to...
threatintel
From Bounty to Exploit: Observations About Cybercriminal Contests
From articles to hackathons, cybercriminals are resorting to crowdsourcing to find more ways to exploit systems. In this blog, we...
Attack Surface Management 2022 Midyear Review Part 2
In our 2022 midyear roundup, we examine the most significant trends and incidents that influenced the cybersecurity landscape in the...
Where is the Origin?: QAKBOT Uses Valid Code Signing
Code signing certificates help us assure the file's validity and legitimacy. However, threat actors can use that against us. In...
LockBit 3.0 Ransomware Victim: tiffinmetal[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Thomson Reuters collected and leaked at least 3TB of sensitive data
The multinational media conglomerate Thomson Reuters left a database with sensitive customer and corporate data exposed online Original post at...
SiriSpy flaw allows eavesdropping on users’ conversations with Siri
SiriSpy is a vulnerability affecting Apple iOS and macOS that allowed apps to eavesdrop on users’ conversations with Siri. SiriSpy...
Whids – Open Source EDR For Windows
What EDR with artifact collection driven by detection. The detection engine is built on top of a previous project NB:...
LockBit 3.0 Ransomware Victim: steelesolutions[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Preparing for the long haul: the cyber threat from Russia
Preparing for the long haul: the cyber threat from Russia In January 2022, ahead of Russia’s invasion of Ukraine, we...
Cobalt Stike Beacon Detected – 20[.]219[.]255[.]76:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]189[.]7[.]48:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]32[.]74[.]236:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 82[.]156[.]14[.]220:801
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 176[.]113[.]115[.]102:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 185[.]143[.]223[.]71:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 87[.]251[.]67[.]211:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]15[.]189[.]200:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 178[.]18[.]255[.]124:444
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 199[.]255[.]99[.]112:23424
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]174[.]158[.]174:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]143[.]215[.]30:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – – 4e5a9de6dee1ea7cabb43974a889a531
Score: 3 MALWARE FAMILY: TAGS:MD5: 4e5a9de6dee1ea7cabb43974a889a531SHA1: 1c9c65accb79f622b1adc8e34e14848776686a30ANALYSIS DATE: 2022-10-27T08:46:37ZTTPS: T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – danabot – 824e08873738c225a76596134d687c92
Score: 10 MALWARE FAMILY: danabotTAGS:family:danabot, family:djvu, family:redline, family:smokeloader, family:systembc, family:vidar, botnet:1752, botnet:517, botnet:mario23_10, backdoor, banker, collection, discovery, infostealer, persistence, ransomware,...
