Linux Cheerscrypt ransomware is linked to Chinese DEV-0401 APT group
Researchers link recently discovered Linux ransomware Cheerscrypt to the China-linked cyberespionage group DEV-0401. Researchers at cybersecurity firm Sygnia attributed the...
threatintel
Microsoft mitigations for recently disclosed Exchange zero-days can be easily bypassed
The mitigation shared by Microsoft for the two recently disclosed Exchange zero-day vulnerabilities can be bypassed, expert warns. Last week,...
DeftTorero: tactics, techniques and procedures of intrusions revealed
Earlier this year, we started hunting for possible new DeftTorero (aka Lebanese Cedar, Volatile Cedar) artifacts. This threat actor is...
Cobalt Stike Beacon Detected – 103[.]146[.]179[.]87:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 221[.]148[.]178[.]131:70
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]182[.]189[.]190:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 179[.]43[.]156[.]133:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]243[.]203[.]249:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 180[.]76[.]247[.]230:1234
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 39[.]101[.]70[.]138:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 81[.]68[.]225[.]226:8088
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Posh C2 Detected – 164[.]132[.]138[.]128:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Posh C2 Detected – 18[.]132[.]247[.]80:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Posh C2 Detected – 192[.]18[.]141[.]199:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Posh C2 Detected – 103[.]27[.]203[.]197:444
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Posh C2 Detected – 95[.]213[.]145[.]101:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Posh C2 Detected – 109[.]234[.]36[.]5:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Trojanized Comm100 Live Chat app installer distributed a JavaScript backdoor
A threat actor used a trojanized installer for the Comm100 Live Chat application to distribute a JavaScript backdoor. Cybersecurity firm...
CISA: CISA Issues Binding Operational Directive 23-01: Improving Asset Visibility and Vulnerability Detection on Federal Networks
CISA Issues Binding Operational Directive 23-01: Improving Asset Visibility and Vulnerability Detection on Federal Networks CISA has issued Binding Operational...
RansomEXX gang claims to have hacked Ferrari and leaked online internal documents
The Italian luxury sports car manufacturer Ferrari confirmed the availability of internal documents online, but said it has no evidence...
Finnish intelligence warns of Russia’s cyberespionage activities
The Finnish Security Intelligence Service (SUPO) warns Russia will highly likely intensify its cyber activity over the winter. The Finnish...
Java-Remote-Class-Loader – Tool to send Java bytecode to your victims to load and execute using Java ClassLoader together with Reflect API
This tool allows you to send Java bytecode in the form of class files to your clients (or potential targets)...
Cobalt Stike Beacon Detected – 94[.]232[.]41[.]104:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]142[.]138[.]251:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
