Cobalt Stike Beacon Detected – 23[.]94[.]99[.]61:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
threatintel
Cobalt Stike Beacon Detected – 178[.]62[.]196[.]105:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 128[.]199[.]40[.]248:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 118[.]195[.]203[.]180:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 3[.]85[.]243[.]211:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 146[.]70[.]87[.]124:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 42[.]194[.]219[.]135:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 116[.]62[.]78[.]16:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 106[.]55[.]226[.]181:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 46[.]30[.]188[.]66:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Detect Azure AD Hybrid Cloud Vulnerabilities
AADInternals is a PowerShell module widely used by administrators for administering Azure Active Directory (AD) and Microsoft 365 - learn...
Bruised but Not Broken: The Resurgence of the Emotet Botnet Malware
During the first quarter of 2022, we discovered a significant number of infections using multiple new Emotet variants that employed...
Cyber risk management: Attribution strategies
Discover the importance of cyber attribution, the benefits, and the right tools to assist your efforts so you can better...
C2concealer – Command Line Tool That Generates Randomized C2 Malleable Profiles For Use In Cobalt Strike
C2concealer is a command line tool that generates randomized C2 malleable profiles for use in Cobalt Strike. Installation chmod u+x...
Google OAuth client library flaw allowed to deploy of malicious payloads
Google addressed a high-severity flaw in its OAuth client library for Java that could allow attackers with a compromised token...
CISA: ISC Releases Security Advisory for BIND
ISC Releases Security Advisory for BIND The Internet Systems Consortium (ISC) has released a security advisory that addresses a vulnerability...
CISA: CISA Releases Analysis of FY21 Risk and Vulnerability Assessments
CISA Releases Analysis of FY21 Risk and Vulnerability Assessments CISA has released an analysis and infographic detailing the findings from...
Pwn2Own Vancouver 2022 D1: MS Teams exploits received $450,000
White hat hackers earned a total of $800,000 on the first day of the Pwn2Own Vancouver 2022, $450,000 for exploits...
How iPhones can run malware even when they’re off
Most people think that turning off their iPhone – or letting the battery die – means that the phone is,...
Cardiologist moonlighted as successful ransomware developer
The US has charged a 55-year-old French-Venezuelan cardiologist from Venezuela with “attempted computer intrusions and conspiracy to commit computer intrusions”....
China-linked Space Pirates APT targets the Russian aerospace industry
A new China-linked cyberespionage group known as ‘Space Pirates’ is targeting enterprises in the Russian aerospace industry. A previously unknown...
PowerProxy – PowerShell SOCKS Proxy With Reverse Proxy Capabilities
PowerShell SOCKS proxy with reverse proxy capabilities. PowerProxy is written with penetration testers in mind. Reverse proxy functionality is a...
VMWare vulnerabilities are actively being exploited, CISA warns
The Cybersecurity & Infrastructure Security Agency has issued an Emergency Directive ED 22-03 and released a Cybersecurity Advisory (CSA) about...
10 ways attackers gain access to networks
A joint multi-national cybersecurity advisory has revealed the top ten attack vectors most exploited by cybercriminals in order to gain...
