Cobalt Stike Beacon Detected – 129[.]226[.]201[.]214:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
threatintel
NetDooka Framework Distributed via PrivateLoader Malware as Part of Pay-Per-Install Service
This report focuses on the components and infection chain of the NetDooka framework. Its scope ranges from the release of...
Workshop: Simplifying Network Security in the Cloud
In this workshop, you will learn how to leverage Trend Micro Cloud One™ - Network Security to provide a powerful...
Malicious-Pdf – Generate A Bunch Of Malicious Pdf Files With Phone-Home Functionality
Generate ten different malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh Used for penetration...
Google addresses actively exploited Android flaw in the kernel
Google released the May security bulletin for Android, 2022-05-05 security patch level, which fixed an actively exploited Linux kernel flaw....
CISA: Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird
Mozilla Releases Security Updates for Firefox, Firefox ESR, and Thunderbird Mozilla has released security updates to address vulnerabilities in Firefox,...
CISA: Cisco Releases Security Updates for Enterprise NFV Infrastructure Software
Cisco Releases Security Updates for Enterprise NFV Infrastructure Software Cisco has released security updates to address multiple vulnerabilities in Enterprise...
The $43 billion Business Email Compromise threat
The FBI has released a public service announcement regarding the ever-present threat of Business Email Compromise (BEC). This comes hot...
Nigerian Tesla: 419 scammer gone malware distributor unmasked
Agent Tesla is a well-known data stealer written in .NET that has been active since 2014 and is perhaps one...
Cisco addresses three bugs in Enterprise NFVIS Software
Cisco addresses three flaws impacting its Enterprise NFV Infrastructure Software (NFVIS) that could allow the compromise of the hosts. Cisco...
Google fixes two critical Pixel vulnerabilities: Get your updates when you can!
Google has made updates available for Android 10, 11, 12 and 12L. The May Android Security Bulletin contains details of...
A couple of 10-Year-Old flaws affect Avast and AVG antivirus
Researcher discovered a couple of high-severity security flaws that affect a driver used by Avast and AVG antivirus solutions. SentinelOne...
Graphql-Threat-Matrix – GraphQL Threat Framework Used By Security Professionals To Research Security Gaps In GraphQL Implementations
Why graphql-threat-matrix? graphql-threat-matrix was built for bug bounty hunters, security researchers and hackers to assist with uncovering vulnerabilities across multiple...
It’s business as usual for REvil ransomware
After the FBS arrested 14 of its members in January, and a subsequent lull in action, the REvil ransomware gang...
World Password Day: Brushing up on the basics
World Password Day is today, reminding us of the value of solid passwords, and good password practices generally. There are...
F5 warns its customers of tens of flaws in its products
Cybersecurity provider F5 released security patches to address tens of vulnerabilities affecting its products. Security and application delivery solutions provider...
A new secret stash for “fileless” malware
In February 2022 we observed the technique of putting the shellcode into Windows event logs for the first time “in...
LockBit 2.0 Ransomware Victim: nizing[.]com[.]tw
LockBit 2.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 2.0 Ransomware Victim: aref[.]government[.]bg
LockBit 2.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 2.0 Ransomware Victim: rogz[.]com
LockBit 2.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
China-linked Winnti APT steals intellectual property from companies worldwide
A sophisticated cyberespionage campaign, dubbed Operation CuckooBees, conducted by the China-linked Winnti group remained undetected since at least 2019. Researchers...
Cliam – Multi Cloud IAM Permissions Enumeration Tool
Multi cloud iam permissions enumeration tool. Currently covers: AWS GCP Azure Oracle Description Cliam is a simple cloud permissions identifier....
CISA: Mozilla Releases Security Updates for Firefox and Firefox ESR
Mozilla Releases Security Updates for Firefox and Firefox ESR Mozilla has released security updates to address vulnerabilities in Firefox and...
CISA: F5 Releases Security Advisories Addressing Multiple Vulnerabilities
F5 Releases Security Advisories Addressing Multiple Vulnerabilities F5 has released security advisories on vulnerabilities affecting multiple products, including various versions...
