China-linked APT Curious Gorge targeted Russian govt agencies
China-linked Curious Gorge APT is targeting Russian government agencies, Google Threat Analysis Group (TAG) warns. Google Threat Analysis Group (TAG)...
threatintel
LeakedHandlesFinder – Leaked Windows Processes Handles Identification Tool
Leaked Presented at rootedcon 2022 https://www.rootedcon.com/ponentes-rooted2022/. Presentation -> Presentation/Exploiting Leaked Handles for LPE.pdf Download LeakedHandlesFinder If you like the site,...
US-CERT Bulletin (SB22-122):Vulnerability Summary for the Week of April 25, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
State-backed hacking group from China is targeting the Russian military
In an unexpected turn of events, research has surfaced about a Chinese APT (advanced persistent threat) group targeting the Russian...
A DNS flaw impacts a library used by millions of IoT devices
A vulnerability in the domain name system (DNS) component of the uClibc library impacts millions of IoT products. Nozomi Networks warns of...
Craft fair vendors targeted by fake event scammers on Facebook
A real world scam which sucks the fun out of craft fairs has caused nothing but stress for victims. It...
US healthcare billing services group hacked, affecting at least half a million individuals
According to the US Department of Health and Human Services, Adaptive Health Integrations (AHI), a healthcare software and billing services...
Airdrop phishing: what is it, and how is my cryptocurrency at risk?
Airdrop phishing is a really popular tactic at the moment. It emerged alongside the explosion of Web3/NFT/cryptocurrency popularity, and ensures...
Over 50 countries sign the “Declaration for the Future of the Internet”
Governments of the US, EU member states, and 32 other countries have announced the launch of the “Declaration for the...
FirmWire -b Full-System Baseband Firmware Emulation Platform For Fuzzing, Debugging, And Root-Cause Analysis Of Smartphone Baseband Firmwares
FirmWire is a full-system baseband firmware analysis platform that supports Samsung and MediaTek. It enables fuzzing, root-cause analysis, and FirmWire...
China-linked Moshen Dragon abuses security software to sideload malware
A China-linked APT group, tracked as Moshen Dragon, is exploiting antivirus products to target the telecom sector in Asia. A...
Cobalt Stike Beacon Detected – 101[.]32[.]201[.]44:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 167[.]71[.]254[.]209:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 20[.]110[.]209[.]33:88
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]200[.]233[.]32:9997
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 154[.]39[.]150[.]156:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
UNC3524 APT uses IP cameras to deploy backdoors and target Exchange
A new APT group, tracked as UNC3524, uses IP cameras to deploy backdoors and steal Microsoft Exchange emails. Mandiant researchers...
Package Analysis dynamic analyzes packages in open-source repositories
The Open Source Security Foundation (OpenSSF) is working on a tool to conduct a dynamic analysis of packages uploaded to...
LockBit 2.0 Ransomware Victim: agenilsen[.]no
LockBit 2.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 2.0 Ransomware Victim: cwaengineers[.]com
LockBit 2.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – 84[.]32[.]190[.]7:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 46[.]29[.]167[.]160:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]34[.]234[.]66:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]155[.]60[.]163:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
