Cobalt Stike Beacon Detected – 107[.]173[.]209[.]230:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
threatintel
Cobalt Stike Beacon Detected – 175[.]178[.]78[.]27:9090
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 195[.]133[.]53[.]146:7443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 39[.]104[.]170[.]101:88
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 119[.]29[.]111[.]52:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 49[.]232[.]143[.]161:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]225[.]191[.]10:6668
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Spring4Shell Vulnerability CVE-2022-22965 Exploited to Deploy Cryptocurrency Miners
Recently, we observed the Spring4Shell vulnerability — a remote code execution bug, assigned as CVE-2022-22965 — being actively exploited by...
Analyzing Attempts to Exploit the Spring4Shell Vulnerability CVE-2022-22965 to Deploy Cryptocurrency Miners
Recently, we observed attempts to exploit the Spring4Shell vulnerability — a remote code execution bug, assigned as CVE-2022-22965 — by...
Ma2Tl – macOS Forensic Timeline Generator Using The Analysis Result DBs Of Mac_Apt
This is a DFIR tool for generating a macOS Presentation This tool was published on Japan Security Analyst Conference 2022...
Russian Gamaredon APT continues to target Ukraine
Russia-linked threat actor Gamaredon targets Ukraine with new variants of the custom Pterodo backdoor. Russia-linked Gamaredon APT group (a.k.a. Armageddon, Primitive Bear, and...
LockBit 2.0 Ransomware Victim: baugeschaeft-boltin[.]de
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
LockBit 2.0 Ransomware Victim: DavislandscapeLTD[.]com
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
The fake Elon Musk Bitcoin giveaway marathon will NOT make you rich
Today we look at a fakeout which begins with Elon Musk, and ends with a trip to Mars (or, if...
Oracle releases massive Critical Patch Update containing 520 security patches
Oracle has issued a Critical Patch Update which contains 520 new security patches across various product families. A few of...
Anonymous hacked other Russian organizations, some of the breaches could be severe
The Anonymous collective and affiliate groups intensify their attacks and claimed to have breached multiple organizations. Anonymous and groups linked...
US warns of APT groups that can “gain full system access” to some industrial control systems
An “exceptionally rare and dangerous” advanced persistent threat (APT) malware kit, containing custom-made tools designed to target some of North America’s...
Beware tragic “my daughter died…” Facebook posts offering free PS5s
Tragic tales are being posted to Facebook, combined with the offer of a giveaway. However, some are perhaps not quite...
DumpSMBShare – A Script To Dump Files And Folders Remotely From A Windows SMB Share
A script to Contributing Pull requests are welcome. Feel free to open an issue if you want to add other...
LockBit 2.0 Ransomware Victim: ingesw[.]com
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
LockBit 2.0 Ransomware Victim: MAGNAR-EIKELAND[.]NO
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
LockBit 2.0 Ransomware Victim: lekise[.]com
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
Cobalt Stike Beacon Detected – 179[.]60[.]150[.]79:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 146[.]196[.]65[.]168:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
