Cobalt Stike Beacon Detected – 204[.]48[.]24[.]99:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
threatintel
Cobalt Stike Beacon Detected – 154[.]55[.]138[.]172:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 164[.]92[.]164[.]68:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 194[.]87[.]216[.]183:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]43[.]223[.]187:8989
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 146[.]19[.]230[.]32:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 146[.]70[.]87[.]23:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 209[.]141[.]54[.]115:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 91[.]92[.]128[.]136:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 20[.]37[.]251[.]43:83
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
This Week in Security News – April 1, 2022
Probing the activities of cloud-based cryptocurrency-mining groups, and Lapsus$ ‘back from vacation’ If you like the site, please consider joining...
New UAC-0056 activity: There’s a Go Elephant in the room
This blog post was authored by Ankur Saini, Roberto Santos and Hossein Jazi. UAC-0056 also known as SaintBear, UNC2589 and...
Auto-Elevate – Escalate From A Low-Integrity Administrator Account To NT AUTHORITYSYSTEM Without An LPE Exploit By Combining A COM UAC Bypass And Token Impersonation
This tool demonstrates the power of UAC bypasses and built-in features of Windows. This utility auto-locates winlogon.exe, steals and impersonates...
Globant suffers network breach due to LAPSUS$ compromise
Globant, an IT and software development firm with offices all around the globe, recently admitted in a press statement Wednesday...
Update now! Apple patches two zero-day vulnerabilities that may have been actively exploited
Apple has released security updates for macOS Monterey 12.3.1, iOS 15.4.1, iPadOS 15.4.1, tvOS 15.4.1, and watchOS 8.5.1. The update...
Hive ransomware impacts California non-profit health organisation
Ransomware authors are once again targeting health services, holding important files to ransom and impacting potentially vital services. On this...
LockBit 2.0 Ransomware Victim: https://liceu[.]barcelona/
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
Conti Ransomware Victim: https-www-mideacarrier-com-b
continews NOTE: The information on this page is automated and scraped directly from the Conti .onion Dark Web Tor Blog...
Anonymous targets oligarchs’ Russian businesses: Marathon Group hacked
Anonymous continues its operations against Russia, the group announced the hack of the Russian investment firm Marathon Group. Anonymous continues...
AcidRain, a wiper that crippled routers and modems in Europe
Researchers spotted a new destructive wiper, tracked as AcidRain, that is likely linked to the recent attack against Viasat. Security...
Royal Enfield – 420,873 breached accounts
In January 2020, motorcycle maker Royal Enfield left a database publicly exposed that resulted in the inadvertent publication of over...
Slyther – AWS Security Tool
Slyther is AWS Security tool to check read/write/delete access for S3 buckets Requirements aws-cli Installation pip3 install -r requirements.txt Usage...
Zyxel fixes a critical bug in its business firewall and VPN devices
Zyxel issued security updates for a critical vulnerability that affects some of its business firewall and VPN devices. Networking equipment...
CISA adds Sophos firewall bug to Known Exploited Vulnerabilities Catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a critical Sophos firewall flaw and seven other issues to...
