Cobalt Strike Beacon Detected – 34[.]55[.]187[.]149:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
threatintel
Cobalt Strike Beacon Detected – 49[.]232[.]90[.]121:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 119[.]3[.]218[.]60:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 47[.]242[.]50[.]82:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
[INTERLOCK] – Ransomware Victim: Winnebago Public School Foundation
Ransomware Group: INTERLOCK VICTIM NAME: Winnebago Public School Foundation NOTE: No files or stolen information are by RedPacket Security. Any...
Malicious PyPI Package ‘Fabrice’ Found Stealing AWS Keys from Thousands of Developers
Cybersecurity researchers have discovered a malicious package on the Python Package Index (PyPI) that has racked up thousands of downloads...
China-Aligned MirrorFace Hackers Target EU Diplomats with World Expo 2025 Bait
The China-aligned threat actor known as MirrorFace has been observed targeting a diplomatic organization in the European Union, marking the...
SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims
An ongoing phishing campaign is employing copyright infringement-related themes to trick victims into downloading a newer version of the Rhadamanthys...
A Hacker’s Guide to Password Cracking
Defending your organization's security is like fortifying a castle—you need to understand where attackers will strike and how they'll try...
5 Most Common Malware Techniques in 2024
Tactics, techniques, and procedures (TTPs) form the foundation of modern defense strategies. Unlike indicators of compromise (IOCs), TTPs are more...
CVE Alert: CVE-2024-20531
Vulnerability Summary: CVE-2024-20531 A vulnerability in the API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary...
CVE Alert: CVE-2024-20539
Vulnerability Summary: CVE-2024-20539 A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to...
CVE Alert: CVE-2024-20537
Vulnerability Summary: CVE-2024-20537 A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to...
CVE Alert: CVE-2024-20540
Vulnerability Summary: CVE-2024-20540 A vulnerability in the web-based management interface of Cisco Unified Contact Center Management Portal (Unified CCMP) could...
CVE Alert: CVE-2024-20538
Vulnerability Summary: CVE-2024-20538 A vulnerability in the web-based management interface of Cisco ISE could allow an unauthenticated, remote attacker to...
CVE Alert: CVE-2024-20536
Vulnerability Summary: CVE-2024-20536 A vulnerability in a REST API endpoint and web-based management interface of Cisco Nexus Dashboard Fabric Controller...
CVE Alert: CVE-2024-51754
Vulnerability Summary: CVE-2024-51754 Twig is a template language for PHP. In a sandbox, an attacker can call `__toString()` on an...
CVE Alert: CVE-2024-51988
Vulnerability Summary: CVE-2024-51988 RabbitMQ is a feature rich, multi-protocol messaging and streaming broker. In affected versions queue deletion via the...
CVE Alert: CVE-2024-50637
Vulnerability Summary: CVE-2024-50637 UnoPim 0.1.3 and below is vulnerable to Cross Site Scripting (XSS) in the Create User function. ¶¶...
CVE Alert: CVE-2024-51751
Vulnerability Summary: CVE-2024-51751 Gradio is an open-source Python package designed to enable quick builds of a demo or web application....
[INCRANSOM] – Ransomware Victim: ucv[.]es
Ransomware Group: INCRANSOM VICTIM NAME: ucves NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[MEDUSA] – Ransomware Victim: Howell Electric Inc
Ransomware Group: MEDUSA VICTIM NAME: Howell Electric Inc NOTE: No files or stolen information are by RedPacket Security. Any legal...
[MEDUSA] – Ransomware Victim: Jomar Electrical Contractors
Ransomware Group: MEDUSA VICTIM NAME: Jomar Electrical Contractors NOTE: No files or stolen information are by RedPacket Security. Any legal...
Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems
Cisco has released security updates to address a maximum severity security flaw impacting Ultra-Reliable Wireless Backhaul (URWB) Access Points that...
