threatintel

Cobalt Strike Beacon Detected – 8[.]146[.]198[.]223:8888

October 25, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike Beacon Detected – 118[.]25[.]182[.]25:443

October 25, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike Beacon Detected – 209[.]146[.]125[.]199:8889

October 25, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

[RAWORLD] – Ransomware Victim: ****

October 25, 2024

Ransomware Group: RAWORLD VICTIM NAME: **** NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[HUNTERS] – Ransomware Victim: Niko Resources Ltd[.]

October 25, 2024

Ransomware Group: HUNTERS VICTIM NAME: Niko Resources Ltd NOTE: No files or stolen information are by RedPacket Security. Any legal...

[HUNTERS] – Ransomware Victim: Ambica Steels

October 25, 2024

Ransomware Group: HUNTERS VICTIM NAME: Ambica Steels NOTE: No files or stolen information are by RedPacket Security. Any legal issues...

SEC Charges 4 Companies Over Misleading SolarWinds Cyberattack Disclosures

October 25, 2024

The U.S. Securities and Exchange Commission (SEC) has charged four current and former public companies for making "materially misleading disclosures"...

Eliminating AI Deepfake Threats: Is Your Identity Security AI-Proof?

October 25, 2024

Artificial Intelligence (AI) has rapidly evolved from a futuristic concept to a potent weapon in the hands of bad actors....

CovenantC2 Detected – 138[.]68[.]188[.]35:9443

October 25, 2024

The Information provided at the time of posting was detected as "Covenant C2". Depending on when you are viewing this...

[RAWORLD] – Ransomware Victim: ****

October 25, 2024

Ransomware Group: RAWORLD VICTIM NAME: **** NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[HELLCAT] – Ransomware Victim: The Knesset – Israel

October 25, 2024

Ransomware Group: HELLCAT VICTIM NAME: The Knesset - Israel NOTE: No files or stolen information are by RedPacket Security. Any...

[CLOP] – Ransomware Victim: HUBBARDHALL[.]COM

October 25, 2024

Ransomware Group: CLOP VICTIM NAME: HUBBARDHALLCOM NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

CVE Alert: CVE-2024-47879

October 25, 2024

Vulnerability Summary: CVE-2024-47879 OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, lack...

CVE Alert: CVE-2024-48454

October 25, 2024

Vulnerability Summary: CVE-2024-48454 An issue in SourceCodester Purchase Order Management System v1.0 allows a remote attacker to execute arbitrary code...

CVE Alert: CVE-2024-10327

October 25, 2024

Vulnerability Summary: CVE-2024-10327 A vulnerability in Okta Verify for iOS versions 9.25.1 (beta) and 9.27.0 (including beta) allows push notification...

CVE Alert: CVE-2024-47880

October 25, 2024

Vulnerability Summary: CVE-2024-47880 OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the...

CVE Alert: CVE-2024-47881

October 25, 2024

Vulnerability Summary: CVE-2024-47881 OpenRefine is a free, open source tool for working with messy data. Starting in version 3.4-beta and...

CVE Alert: CVE-2024-47883

October 25, 2024

Vulnerability Summary: CVE-2024-47883 The OpenRefine fork of the MIT Simile Butterfly server is a modular web application framework. The Butterfly...

CVE Alert: CVE-2024-48932

October 25, 2024

Vulnerability Summary: CVE-2024-48932 ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI....

CVE Alert: CVE-2024-47878

October 25, 2024

Vulnerability Summary: CVE-2024-47878 OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the...

CVE Alert: CVE-2024-47882

October 25, 2024

Vulnerability Summary: CVE-2024-47882 OpenRefine is a free, open source tool for working with messy data. Prior to version 3.8.3, the...

CVE Alert: CVE-2024-48931

October 25, 2024

Vulnerability Summary: CVE-2024-48931 ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI....

[BLACKSUIT] – Ransomware Victim: zyloware[.]com

October 25, 2024

Ransomware Group: BLACKSUIT VICTIM NAME: zylowarecom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

[RANSOMHUB] – Ransomware Victim: Groupseco[.]com

October 25, 2024

Ransomware Group: RANSOMHUB VICTIM NAME: Groupsecocom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...

threatintel

Cobalt Strike Beacon Detected – 8[.]146[.]198[.]223:8888

Cobalt Strike Beacon Detected – 118[.]25[.]182[.]25:443

Cobalt Strike Beacon Detected – 209[.]146[.]125[.]199:8889

[RAWORLD] – Ransomware Victim: ****

[HUNTERS] – Ransomware Victim: Niko Resources Ltd[.]

[HUNTERS] – Ransomware Victim: Ambica Steels

SEC Charges 4 Companies Over Misleading SolarWinds Cyberattack Disclosures

Eliminating AI Deepfake Threats: Is Your Identity Security AI-Proof?

CovenantC2 Detected – 138[.]68[.]188[.]35:9443

[RAWORLD] – Ransomware Victim: ****

[HELLCAT] – Ransomware Victim: The Knesset – Israel

[CLOP] – Ransomware Victim: HUBBARDHALL[.]COM

CVE Alert: CVE-2024-47879

CVE Alert: CVE-2024-48454

CVE Alert: CVE-2024-10327

CVE Alert: CVE-2024-47880

CVE Alert: CVE-2024-47881

CVE Alert: CVE-2024-47883

CVE Alert: CVE-2024-48932

CVE Alert: CVE-2024-47878

CVE Alert: CVE-2024-47882

CVE Alert: CVE-2024-48931

[BLACKSUIT] – Ransomware Victim: zyloware[.]com

[RANSOMHUB] – Ransomware Victim: Groupseco[.]com

[EVEREST] – Ransomware Victim: Arctrade

[EVEREST] – Ransomware Victim: MCNA Dental

CISA: Avoid Scams After Disaster Strikes

CISA: Adobe Releases Security Updates for Multiple Products

CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog

You may have missed