Cobalt Strike Beacon Detected – 154[.]211[.]103[.]8:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
threatintel
Cobalt Strike Beacon Detected – 103[.]56[.]55[.]125:8001
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 103[.]234[.]72[.]104:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 165[.]227[.]179[.]98:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Strike Beacon Detected – 66[.]103[.]194[.]54:8889
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
[CACTUS] – Ransomware Victim: bcllegal[.]com
Ransomware Group: CACTUS VICTIM NAME: bcllegalcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[CACTUS] – Ransomware Victim: picsolve[.]com
Ransomware Group: CACTUS VICTIM NAME: picsolvecom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Lazarus Group Exploits Google Chrome Vulnerability to Control Infected Devices
The North Korean threat actor known as Lazarus Group has been attributed to the zero-day exploitation of a now-patched security...
Why Phishing-Resistant MFA Is No Longer Optional: The Hidden Risks of Legacy MFA
Sometimes, it turns out that the answers we struggled so hard to find were sitting right in front of us...
CVE Alert: CVE-2024-20474
Vulnerability Summary: CVE-2024-20474 A vulnerability in Internet Key Exchange version 2 (IKEv2) processing of Cisco Secure Client Software could allow...
CVE Alert: CVE-2024-20481
Vulnerability Summary: CVE-2024-20481 A vulnerability in the Remote Access VPN (RAVPN) service of Cisco Adaptive Security Appliance (ASA) Software and...
CVE Alert: CVE-2024-20426
Vulnerability Summary: CVE-2024-20426 A vulnerability in the Internet Key Exchange version 2 (IKEv2) protocol for VPN termination of Cisco Adaptive...
CVE Alert: CVE-2024-20431
Vulnerability Summary: CVE-2024-20431 A vulnerability in the geolocation access control feature of Cisco Firepower Threat Defense (FTD) Software could allow...
CVE Alert: CVE-2024-20471
Vulnerability Summary: CVE-2024-20471 A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow...
CVE Alert: CVE-2024-20472
Vulnerability Summary: CVE-2024-20472 A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow...
CVE Alert: CVE-2024-20485
Vulnerability Summary: CVE-2024-20485 A vulnerability in the VPN web server of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower...
CVE Alert: CVE-2024-20494
Vulnerability Summary: CVE-2024-20494 A vulnerability in the TLS cryptography functionality of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower...
CVE Alert: CVE-2024-20493
Vulnerability Summary: CVE-2024-20493 A vulnerability in the login authentication functionality of the Remote Access SSL VPN feature of Cisco Adaptive...
CVE Alert: CVE-2024-20473
Vulnerability Summary: CVE-2024-20473 A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow...
[FLOCKER] – Ransomware Victim: F*******M Corp
Ransomware Group: FLOCKER VICTIM NAME: F*******M Corp NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[FLOCKER] – Ransomware Victim: B****A
Ransomware Group: FLOCKER VICTIM NAME: B****A NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
Fortinet Warns of Critical Vulnerability in FortiManager Under Active Exploitation
Fortinet has confirmed details of a critical security flaw impacting FortiManager that has come under active exploitation in the wild....
CVE Alert: CVE-2024-10299
Vulnerability Summary: CVE-2024-10299 A vulnerability classified as critical was found in PHPGurukul Medical Card Generation System 1.0. This vulnerability affects...
CVE Alert: CVE-2024-10298
Vulnerability Summary: CVE-2024-10298 A vulnerability classified as critical has been found in PHPGurukul Medical Card Generation System 1.0. This affects...
