Cobalt Stike Beacon Detected – 106[.]14[.]176[.]86:8001
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: May 2022
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
Fake Mobile Apps Steal Facebook Credentials, Cryptocurrency-Related Keys
We recently observed a number of apps on Google Play designed to perform malicious activities such as stealing user credentials...
BirDuster – A Multi Threaded Python Script Designed To Brute Force Directories And Files Names On Webservers
BirDuster is a Python based knockoff of the original DirBuster. BirDuster is a multi threaded Python application designed to brute...
Apple fixes the sixth zero-day since the beginning of 2022
Apple released security updates to address a zero-day bug actively exploited in attacks against Macs and Apple Watch devices. Apple...
CISA: Apache Releases Security Advisory for Tomcat
Apache Releases Security Advisory for Tomcat The Apache Software Foundation has released a security advisory to address a vulnerability in multiple...
LockBit 2.0 Ransomware Victim: sherpamarketing[.]ca
LockBit 2.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
HackerOne Bug Bounty Disclosure: site-information’s-display-name-section-vulnerable-for-xss-attacks-and-html-injections-bysawrav-chowdhury
Programme HackerOne Automattic Automattic Submitted by sawrav-chowdhury sawrav-chowdhury Report Site information's Display Name section vulnerable for XSS attacks and HTML...
HackerOne Bug Bounty Disclosure: http-request-smuggling-in-transform-rules-using-hexadecimal-escape-sequences-in-the-concat()-functionbyalbertspedersen
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by albertspedersen albertspedersen Report HTTP Request Smuggling in Transform...
HackerOne Bug Bounty Disclosure: security-misconfigurationbymr23r0
Programme HackerOne lemlist lemlist Submitted by mr23r0 mr23r0 Report Security misconfiguration Full Report
HackerOne Bug Bounty Disclosure: cve-2022-27781:-certinfo-never-ending-busy-loopbysybr
Programme HackerOne curl curl Submitted by sybr sybr Report CVE-2022-27781: CERTINFO never-ending busy-loop Full Report
Experts show how to run malware on chips of a turned-off iPhone
Researchers devised an attack technique to tamper the firmware and execute a malware onto a Bluetooth chip when an iPhone...
Why MRG-Effitas matters to SMBs
When selecting the right cybersecurity vendor to protect their operations, small- and medium-sized businesses (SMBs) can lean on several third-party...
Chlonium – Chromium Cookie Import / Export Tool
Chlonium is an application designed for cloning Chromium Cookies. From Chromium 80 and upwards, cookies are encrypted using AES-256 GCM,...
How COVID-19 fuelled a surge in malware
2021 saw a massive surge in detections of malware, adware, and Potentially Unwanted Programs (PUPs). It didn’t matter what the...
Read Novel (unverified) – 22,424,472 breached accounts
In May 2019, the Chinese literature website Read Novel allegedly suffered a data breach that exposed 22M unique email addresses....
BlackBerry Fans – 174,168 breached accounts
In May 2022, the Chinese BlackBerry enthusiasts website BlackBerry Fans suffered a data breach that exposed 174k member records. The...
OGUsers (2021 breach) – 348,302 breached accounts
In April 2021, the account hijacking and SIM swapping forum OGusers suffered a data breach, the fourth since December 2018....
Fake reCAPTCHA forms dupe users via compromised WordPress sites
Researchers at Sucuri investigated a number of WordPress websites complaining about unwanted redirects and found websites that use fake CAPTCHA...
LockBit 2.0 Ransomware Victim: cassagne[.]com[.]ar
LockBit 2.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 2.0 Ransomware Victim: http://2easy[.]com[.]br/
LockBit 2.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 2.0 Ransomware Victim: hinakaorg[.]com
LockBit 2.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 2.0 Ransomware Victim: saludparatodos[.]ssm[.]gob[.]mx
LockBit 2.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 2.0 Ransomware Victim: arcelormittal[.]hu
LockBit 2.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
