Sliver C2 Detected – 185[.]219[.]84[.]231:31337
The Information provided at the time of posting was detected as "Sliver C2". Depending on when you are viewing this...
Sliver C2 Detected – 107[.]181[.]190[.]8:31337
The Information provided at the time of posting was detected as "Sliver C2". Depending on when you are viewing this...
Sliver C2 Detected – 185[.]177[.]59[.]103:31337
The Information provided at the time of posting was detected as "Sliver C2". Depending on when you are viewing this...
Sliver C2 Detected – 91[.]194[.]160[.]156:31337
The Information provided at the time of posting was detected as "Sliver C2". Depending on when you are viewing this...
Remote Monitoring Management Software Used In Phishing Attacks
Remote Monitoring & Management (RMM) software, including popular tools like AnyDesk, Atera, and Splashtop, are invaluable for IT administrators today,...
Ransomware Review February 2024
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
One Year Later Rhadamanthys Is Still Dropped Via Malvertising
It was just a little over a year ago that the Rhadamanthys stealer was first publicly seen distributed via malicious...
Massive Utility Scam Campaign Spreads Via Online Ads
For many households, energy costs represent a significant part of their overall budget. And when customers want to discuss their...
Stopping A Targeted Attack On A Managed Service Provider Msp With Threatdown Mdr
In late January 2024, the ThreatDown Managed Detection and Response (MDR) team found and stopped a three-month long malware campaign...
Pikabot Malware On The Rise What Organizations Need To Know
A new type of malware is being used by ransomware gangs in their attacks, and its name is PikaBot. A...
New Go Loader Pushes Rhadamanthys
Malware loaders (also known as droppers or downloaders) are a popular commodity in the criminal underground. Their primary function is...
Fakebat Delivered Via Several Active Malvertising Campaigns
February was a particularly busy month for search-based malvertising with the number of incidents we documented almost doubling. We saw...
Ransomware Review March 2024
This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...
Sliver C2 Detected – 194[.]9[.]6[.]80:31337
The Information provided at the time of posting was detected as "Sliver C2". Depending on when you are viewing this...
Kaspersky information disclosure | CVE-2023-23349
NAME__________Kaspersky information disclosurePlatforms Affected:Kaspersky Kaspersky Password Manager for Windows *Risk Level:2.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Kaspersky could allow a local authenticated attacker to...
MISP weak security | CVE-2024-29859
NAME__________MISP weak securityPlatforms Affected:MISP MISP 2.4.186Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________MISP could provide weaker than expected security, caused by improper checking for...
Standout Color Boxes and Buttons plugin for WordPress cross-site scripting | CVE-2024-2474
NAME__________Standout Color Boxes and Buttons plugin for WordPress cross-site scriptingPlatforms Affected:WordPress WordPress WordPress Standout Color Boxes and Buttons plugin for...
Broadcom, Microsoft and MikroTik products denial of service | CVE-2024-2169
NAME__________Broadcom, Microsoft and MikroTik products denial of servicePlatforms Affected:Broadcom DSL/PON/Wifi routers Microsoft Windows Deployment Services (WDS) MikroTik TFTP serviceRisk Level:7.5Exploitability:UnprovenConsequences:Denial...
Sangoma Technologies cg6kwin2k.sys security bypass | CVE-2024-29216
NAME__________Sangoma Technologies cg6kwin2k.sys security bypassPlatforms Affected:Sangoma Technologies cg6kwin2k.sysRisk Level:6.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Sangoma Technologies cg6kwin2k.sys could allow a local authenticated attacker to...
GnuTLS denial of service | CVE-2024-28835
NAME__________GnuTLS denial of servicePlatforms Affected:GnuTLS GnuTLS 3.8.3Risk Level:5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________GnuTLS is vulnerable to a denial of service, caused by...
GnuTLS information disclosure | CVE-2024-28834
NAME__________GnuTLS information disclosurePlatforms Affected:GnuTLS GnuTLS 3.8.3Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________GnuTLS could allow a remote authenticated attacker to obtain sensitive information, caused...
MISP weak security | CVE-2024-29858
NAME__________MISP weak securityPlatforms Affected:MISP MISP 2.4.186Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________MISP could provide weaker than expected security, caused by improper checking for...
Campcodes Online Beauty Parlor Management System SQL injection | CVE-2024-2766
NAME__________Campcodes Online Beauty Parlor Management System SQL injectionPlatforms Affected:Campcodes Complete Online Beauty Parlor Management System 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Campcodes Online...
Campcodes Online Beauty Parlor Management System SQL injection | CVE-2024-2767
NAME__________Campcodes Online Beauty Parlor Management System SQL injectionPlatforms Affected:Campcodes Complete Online Beauty Parlor Management System 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Campcodes Online...
