US-CERT Vulnerability Summary for the Week of February 26, 2024
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA and NSA Release Cybersecurity Information Sheets on Cloud Security Best Practices
CISA and NSA Release Cybersecurity Information Sheets on Cloud Security Best Practices Today, CISA and the National Security Agency (NSA)...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on March 5, 2024. These...
CISA: VMware Releases Security Advisory for Multiple Products
VMware Releases Security Advisory for Multiple Products VMware released a security advisory to address multiple vulnerabilities in ESXi, Workstation, Fusion,...
CISA: Apple Releases Security Updates for iOS and iPadOS
Apple Releases Security Updates for iOS and iPadOS Apple released security updates to address vulnerabilities in iOS and iPadOS. A...
CISA: Apple Released Security Updates for Multiple Products
Apple Released Security Updates for Multiple Products Apple released security updates to address vulnerabilities in Safari, macOS, watchOS, tvOS, and visionOS....
CISA: Cisco Releases Security Updates for Secure Client
Cisco Releases Security Updates for Secure Client Cisco released security updates to address vulnerabilities in Cisco Secure Client and Secure...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on March 7, 2024. These...
CISA: CISA Adds One Known Exploited JetBrains Vulnerability, CVE-2024-27198, to Catalog
CISA Adds One Known Exploited JetBrains Vulnerability, CVE-2024-27198, to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities...
Sliver C2 Detected – 192[.]177[.]98[.]86:31337
The Information provided at the time of posting was detected as "Sliver C2". Depending on when you are viewing this...
Sliver C2 Detected – 116[.]204[.]4[.]6:31337
The Information provided at the time of posting was detected as "Sliver C2". Depending on when you are viewing this...
Sliver C2 Detected – 69[.]46[.]36[.]219:31337
The Information provided at the time of posting was detected as "Sliver C2". Depending on when you are viewing this...
Sliver C2 Detected – 80[.]66[.]75[.]53:31337
The Information provided at the time of posting was detected as "Sliver C2". Depending on when you are viewing this...
Threat Hunt: Detecting LSASS Memory Dump via ProcDump
Introduction The Local Security Authority Subsystem Service (LSASS) process in Windows systems manages the security policy, writes to the Security...
Threat Hunt: Detecting Excessive File Writes/Modifications with Ransomware Note Extensions
Published Date: 06/03/2024 Introduction Ransomware attacks often involve encrypting files on a victim's system and leaving ransom notes with instructions...
Threat Hunt: Detecting Encoded PowerShell Commands
Published Date: 06/03/2024 Introduction This hunt aims to identify potentially malicious activities involving encoded PowerShell commands. Encoded commands are a...
Hunters International Ransomware Victim: Kreyenhop & Kluge
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Hunters International Ransomware Victim: THK Co[.], Ltd[.]
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Hunters International Ransomware Victim: Finlay Screening & Crushing Systems
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Hunters International Ransomware Victim: IDESA group, S[.]A[.] De C[.]V[.]
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Hunters International Ransomware Victim: TCI Co[.], Ltd[.]
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Hunters International Ransomware Victim: Dr[.] Jaime Schwartz MD, FACS
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
