BianLian Ransomware Victim: American Crane Rental
BianLian Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
CISA: Progress Software Releases Security Advisory for MOVEit Transfer Vulnerability
Progress Software Releases Security Advisory for MOVEit Transfer Vulnerability Progress Software has released a security advisory(link is external) for a...
CISA: CISA, FBI, and MS-ISAC Update Joint CSA on Progress Telerik Vulnerabilities
CISA, FBI, and MS-ISAC Update Joint CSA on Progress Telerik Vulnerabilities Today, CISA, the Federal Bureau of Investigation (FBI), and...
CISA: ISC Releases Security Advisories for Multiple Versions of BIND 9
ISC Releases Security Advisories for Multiple Versions of BIND 9 The Internet Systems Consortium (ISC) has released security advisories that...
CISA: CISA Adds Six Known Exploited Vulnerabilities to Catalog
CISA Adds Six Known Exploited Vulnerabilities to Catalog CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on June 20, 2023. These...
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on June 22, 2023. These...
CISA: Juniper Networks Releases Security Advisory for Junos OS and Junos OS Evolved
Juniper Networks Releases Security Advisory for Junos OS and Junos OS Evolved Juniper Networks has released a security advisory that...
CISA: CISA Adds Five Known Exploited Vulnerabilities to Catalog
CISA Adds Five Known Exploited Vulnerabilities to Catalog CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: VMware Releases Security Update for vCenter Server and Cloud Foundation
VMware Releases Security Update for vCenter Server and Cloud Foundation VMware has released a security update to address multiple memory...
CISA: Apple Releases Security Updates for Multiple Products
Apple Releases Security Updates for Multiple Products Apple has released security updates to address vulnerabilities in multiple products. An attacker...
Cobalt Stike Beacon Detected – 47[.]115[.]219[.]93:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]223[.]64[.]107:7777
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 116[.]62[.]189[.]237:6633
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 34[.]229[.]169[.]232:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 8[.]219[.]185[.]16:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
US-CERT Vulnerability Summary for the Week of June 12, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Certsync – Dump NTDS With Golden Certificates And UnPAC The Hash
certsync is a new technique in order to dump NTDS remotely, but this time without DRSUAPI: it uses golden certificate...
Malware Analysis – evasion – 23fa37722ffd69f30b03e7cb47cc282a
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 23fa37722ffd69f30b03e7cb47cc282aSHA1: 073aff7c57e6eeb11bf2dbece256bda705943223ANALYSIS DATE: 2023-06-23T15:02:10ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – – be1e1725c3b340b240184b1ab5d24aa3
Score: 1 MALWARE FAMILY: TAGS:MD5: be1e1725c3b340b240184b1ab5d24aa3SHA1: 155a7837de2908159780e14f0dde5b1f84b56ed1ANALYSIS DATE: 2023-06-23T14:19:14ZTTPS: T1012, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Daily Threat Intelligence – June 23 – 2023
How long before you patch a publicly disclosed vulnerability? In a recent incident, threat actors from China successfully exploited a 17-year-old...
Malware Analysis – amadey – a1badc3d7679b8d66dc376c0e81152fa
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:fabookie, family:smokeloader, family:vidar, botnet:153ce668f1e21829c936c2b11fa4d869, botnet:pub1, backdoor, discovery, evasion, persistence, ransomware, spyware, stealer, trojanMD5: a1badc3d7679b8d66dc376c0e81152faSHA1:...
Malware Analysis – amadey – 535702d8dc817423a68aab638e329fb1
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:153ce668f1e21829c936c2b11fa4d869, botnet:pub1, backdoor, discovery, persistence, ransomware, stealer, trojanMD5: 535702d8dc817423a68aab638e329fb1SHA1: 7efba45e5286c24e56f66013b8f77eee368d4234ANALYSIS DATE: 2023-06-23T15:54:37ZTTPS:...
Malware Analysis – djvu – ead225734ff9814142fa6ba8339b7e85
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:153ce668f1e21829c936c2b11fa4d869, discovery, persistence, ransomware, spyware, stealerMD5: ead225734ff9814142fa6ba8339b7e85SHA1: 832e30d105d0145848b74fbbe59adc2540cbe640ANALYSIS DATE: 2023-06-23T15:56:51ZTTPS: T1012, T1082, T1005, T1081,...
