Cobalt Stike Beacon Detected – 54[.]236[.]49[.]195:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 121[.]41[.]77[.]84:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 91[.]223[.]236[.]214:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 01ea2147d5a7db863126f0efc9634ec2
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 01ea2147d5a7db863126f0efc9634ec2SHA1: 83c6293c139511cb3ae31d0de56f31e304b12e05ANALYSIS DATE: 2023-02-24T10:59:55ZTTPS: T1082, T1005, T1081, T1012, T1060,...
Malware Analysis – djvu – d6f05fb0158ec1635196c5fb5c8bfe22
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, backdoor, discovery, evasion, persistence, ransomware, stealer, themida, trojan, vmprotectMD5: d6f05fb0158ec1635196c5fb5c8bfe22SHA1: 622826d26b9f1d84d9c140e3465656da03f92502ANALYSIS DATE: 2023-02-24T11:01:21ZTTPS:...
Malware Analysis – evasion – e5a50be83e694ec58a71d669870598a5
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistenceMD5: e5a50be83e694ec58a71d669870598a5SHA1: 2d7a8a10f6a959491ea61fb9d7c64f6d785276b8ANALYSIS DATE: 2023-02-24T11:34:15ZTTPS: T1082, T1059, T1004, T1112, T1031, T1562, T1489, T1060, T1158, T1018...
Malware Analysis – djvu – 9c5fe8ebcc6e8e5bc83495204cee5a24
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 9c5fe8ebcc6e8e5bc83495204cee5a24SHA1: d7638d5a09338afe1e4f06e0b192f5ce3ea81b23ANALYSIS DATE: 2023-02-24T11:00:38ZTTPS: T1222, T1005, T1081, T1060, T1112,...
Cobalt Stike Beacon Detected – 91[.]238[.]203[.]2:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]92[.]114[.]227:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 121[.]41[.]77[.]84:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 77[.]91[.]84[.]1:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Misskey cross-site scripting | CVE-2023-25154
NAME__________Misskey cross-site scriptingPlatforms Affected:Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Misskey is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by...
Apple iOS, iPadOS and macOS Ventura information disclosure | CVE-2023-23520
NAME__________Apple iOS, iPadOS and macOS Ventura information disclosurePlatforms Affected:Apple macOS Ventura 13.1 Apple iOS 16.2 Apple iPadOS 16.2Risk Level:5.5Exploitability:UnprovenConsequences:Obtain Information...
Apache Airflow AWS Provider information disclosure | CVE-2023-25956
NAME__________Apache Airflow AWS Provider information disclosurePlatforms Affected:Apache Airflow AWS Provider 7.2.0Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Apache Airflow AWS Provider could allow a...
EIP Stack Group OpENer denial of service | CVE-2022-43606
NAME__________EIP Stack Group OpENer denial of servicePlatforms Affected:EIP Stack Group OpENerRisk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________EIP Stack Group OpENer is vulnerable...
Apple iOS, iPadOS and macOS Ventura privilege escalation | CVE-2023-23530
NAME__________Apple iOS, iPadOS and macOS Ventura privilege escalationPlatforms Affected:Apple macOS Ventura 13.1 Apple iOS 16.2 Apple iPadOS 16.2Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges...
Apache Airflow Google Provider denial of service | CVE-2023-25692
NAME__________Apache Airflow Google Provider denial of servicePlatforms Affected:Apache Airflow Google Provider 8.9.0Risk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apache Airflow Google Provider is vulnerable...
SHIRASAGI cross-site scripting | CVE-2023-22425
NAME__________SHIRASAGI cross-site scriptingPlatforms Affected:SHIRASAGI SHIRASAGI 1.16.2Risk Level:4.6Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________SHIRASAGI is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Nextcloud server directory traversal | CVE-2023-25579
NAME__________Nextcloud server directory traversalPlatforms Affected:Risk Level:5.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Nextcloud server could allow a remote authenticated attacker to traverse directories on the...
Music Gallery Site SQL injection | CVE-2023-0962
NAME__________Music Gallery Site SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Music Gallery Site is vulnerable to SQL injection. A remote attacker could...
Executable Books markdown-it-py denial of service | CVE-2023-26303
NAME__________Executable Books markdown-it-py denial of servicePlatforms Affected:Executable Books markdown-it-py 2.1.0Risk Level:3.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Executable Books markdown-it-py is vulnerable to a...
Music Gallery Site security bypass | CVE-2023-0963
NAME__________Music Gallery Site security bypassPlatforms Affected:Risk Level:7.3Exploitability:Proof of ConceptConsequences:Bypass Security DESCRIPTION__________Music Gallery Site could allow a remote attacker to bypass...
markdown-it-py denial of service | CVE-2023-26303
NAME__________markdown-it-py denial of servicePlatforms Affected:Risk Level:3.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________markdown-it-py is vulnerable to a denial of service, caused by improper handling...
Misskey cross-site scripting | CVE-2023-24810
NAME__________Misskey cross-site scriptingPlatforms Affected:Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Misskey is vulnerable to cross-site scripting, caused by improper validation of user-supplied input during...
