Apple Warns of 3 New Vulnerabilities Affecting iPhone, iPad, and Mac Devices
Apple has revised the security advisories it released last month to include three new vulnerabilities impacting iOS, iPadOS, and macOS....
Threat Actors Adopt Havoc Framework for Post-Exploitation in Targeted Attacks
An open source command-and-control (C2) framework known as Havoc is being adopted by threat actors as an alternative to other...
LockBit 3.0 Ransomware Victim: skylinetrisource[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Malware Analysis – djvu – ea746870e963dfa82938756374ca769b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: ea746870e963dfa82938756374ca769bSHA1: a4ce68ec85dd371a8be61bb42409c9825a44432eANALYSIS DATE: 2023-02-22T10:03:04ZTTPS: T1012, T1082, T1222, T1053,...
Malware Analysis – glupteba – 23f59ddcd11358b08e491b19a3f5bb53
Score: 10 MALWARE FAMILY: gluptebaTAGS:family:glupteba, discovery, dropper, evasion, loader, persistence, ransomware, rootkit, trojanMD5: 23f59ddcd11358b08e491b19a3f5bb53SHA1: 1820b968b20c4cc20ae9eb5013eb9ab1def75c60ANALYSIS DATE: 2023-02-22T10:01:53ZTTPS: T1012, T1031, T1082,...
Malware Analysis – smokeloader – 6bc7191f01f23be6ba8357774482f793
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 6bc7191f01f23be6ba8357774482f793SHA1: 0ab05f8739fc671bca7bad965a1d620685636e26ANALYSIS DATE: 2023-02-22T09:58:05ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Cobalt Stike Beacon Detected – 139[.]224[.]189[.]177:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]242[.]204[.]38:8990
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]222[.]47[.]83:4646
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 20fd15790c7efd6c9d1adea6a173c876
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, evasion, persistence, ransomware, stealer, trojan, vmprotectMD5: 20fd15790c7efd6c9d1adea6a173c876SHA1: 5cb377821a019ab0db82c9a493022ee083824a19ANALYSIS DATE: 2023-02-22T10:11:30ZTTPS:...
Malware Analysis – djvu – c0e4c0955f80dcbf2099c2ffb2fc8461
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: c0e4c0955f80dcbf2099c2ffb2fc8461SHA1: f9839880808345143a87a37ab2f6101f1f89edefANALYSIS DATE: 2023-02-22T10:33:16ZTTPS: T1060, T1112, T1005, T1081,...
Malware Analysis – djvu – dae95ad4f51a6a765e8065a4d21ade1a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, evasion, persistence, ransomware, stealer, trojan, vmprotectMD5: dae95ad4f51a6a765e8065a4d21ade1aSHA1: 443b5fe4e30839244962003b666c08b952fcaafeANALYSIS DATE: 2023-02-22T10:42:27ZTTPS:...
Malware Analysis – djvu – 3ca2f51c8e5250840893415bb49031a6
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 3ca2f51c8e5250840893415bb49031a6SHA1: 4491dc36f7b2aed7ee61cde93803b7b1dee7f3a4ANALYSIS DATE: 2023-02-22T10:21:41ZTTPS: T1005, T1081, T1012, T1082,...
Cobalt Stike Beacon Detected – 195[.]189[.]96[.]146:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 159[.]65[.]140[.]121:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 35[.]89[.]195[.]215:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 179[.]43[.]156[.]134:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – smokeloader – f77d72707555a26065e33dc12449fd6f
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: f77d72707555a26065e33dc12449fd6fSHA1: a5ad0c808420aea73737299ba482797959835541ANALYSIS DATE: 2023-02-22T11:15:07ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – octo – 71d5c5dc3b8c5ded7b005155b84e3b16
Score: 10 MALWARE FAMILY: octoTAGS:family:octo, banker, evasion, infostealer, ransomware, rat, trojanMD5: 71d5c5dc3b8c5ded7b005155b84e3b16SHA1: a5c267fd84f0594279a0cc4f1c609a61120a5fdbANALYSIS DATE: 2023-02-22T11:10:11ZTTPS: ScoreMeaningExample10Known badA malware family was...
Malware Analysis – smokeloader – 145466b3234adf3b9745ea36d0531ec0
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 145466b3234adf3b9745ea36d0531ec0SHA1: 01a065a2cc04eb82f484e43f34cab6e921178559ANALYSIS DATE: 2023-02-22T11:11:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – harly – b40f641da0c05fe97e558341d59236e2
Score: 10 MALWARE FAMILY: harlyTAGS:family:harly, infostealer, ransomware, trojanMD5: b40f641da0c05fe97e558341d59236e2SHA1: 65632a662c5478555cede3301ac46f55d33d7ac5ANALYSIS DATE: 2023-02-22T11:34:48ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Dell Multifunction Printer E525w Driver and Software Suite privilege escalation | CVE-2023-24575
NAME__________Dell Multifunction Printer E525w Driver and Software Suite privilege escalationPlatforms Affected:Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION__________Dell Multifunction Printer E525w Driver and Software...
TP-Link Archer C50 denial of service | CVE-2023-0936
NAME__________TP-Link Archer C50 denial of servicePlatforms Affected:Risk Level:4.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________TP-Link Archer C50 is vulnerable to a denial of service,...
Sourcecodester Music Gallery Site SQL injection | CVE-2023-0938
NAME__________Sourcecodester Music Gallery Site SQL injectionPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Sourcecodester Music Gallery Site is vulnerable to SQL injection. A remote...
