Brute Ratel C4 Detected – 35[.]72[.]94[.]12:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
Malware Analysis – djvu – e2d43c2752ac2abb5899b44b5d371f9e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:rhadamanthys, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, evasion, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: e2d43c2752ac2abb5899b44b5d371f9eSHA1:...
Malware Analysis – djvu – 4efc0648fd0bd221eeb9182761f8f9a7
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 4efc0648fd0bd221eeb9182761f8f9a7SHA1: 3cebff1185090b5d9d990c88a39bb7463bb673a2ANALYSIS DATE: 2023-02-20T11:41:44ZTTPS: T1060, T1112, T1082, T1005,...
Malware Analysis – discovery – 5ad74e66323ae26320cd9c051f266a4f
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, exploit, ransomware, themida, trojanMD5: 5ad74e66323ae26320cd9c051f266a4fSHA1: d7f999814e7c76466dba21619defc955d2660f20ANALYSIS DATE: 2023-02-20T11:42:00ZTTPS: T1031, T1112, T1089, T1222, T1158, T1107,...
Malware Analysis – djvu – ef0768b3897f3c1e2a5aa25754aa1839
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: ef0768b3897f3c1e2a5aa25754aa1839SHA1: 2214d6a5d768cb20d888d05de54a7446eb5c6da6ANALYSIS DATE: 2023-02-20T11:40:30ZTTPS: T1060, T1112, T1053, T1005,...
Siemens SiPass integrated AC5102, ACC-G2 and ACC-AP devices privilege escalation | CVE-2022-31808
NAME__________Siemens SiPass integrated AC5102, ACC-G2 and ACC-AP devices privilege escalationPlatforms Affected:Siemens SiPass integrated AC5100 Siemens SiPass integrated AC5102 Siemens SiPass...
Palantir Gotham denial of service | CVE-2022-27897
NAME__________Palantir Gotham denial of servicePlatforms Affected:Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Palantir Gotham is vulnerable to a denial of service, caused by...
Acer Aspire E5-475G BIOS code execution | CVE-2022-40080
NAME__________Acer Aspire E5-475G BIOS code executionPlatforms Affected:Risk Level:6.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Acer Aspire E5-475G BIOS could allow a physical attacker to execute...
Kliqqi-CMS admin/admin_update_module_widgets.php SQL injection | CVE-2020-21119
NAME__________Kliqqi-CMS admin/admin_update_module_widgets.php SQL injectionPlatforms Affected:Kliqqi-CMS Kliqqi-CMS 2.0.2Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Kliqqi-CMS is vulnerable to SQL injection. A remote authenticated attacker could...
Palantir Gotham denial of service | CVE-2022-27892
NAME__________Palantir Gotham denial of servicePlatforms Affected:Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Palantir Gotham is vulnerable to a denial of service, caused by...
Palantir Gotham information disclosure | CVE-2022-27891
NAME__________Palantir Gotham information disclosurePlatforms Affected:Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Palantir Gotham could allow a remote attacker to obtain sensitive information, caused by...
Samsung Introduces New Feature to Protect Users from Zero-Click Malware Attacks
Samsung has announced a new feature called Message Guard that comes with safeguards to protect users from malware and spyware...
Daily Vulnerability Trends: Mon Feb 20 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-27482A improper neutralization of special elements used in an os command ('os...
Malware Analysis – djvu – 61f1a0f55ca1db48d6e80dcc974ab167
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 61f1a0f55ca1db48d6e80dcc974ab167SHA1: f7f9c70d295a6b73d379130d58d94fcc533b33a4ANALYSIS DATE: 2023-02-20T03:06:03ZTTPS: T1082, T1053, T1005, T1081,...
Malware Analysis – djvu – 189d38c100f34cf72cfefdff31a307e3
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 189d38c100f34cf72cfefdff31a307e3SHA1: b8424afe959cd198cc8dc44ef74934e4126f064eANALYSIS DATE: 2023-02-20T03:44:31ZTTPS: T1005, T1081, T1012, T1060,...
Malware Analysis – djvu – 3dada6eea195e70165bb647148fed399
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:laplas, family:rhadamanthys, family:smokeloader, family:vidar, botnet:19, backdoor, clipper, collection, discovery, evasion, persistence, ransomware, spyware, stealer, trojan,...
Malware Analysis – djvu – 2b90235cc04af680519b06f45c419b07
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 2b90235cc04af680519b06f45c419b07SHA1: d4ae811cf2b26c5c700ad67c6809be5c5be57b8cANALYSIS DATE: 2023-02-20T04:03:44ZTTPS: T1082, T1012, T1060, T1112,...
RealDudesInc – 101,543 breached accounts
HIBP In October 2022, the GTA mod menu provider RealDudesInc suffered a data breach that exposed over 100k email addresses...
Cobalt Stike Beacon Detected – 101[.]201[.]34[.]7:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 111[.]230[.]242[.]129:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 119[.]12[.]161[.]104:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]81[.]128[.]195:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 179[.]61[.]237[.]80:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 121[.]199[.]166[.]58:1234
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
