RedEyes hackers use new malware to steal data from Windows, phones
The APT37 threat group uses a new evasive 'M2RAT' malware and steganography to target individuals for intelligence collection. APT37, also...
NPM packages posing as speed testers install crypto miners instead
A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers...
Microsoft: Exchange Server 2013 reaches end of support in April
Microsoft has reminded admins that Exchange Server 2013 is reaching its extended end-of-support (EOS) date in 60 days, on April...
Google Rolling Out Privacy Sandbox Beta on Android 13 Devices
Google announced on Tuesday that it's officially rolling out Privacy Sandbox on Android in beta to eligible mobile devices running...
Daily Vulnerability Trends: Wed Feb 15 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-22655 No description provided CVE-2023-21746Windows NTLM Elevation of Privilege Vulnerability.CVE-2022-47986 No description...
Malware Analysis – dcrat – 0fde60e5e798fd13595ebc51b0294983
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:laplas, family:rhadamanthys, family:smokeloader, family:vidar, botnet:19, backdoor, clipper, collection, discovery, evasion, infostealer, persistence, ransomware, rat,...
Malware Analysis – smokeloader – aafed58c0c20e3e6b15639650c448e34
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: aafed58c0c20e3e6b15639650c448e34SHA1: 5a2753f9eb4d15e8f322f61e8c58535820c0ec8aANALYSIS DATE: 2023-02-15T04:03:05ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 0ee550afc9cf3dfb22194926a66175f2
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 0ee550afc9cf3dfb22194926a66175f2SHA1: 2e4c903f3729a2aa53f2b765bfd8fff6951008edANALYSIS DATE: 2023-02-15T04:20:12ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – djvu – f6e4d307bf6f9653e2855a2c6802a1d1
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: f6e4d307bf6f9653e2855a2c6802a1d1SHA1: 4b3bd7bc5cf228822f760ec0c85b1dad165ea27eANALYSIS DATE: 2023-02-15T03:29:12ZTTPS: T1012, T1082, T1053, T1005,...
Malware Analysis – – f1c6ffbef4f05c68364d24fffc124f03
Score: 1 MALWARE FAMILY: TAGS:MD5: f1c6ffbef4f05c68364d24fffc124f03SHA1: fed0ef1c53333f699f94dffb85c70dae3b51706cANALYSIS DATE: 2023-02-15T03:18:17ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – 5ee1751c1b4d13cea1cb3225caa18ec0
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:laplas, family:rhadamanthys, family:smokeloader, family:vidar, botnet:19, backdoor, clipper, collection, discovery, evasion, persistence, ransomware, spyware, stealer, trojan,...
Malware Analysis – ransomware – a55dd55e1534735a522f84a8cf6e54d2
Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: a55dd55e1534735a522f84a8cf6e54d2SHA1: 31a49a4a744b0580f40fbd756ea0984fb2fd2fb9ANALYSIS DATE: 2023-02-15T04:47:41ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – 65e17c11acce0df0487431c9f97c685a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 65e17c11acce0df0487431c9f97c685aSHA1: 35dc904af2a96e6f4f87857b45fc1ab5cf23ab2cANALYSIS DATE: 2023-02-15T05:03:13ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – evasion – 9a4f70d1aed0c3e4cab2d565d8c2b2e3
Score: 8 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 9a4f70d1aed0c3e4cab2d565d8c2b2e3SHA1: 7ba0a92f77013b4b3df590399da28c181a423a94ANALYSIS DATE: 2023-02-15T05:00:36ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – djvu – e44143d2af9f4d889076c2862fd2e067
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: e44143d2af9f4d889076c2862fd2e067SHA1: 17f188c714e857674273f79ff1a33ec32ae62451ANALYSIS DATE: 2023-02-15T05:20:30ZTTPS: T1222, T1060, T1112, T1082,...
Malware Analysis – djvu – 0bd656fe319b787ae2a18e10f3f8cf27
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:rhadamanthys, family:smokeloader, backdoor, discovery, ransomware, spyware, stealer, trojan, vmprotectMD5: 0bd656fe319b787ae2a18e10f3f8cf27SHA1: 9d2a0bac3b07cb8a3d693a49cf1dc80b14b6032bANALYSIS DATE: 2023-02-15T05:40:33ZTTPS: T1012, T1120,...
Malware Analysis – chaos – 1379c8d2a7758958c5f2ad789feef48e
Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, evasion, ransomware, spyware, stealerMD5: 1379c8d2a7758958c5f2ad789feef48eSHA1: 24e960b51b156502b81c0e0deaeabca09b160a4eANALYSIS DATE: 2023-02-15T05:29:03ZTTPS: T1490, T1059, T1107, T1005, T1081, T1082, T1491,...
Malware Analysis – djvu – f5d57b9e3fd125cf7eb642ef89e09d9b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: f5d57b9e3fd125cf7eb642ef89e09d9bSHA1: 24cc19260eec4be76d219f81041e0eb2b5b5730cANALYSIS DATE: 2023-02-15T05:30:27ZTTPS: T1012, T1082, T1053, T1005,...
Update Now: Microsoft Releases Patches for 3 Actively Exploited Windows Vulnerabilities
Microsoft on Tuesday released security updates to address 75 flaws spanning its product portfolio, three of which have come under...
LockBit 3.0 Ransomware Victim: cassaragionieri[.]it
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Massive AdSense Fraud Campaign Uncovered – 10,000+ WordPress Sites Infected
The threat actors behind the black hat redirect malware campaign have scaled up their campaign to use more than 70...
Python Developers Beware: Clipper Malware Found in 450+ PyPI Packages!
Malicious actors have published more than 451 unique Python packages on the official Python Package Index (PyPI) repository in an...
Chinese Hackers Targeting South American Diplomatic Entities with ShadowPad
Microsoft on Monday attributed a China-based cyber espionage actor to a set of attacks targeting diplomatic entities in South America....
A CISOs Practical Guide to Storage and Backup Ransomware Resiliency
One thing is clear. The "business value" of data continues to grow, making it an organization's primary piece of intellectual...
