Daily Threat Intelligence – May 16 – 2023
A Go implementation of Cobalt Strike called Geacon is being used by cybercriminals in attacks against macOS devices. Cyber experts...
Malware Analysis – djvu – 5a8e2f2bdcc6be8d189e1badb8717ca0
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:9dfa7ee730fa2f1efb5ed51dbbec22f5, discovery, persistence, ransomware, spyware, stealerMD5: 5a8e2f2bdcc6be8d189e1badb8717ca0SHA1: 08d6fbe62d6bfbff71e9cb54d04bd995de47ea0dANALYSIS DATE: 2023-05-16T15:46:00ZTTPS: T1060, T1112, T1082, T1005,...
Malware Analysis – djvu – 669a891fe610e110917fad79b6876f55
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:9dfa7ee730fa2f1efb5ed51dbbec22f5, discovery, persistence, ransomware, spyware, stealerMD5: 669a891fe610e110917fad79b6876f55SHA1: a762faa446f6a8da5770ecca619fc2cffdf33ab1ANALYSIS DATE: 2023-05-16T15:47:04ZTTPS: T1060, T1112, T1053, T1005,...
Malware Analysis – djvu – dc8396334e68e4ad4a8de1ae8dd3fbe8
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:9dfa7ee730fa2f1efb5ed51dbbec22f5, discovery, persistence, ransomware, spyware, stealerMD5: dc8396334e68e4ad4a8de1ae8dd3fbe8SHA1: 599785fc24bf60cc66234af1302e2afbdf7768c6ANALYSIS DATE: 2023-05-16T16:30:39ZTTPS: T1012, T1082, T1053, T1005,...
Malware Analysis – discovery – 87208f8f5babd537eb42ced3831018bd
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, ransomware, trojanMD5: 87208f8f5babd537eb42ced3831018bdSHA1: 1bf91f8c00d9af85bce514f0c70d99ebff800e68ANALYSIS DATE: 2023-05-16T16:39:21ZTTPS: T1012, T1120, T1082, T1222, T1130, T1112 ScoreMeaningExample10Known badA...
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on May 16, 2023. These...
Play Ransomware Victim: SOWITEC
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
HackerOne Bug Bounty Disclosure: redos-in-time-rfc2822byooooooo_q
Programme HackerOne Ruby Ruby Submitted by ooooooo_q ooooooo_q Report ReDoS in Time.rfc2822 Full Report A considerable amount of time...
HackerOne Bug Bounty Disclosure: no-rate-limit-while-adding-additional-emails-featurebycryptographer
Programme HackerOne Nextcloud Nextcloud Submitted by cryptographer cryptographer Report No rate limit while adding Additional emails feature Full Report ...
Inside Qilin Ransomware: Affiliates Take Home 85% of Ransom Payouts
Ransomware affiliates associated with the Qilin ransomware-as-a-service (RaaS) scheme earn anywhere between 80% to 85% of each ransom payment, according...
China’s Mustang Panda Hackers Exploit TP-Link Routers for Persistent Attacks
The Chinese nation-state actor known as Mustang Panda has been linked to a new set of sophisticated and targeted attacks...
Medusa Locker Ransomware Victim: BAMSI
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Hackers Using Golang Variant of Cobalt Strike to Target Apple macOS Systems
A Golang implementation of Cobalt Strike called Geacon is likely to garner the attention of threat actors looking to target...
CopperStealer Malware Crew Resurfaces with New Rootkit and Phishing Kit Modules
The threat actors behind the CopperStealer malware resurfaced with two new campaigns in March and April 2023 that are designed...
Cyolo Product Overview: Secure Remote Access to All Environments
Operational technology (OT) cybersecurity is a challenging but critical aspect of protecting organizations' essential systems and resources. Cybercriminals no longer...
LockBit 3.0 Ransomware Victim: airtac[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: chinadailyhk[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: norcorp[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – 101[.]43[.]165[.]220:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Abyss Ransomware Victim: www[.]l3harris[.]com
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Abyss Ransomware Victim: stonehillcontracting[.]com
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Abyss Ransomware Victim: brett-robinson[.]com
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Abyss Ransomware Victim: 7x7oralsurgery[.]com
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Abyss Ransomware Victim: avidxchange[.]com
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
