Daily Threat Intelligence – May 10 – 2023
It’s that time of the month when software vendors and critical infrastructure industries issue security patches in bulk to address...
Malware Analysis – djvu – b8f9b92fa79c97f3461c5a4dc0286a1e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:ef32d425b907146eeb9090dbc9455ab1, discovery, persistence, ransomware, spyware, stealerMD5: b8f9b92fa79c97f3461c5a4dc0286a1eSHA1: 0842f2af0d958b043ad2a63396b80e4fe6303732ANALYSIS DATE: 2023-05-10T15:35:38ZTTPS: T1005, T1081, T1060, T1112,...
Malware Analysis – evasion – e2c4c4dd8c6a357eca164955a8fe040c
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, trojanMD5: e2c4c4dd8c6a357eca164955a8fe040cSHA1: f4114815bce62efbc78c79f9a83ccf74a4ea075cANALYSIS DATE: 2023-05-10T16:56:48ZTTPS: T1088, T1089, T1112, T1491, T1012, T1082, T1060 ScoreMeaningExample10Known...
Malware Analysis – amadey – f20c04dd9a5a3fb76d8686910deaedda
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:ef32d425b907146eeb9090dbc9455ab1, botnet:pub1, botnet:sprg, backdoor, discovery, ransomware, stealer, trojanMD5: f20c04dd9a5a3fb76d8686910deaeddaSHA1: 11ca428d2502cbaead96a6ce028ea8cb66ee454eANALYSIS DATE: 2023-05-10T17:04:28ZTTPS:...
Malware Analysis – neshta – 80d2cfccef17caa46226147c1b0648e6
Score: 10 MALWARE FAMILY: neshtaTAGS:family:neshta, family:wannacry, discovery, persistence, ransomware, spyware, stealer, wormMD5: 80d2cfccef17caa46226147c1b0648e6SHA1: 4540c60c99594ebd49e0ede7d2070b00f5fb021bANALYSIS DATE: 2023-05-10T16:59:31ZTTPS: T1107, T1490, T1222, T1112,...
Malware Analysis – discovery – cf2a00cda850b570f0aa6266b9a5463e
Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomwareMD5: cf2a00cda850b570f0aa6266b9a5463eSHA1: ab9eb170448c95eccb65bf0665ac9739021200b6ANALYSIS DATE: 2023-05-10T17:16:14ZTTPS: T1012, T1082, T1120, T1060, T1112, T1102, T1491 ScoreMeaningExample10Known...
Malware Analysis – discovery – 8543002b027116786aaa52089b558cc0
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, exploit, persistence, ransomware, trojanMD5: 8543002b027116786aaa52089b558cc0SHA1: 541a0fd4a8d6821e193e57e304e7dc87fa6daadaANALYSIS DATE: 2023-05-10T17:35:04ZTTPS: T1088, T1089, T1112, T1012, T1082, T1120,...
Malware Analysis – bootkit – b49fe89eedd01c5c4998902c6a988e2c
Score: 8 MALWARE FAMILY: bootkitTAGS:bootkit, discovery, exploit, persistenceMD5: b49fe89eedd01c5c4998902c6a988e2cSHA1: c0310946c0ad9346486a6c0eb33a8c73dfa63c01ANALYSIS DATE: 2023-05-10T17:33:44ZTTPS: T1012, T1082, T1067, T1222, T1102 ScoreMeaningExample10Known badA malware...
Malware Analysis – djvu – 5805707bb7e896ee387f8fc1807cdd6e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:ef32d425b907146eeb9090dbc9455ab1, discovery, persistence, ransomware, spyware, stealerMD5: 5805707bb7e896ee387f8fc1807cdd6eSHA1: 1c4b1a51b50fb077f1e044de77d324a900b8805eANALYSIS DATE: 2023-05-10T17:41:30ZTTPS: T1012, T1082, T1222, T1005,...
Cuba Ransomware Victim: Vdi
Cuba Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
HackerOne Bug Bounty Disclosure: subdomain-takeover-affecting-at–vex-weather-combygdattacker
Programme HackerOne IBM IBM Submitted by gdattacker gdattacker Report Subdomain Takeover Affecting at vex.weather.com Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: download-file-type-warning-on-windows-does-not-appear-if-“ask-where-to-save-file-before-downloading”-setting-is-enabledbyameenbasha
Programme HackerOne Brave Software Brave Software Submitted by ameenbasha ameenbasha Report download file type warning on Windows does not appear...
HackerOne Bug Bounty Disclosure: reset-password-link-sent-over-unsecured-http-protocolbyuchihaluckycs
Programme HackerOne Mattermost Mattermost Submitted by uchihaluckycs uchihaluckycs Report Reset password link sent over unsecured http protocol Full Report ...
Experts Detail New Zero-Click Windows Vulnerability for NTLM Credential Theft
Cybersecurity researchers have shared details about a now-patched security flaw in Windows MSHTML platform that could be abused to bypass...
Why Honeytokens Are the Future of Intrusion Detection
A few weeks ago, the 32nd edition of RSA, one of the world's largest cybersecurity conferences, wrapped up in San...
Sophisticated DownEx Malware Campaign Targeting Central Asian Governments
Government organizations in Central Asia are the target of a sophisticated espionage campaign that leverages a previously undocumented strain of...
Medusa Locker Ransomware Victim: Cooperativa de Ahorro y Crédito Ahorrocoop Ltda
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
U.S. Government Neutralizes Russia’s Most Sophisticated Snake Cyber Espionage Tool
The U.S. government on Tuesday announced the court-authorized disruption of a global network compromised by an advanced malware strain known...
Mastermind Behind Twitter 2020 Hack Pleads Guilty and Faces up to 70 Years in Prison
A U.K. national has pleaded guilty in connection with the July 2020 Twitter attack affecting numerous high-profile accounts and defrauding...
LockBit 3.0 Ransomware Victim: cbelaw[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: mbwswim[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: interfides[.]de
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: gocontec[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: hk-finance[.]pl
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
