Hackers Exploiting Remote Desktop Software Flaws to Deploy PlugX Malware
Security vulnerabilities in remote desktop programs such as Sunlogin and AweSun are being exploited by threat actors to deploy the...
IceFire Ransomware Exploits IBM Aspera Faspex to Attack Linux-Powered Enterprise Networks
A previously known Windows-based ransomware strain known as IceFire has expanded its focus to target Linux enterprise networks belonging to...
Android March 2023 update fixes two critical code execution flaws
Google has released March 2023 security updates for Android, fixing a total of 60 flaws, and among them, two critical-severity...
Acer confirms breach after 160GB of data for sale on hacking forum
Taiwanese computer giant Acer confirmed that it suffered a data breach after threat actors hacked a server hosting private documents...
DuckDuckGo launches AI-powered search query answering tool
Privacy-focused search engine DuckDuckGo has launched the first beta version of DuckAssist, an AI-assisted feature that writes accurate summaries to...
New malware variant has “radio silence” mode to evade detection
The Sharp Panda cyber-espionage hacking group is targeting high-profile government entities in Vietnam, Thailand, and Indonesia with a new version of...
Pen Testers using Vulnerability Scanners – Closing the Gap
Vulnerability scanning is a common practice for businesses to verify and harden their security controls, and because of its popularity,...
Hospital Clínic de Barcelona severely impacted by ransomware attack
The Hospital Clínic de Barcelona suffered a ransomware attack on Sunday morning, severely disrupting its healthcare services after the institution's...
Emotet malware attacks return after three-month break
The Emotet malware operation is again spamming malicious emails as of Tuesday morning after a three-month break, rebuilding its network...
FBI investigates data breach impacting U.S. House members and staff
The FBI is investigating a data breach affecting U.S. House of Representatives members and staff after their account and sensitive...
Bitwarden flaw can let hackers steal passwords using iframes
Bitwarden's credentials autofill feature contains a risky behavior that could allow malicious iframes embedded in trusted websites to steal people's...
Ransomware gang posts video of data stolen from Minneapolis schools
The Medusa ransomware gang is demanding a $1,000,000 ransom from the Minneapolis Public Schools (MPS) district to delete data allegedly...
Veeam fixes bug that lets hackers breach backup infrastructure
Veeam urged customers to patch a high-severity Backup Service security vulnerability impacting its Backup & Replication software. The flaw (tracked...
Fortinet warns of new critical unauthenticated RCE vulnerability
Fortinet has disclosed a "Critical" vulnerability impacting FortiOS and FortiProxy, which allows an unauthenticated attacker to execute arbitrary code or...
Iranian Hackers Target Women Involved in Human Rights and Middle East Politics
Iranian state-sponsored actors are continuing to engage in social engineering campaigns targeting researchers by impersonating a U.S. think tank. "Notably...
Does Your Help Desk Know Who’s Calling?
Phishing, the theft of users' credentials or sensitive data using social engineering, has been a significant threat since the early...
Cobalt Stike Beacon Detected – 179[.]43[.]162[.]6:10443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 39[.]98[.]167[.]247:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 119[.]91[.]141[.]173:8001
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 216[.]83[.]38[.]235:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 5239b4963a8dd2bddc6dcbd203851e31
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 5239b4963a8dd2bddc6dcbd203851e31SHA1: d770c3b7d73c5fb50adbc31e0479c79ab6747167ANALYSIS DATE: 2023-03-09T10:29:04ZTTPS: T1082, T1053, T1012, T1005, T1081,...
Malware Analysis – djvu – 5bb17f0bd59304af2640fa2beb074d16
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 5bb17f0bd59304af2640fa2beb074d16SHA1: 64a300c6079fdcbb48f15d7ff8f801d6be160100ANALYSIS DATE: 2023-03-09T10:13:18ZTTPS: T1082, T1005, T1081, T1060, T1112,...
Malware Analysis – bootkit – 8212c56b81cf868f127f5cb87e86ae44
Score: 8 MALWARE FAMILY: bootkitTAGS:bootkit, discovery, persistence, ransomwareMD5: 8212c56b81cf868f127f5cb87e86ae44SHA1: bc90de21627fd7bba718af8587ae68ef15cdd4adANALYSIS DATE: 2023-03-09T10:02:41ZTTPS: T1012, T1082, T1060, T1112, T1491, T1067, T1130 ScoreMeaningExample10Known...
Malware Analysis – amadey – d6b9b6638f6427d82d83c5b08bde7ef7
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, backdoor, discovery, evasion, persistence, ransomware, stealer, trojanMD5: d6b9b6638f6427d82d83c5b08bde7ef7SHA1: 9b9caf7c62a21bedf100ab496dd4959a7d7ef7b8ANALYSIS DATE: 2023-03-09T09:34:31ZTTPS: T1012,...
