Cobalt Stike Beacon Detected – 101[.]200[.]87[.]194:8001
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 193[.]233[.]175[.]106:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 171[.]22[.]30[.]252:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 88[.]210[.]37[.]215:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 163[.]123[.]142[.]213:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]220[.]159[.]81:5002
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]136[.]114[.]150:8011
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]42[.]34[.]190:2222
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 538763ee8cd757f8b76910b9462f9839
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 538763ee8cd757f8b76910b9462f9839SHA1: 48e4827246b94774bace1b71d5a54227342d8349ANALYSIS DATE: 2023-03-07T10:36:03ZTTPS: T1012, T1005, T1081, T1060, T1112,...
Malware Analysis – djvu – b7e1bef5147966a3bf5ef3de4b709a9c
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: b7e1bef5147966a3bf5ef3de4b709a9cSHA1: c6a308580ab71bdad01e2fa9014fa6f9d503e104ANALYSIS DATE: 2023-03-07T10:31:23ZTTPS: T1005, T1081, T1060, T1112, T1222,...
Malware Analysis – djvu – e7c396ed9b591894062d5d0b76ccc94a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: e7c396ed9b591894062d5d0b76ccc94aSHA1: ccbf43b6a8f55d5c38911346e05c3f4cc15d09d9ANALYSIS DATE: 2023-03-07T09:47:43ZTTPS: T1005, T1081, T1012, T1082, T1060,...
Malware Analysis – ransomware – b053584a149ba26ffc432f0ecf6d85c7
Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: b053584a149ba26ffc432f0ecf6d85c7SHA1: c450f14e210b57f87415472d4889a4632d062d2cANALYSIS DATE: 2023-03-07T10:00:54ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Cobalt Stike Beacon Detected – 101[.]37[.]13[.]26:888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]227[.]196[.]174:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 193[.]233[.]175[.]106:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 104[.]243[.]21[.]60:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Vim buffer overflow | CVE-2023-1170
NAME__________Vim buffer overflowPlatforms Affected:Vim Vim 9.0.1375Risk Level:7.3Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Vim is vulnerable to a heap-based buffer overflow, caused by...
Kitabisa teler-waf cross-site scripting | CVE-2023-26047
NAME__________Kitabisa teler-waf cross-site scriptingPlatforms Affected:Kitabisa teler-wafRisk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Kitabisa teler-waf is vulnerable to cross-site scripting, caused by improper validation of...
Cisco IP Phone 6800, 7800, and 8800 Series denial of service | CVE-2023-20079
NAME__________Cisco IP Phone 6800, 7800, and 8800 Series denial of servicePlatforms Affected:Cisco IP Phone 6800 Series Cisco IP Phone 7800...
FabulaTech Webcam for Remote Desktop denial of service | CVE-2023-1188
NAME__________FabulaTech Webcam for Remote Desktop denial of servicePlatforms Affected:Risk Level:3.3Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________FabulaTech Webcam for Remote Desktop is...
Zhong Bang CRMEB Java SQL injection | CVE-2023-1165
NAME__________Zhong Bang CRMEB Java SQL injectionPlatforms Affected:Zhong Bang CRMEB Java 1.3.4Risk Level:5.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Zhong Bang CRMEB Java is vulnerable to...
Vega cross-site scripting | CVE-2023-26487
NAME__________Vega cross-site scriptingPlatforms Affected:Vega Vega 5.13.0 Vega Vega 5.22.1Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Vega is vulnerable to cross-site scripting, caused by improper...
ECshop file upload | CVE-2023-1184
NAME__________ECshop file uploadPlatforms Affected:Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________ECshop could allow a remote authenticated attacker to upload arbitrary files, caused by the...
WiseCleaner Wise Folder Hider denial of service | CVE-2023-1189
NAME__________WiseCleaner Wise Folder Hider denial of servicePlatforms Affected:Risk Level:3.3Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________WiseCleaner Wise Folder Hider is vulnerable to...
