Cobalt Stike Beacon Detected – 84[.]32[.]190[.]10:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 7a84a1a41a766c91cf8a3df085f960b6
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 7a84a1a41a766c91cf8a3df085f960b6SHA1: c44ee2b0d827561c5d53ae05399b1140530dcaeeANALYSIS DATE: 2023-01-18T09:44:29ZTTPS: T1005, T1081, T1060, T1112,...
Malware Analysis – djvu – 831ea71d4e3cc3e27250500e14d4ac25
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 831ea71d4e3cc3e27250500e14d4ac25SHA1: 8976eebf1416eb1bf968c346b08e7a32f5325908ANALYSIS DATE: 2023-01-18T10:45:15ZTTPS: T1082, T1012, T1222, T1005,...
GE Digital Proficy Historian command execution | CVE-2022-46732
NAME__________GE Digital Proficy Historian command executionPlatforms Affected:GE Digital Proficy Historian 7.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________GE Digital Proficy Historian could allow a...
phpMyFAQ cross-site scripting | CVE-2023-0310
NAME__________phpMyFAQ cross-site scriptingPlatforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________phpMyFAQ is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A...
phpMyFAQ cross-site scripting | CVE-2023-0312
NAME__________phpMyFAQ cross-site scriptingPlatforms Affected:Risk Level:8.6Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________phpMyFAQ is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A...
phpMyFAQ cross-site scripting | CVE-2023-0306
NAME__________phpMyFAQ cross-site scriptingPlatforms Affected:Risk Level:9.1Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________phpMyFAQ is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A...
Online Tours and Travels Management System SQL injection | CVE-2023-0324
NAME__________Online Tours and Travels Management System SQL injectionPlatforms Affected:Risk Level:7.3Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Online Tours & Travels Management System is vulnerable to...
Mozilla Firefox safety bugs code execution | CVE-2023-23605
NAME__________Mozilla Firefox safety bugs code executionPlatforms Affected:Mozilla Firefox 108 Mozilla Firefox ESR 102.6Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Mozilla Firefox could allow a...
IBM Security QRadar SIEM information disclosure | CVE-2023-22875
NAME__________IBM Security QRadar SIEM information disclosurePlatforms Affected:IBM Security QRadar SIEM 7.5 IBM Security QRadar SIEM 7.4Risk Level:8.4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________IBM QRadar...
Git integer overflow | CVE-2022-41903
NAME__________Git integer overflowPlatforms Affected:Git Git 2.30.0 Git Git 2.36 Git Git 2.37 Git Git 2.38.0 GIt Git 2.39Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access...
Cisco Small Business RV016, RV042, RV042G, and RV082 Routers security bypass | CVE-2023-20025
NAME__________Cisco Small Business RV016, RV042, RV042G, and RV082 Routers security bypassPlatforms Affected:Risk Level:9Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Cisco Small Business RV016, RV042, RV042G,...
Mediamatic plugin for WordPress cross-site request forgery | CVE-2023-0294
NAME__________Mediamatic plugin for WordPress cross-site request forgeryPlatforms Affected:Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Mediamatic plugin for WordPress is vulnerable to cross-site request forgery,...
Mozilla Firefox safety bugs code execution | CVE-2023-23606
NAME__________Mozilla Firefox safety bugs code executionPlatforms Affected:Mozilla Firefox 108Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Mozilla Firefox could allow a remote attacker to execute...
Git integer overflow | CVE-2022-23521
NAME__________Git integer overflowPlatforms Affected:Git Git 2.30.0 Git Git 2.36 Git Git 2.37 Git Git 2.38.0 GIt Git 2.39Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access...
phpMyFAQ cross-site scripting | CVE-2023-0309
NAME__________phpMyFAQ cross-site scriptingPlatforms Affected:Risk Level:8.6Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________phpMyFAQ is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A...
Royal Ransomware Victim: K Azarosian Costello
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Malware Analysis – discovery – f14153bbd95fc26d9ccea77c49cf09b9
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomware, spyware, stealer, trojanMD5: f14153bbd95fc26d9ccea77c49cf09b9SHA1: cb59f900711ea751c4322b4dab50fa2c0ee70b33ANALYSIS DATE: 2023-01-18T03:19:01ZTTPS: T1130, T1112, T1042, T1012, T1082,...
Malware Analysis – – ad3bc99ab03f6fcef0215c0eb185bf6f
Score: 1 MALWARE FAMILY: TAGS:MD5: ad3bc99ab03f6fcef0215c0eb185bf6fSHA1: 135d0497aa12587d1970ff2e6d2eb9bc401c898fANALYSIS DATE: 2023-01-18T03:15:33ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – discovery – 054e745aa82ab8cfa9839012b88be92e
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 054e745aa82ab8cfa9839012b88be92eSHA1: c559315cac54df311c1b8bc99f14bf37c3ddedb3ANALYSIS DATE: 2023-01-18T03:05:38ZTTPS: T1060, T1012, T1120, T1082, T1102, T1112, T1042 ScoreMeaningExample10Known badA...
Malware Analysis – upx – adfd72bcc56ad11b2736584c152e3cdc
Score: 9 MALWARE FAMILY: upxTAGS:upxMD5: adfd72bcc56ad11b2736584c152e3cdcSHA1: 7c2745c476490a68d6a8a3ee3207312c7d7c5ac4ANALYSIS DATE: 2023-01-18T04:09:08ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – 008d06f2da41aff875920ca2fc30dbeb
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 008d06f2da41aff875920ca2fc30dbebSHA1: 48a340ee73ea1f73ce0b5e107f92899fa31a81dfANALYSIS DATE: 2023-01-18T03:45:29ZTTPS: T1082, T1012, T1222, T1053,...
Malware Analysis – discovery – cc11aad00f58586019f729fc87ae0770
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomware, spyware, stealer, trojanMD5: cc11aad00f58586019f729fc87ae0770SHA1: 0ad616a4f634dc25f8d01496ebb4ce2c803036f2ANALYSIS DATE: 2023-01-18T03:44:20ZTTPS: T1082, T1012, T1120, T1112, T1042,...
Malware Analysis – djvu – 7759fcd2fb56a92edd795ce8816beec2
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 7759fcd2fb56a92edd795ce8816beec2SHA1: 485ab66daee6cc85c335f793f0e3817256529ea8ANALYSIS DATE: 2023-01-18T05:41:10ZTTPS: T1222, T1005, T1081, T1082,...
