Cobalt Stike Beacon Detected – 42[.]194[.]213[.]51:8034
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 179[.]43[.]162[.]6:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]139[.]19[.]125:8585
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – a0ed2f262fb1c36c2a8e248292114ce6
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: a0ed2f262fb1c36c2a8e248292114ce6SHA1: 33dc687c00c1f60834e12bf98750dfff4374f068ANALYSIS DATE: 2023-02-28T10:34:19ZTTPS: T1012, T1082, T1005, T1081, T1060,...
Malware Analysis – djvu – 9649c65f594f4d871ee9eb889c4c1a31
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 9649c65f594f4d871ee9eb889c4c1a31SHA1: c795b31cf2972fad2d1c105eec1b5246ec83f1bdANALYSIS DATE: 2023-02-28T11:31:10ZTTPS: T1060, T1112, T1222, T1082, T1005,...
Malware Analysis – djvu – c13f64b54d8640237ebc8c9edcf482b4
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: c13f64b54d8640237ebc8c9edcf482b4SHA1: b2f496500a8ba5503152cafd7f8e45f0c4430febANALYSIS DATE: 2023-02-28T11:51:01ZTTPS: T1060, T1112, T1005, T1081, T1082,...
Malware Analysis – djvu – b5301a4e4c0106610a65c09320704cc5
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, backdoor, discovery, persistence, ransomware, stealer, trojan, vmprotectMD5: b5301a4e4c0106610a65c09320704cc5SHA1: dac7814be2c38e22aff9c78efaa020cbbfbabcf9ANALYSIS DATE: 2023-02-28T10:33:29ZTTPS: T1012, T1120,...
ZoneMinder file inclusion | CVE-2023-26038
NAME__________ZoneMinder file inclusionPlatforms Affected:Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________ZoneMinder could allow a remote authenticated attacker to include arbitrary files. An attacker could...
Real Temp code execution | CVE-2023-1047
NAME__________Real Temp code executionPlatforms Affected:Risk Level:5.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Real Temp could allow a local authenticated attacker to execute arbitrary code on...
MuYuCMS directory traversal | CVE-2023-1043
NAME__________MuYuCMS directory traversalPlatforms Affected:Risk Level:4.3Exploitability:Proof of ConceptConsequences:Obtain Information DESCRIPTION__________MuYuCMS could allow a remote authenticated attacker to traverse directories on the...
Nextcloud Server denial of service | CVE-2023-25816
NAME__________Nextcloud Server denial of servicePlatforms Affected:Risk Level:3.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Nextcloud Server is vulnerable to a denial of service, caused by...
Online Boat Reservation System cross-site scripting | CVE-2023-1030
NAME__________Online Boat Reservation System cross-site scriptingPlatforms Affected:Risk Level:3.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Online Boat Reservation System is vulnerable to cross-site scripting, caused by...
lite-web-server denial of service | CVE-2023-26104
NAME__________lite-web-server denial of servicePlatforms Affected:lite-web-server lite-web-server 1.2.2Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________lite-web-server is vulnerable to a denial of service, caused by...
All in One SEO plugin for WordPress cross-site scripting | CVE-2023-0586
NAME__________All in One SEO plugin for WordPress cross-site scriptingPlatforms Affected:Risk Level:6.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________All in One SEO plugin for WordPress is...
Clinic’s Patient Management System SQL injection | CVE-2023-1035
NAME__________Clinic's Patient Management System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Clinic's Patient Management System is vulnerable to SQL injection. A remote...
MuYuCMS code execution | CVE-2023-1044
NAME__________MuYuCMS code executionPlatforms Affected:Risk Level:4.3Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________MuYuCMS could allow a remote authenticated attacker to execute arbitrary code on...
IBM Cloud Pak for Business Automation cross-site scripting | CVE-2023-22860
NAME__________IBM Cloud Pak for Business Automation cross-site scriptingPlatforms Affected:IBM Cloud Pak for Business Automation 18.0.0 IBM Cloud Pak for Business...
All in One SEO plugin for WordPress cross-site scripting | CVE-2023-0585
NAME__________All in One SEO plugin for WordPress cross-site scriptingPlatforms Affected:Risk Level:4.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________All in One SEO plugin for WordPress is...
MuYuCMS server-side request forgery | CVE-2023-1046
NAME__________MuYuCMS server-side request forgeryPlatforms Affected:Risk Level:6.3Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________MuYuCMS is vulnerable to server-side request forgery, caused by a flaw...
Dental Clinic Appointment Reservation System cross-site scripting | CVE-2023-1036
NAME__________Dental Clinic Appointment Reservation System cross-site scriptingPlatforms Affected:Risk Level:4.3Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Dental Clinic Appointment Reservation System is vulnerable to cross-site scripting,...
Deno Land Deno denial of service | CVE-2023-26103
NAME__________Deno Land Deno denial of servicePlatforms Affected:Deno Land Deno 1.30.3Risk Level:5.3Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________Deno Land Deno is vulnerable...
MuYuCMS directory traversal | CVE-2023-1045
NAME__________MuYuCMS directory traversalPlatforms Affected:Risk Level:3.8Exploitability:Proof of ConceptConsequences:Obtain Information DESCRIPTION__________MuYuCMS could allow a remote authenticated attacker to traverse directories on the...
Online Pet Shop Web App cross-site scripting | CVE-2023-1042
NAME__________Online Pet Shop Web App cross-site scriptingPlatforms Affected:Risk Level:3.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Online Pet Shop Web App is vulnerable to cross-site scripting,...
Cisco Firepower 4100, 9300 Security Appliances, and UCS Fabric Interconnects command execution | CVE-2023-20015
NAME__________Cisco Firepower 4100, 9300 Security Appliances, and UCS Fabric Interconnects command executionPlatforms Affected:Cisco UCS 6200 Series Fabric Interconnects Cisco UCS...
