Lazarus Group Likely Using New WinorDLL64 Backdoor to Exfiltrate Sensitive Data
A new backdoor associated with a malware downloader named Wslink has been discovered, with the tool likely used by the...
Hackers Using Trojanized macOS Apps to Deploy Evasive Cryptocurrency Mining Malware
Trojanized versions of legitimate applications are being used to deploy evasive cryptocurrency mining malware on macOS systems. Jamf Threat Labs,...
Experts Sound Alarm Over Growing Attacks Exploiting Zoho ManageEngine Products
Multiple threat actors have been observed opportunistically weaponizing a now-patched critical security vulnerability impacting several Zoho ManageEngine products since January...
The Secret Vulnerability Finance Execs are Missing
The (Other) Risk in Finance# A few years ago, a Washington-based real estate developer received a document link from First...
Cobalt Stike Beacon Detected – 14[.]29[.]187[.]171:999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 158[.]255[.]208[.]60:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]223[.]31[.]74:5555
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
BlackCat/ALPHV Ransomware Victim: Empresa Distribuidora de Electricidad del Este, Revenue $633[.]6M
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: Glovers Solicitors LLP
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: PRESTIGE MAINTENANCE USA WAS HACKED
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: Kendall Hunt Publishing
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Cobalt Stike Beacon Detected – 104[.]168[.]68[.]35:8000
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 118[.]107[.]11[.]150:8899
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 162[.]33[.]179[.]164:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]42[.]101[.]185:8008
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]143[.]134[.]147:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]15[.]155[.]15:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]139[.]116[.]197:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 5[.]183[.]81[.]215:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – bec27e89d69d057e4dd42ba85db35130
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: bec27e89d69d057e4dd42ba85db35130SHA1: dd233921bc0b900fc7f661cc35c4d914e991d4e2ANALYSIS DATE: 2023-02-23T09:00:51ZTTPS: T1082, T1005, T1081, T1012, T1060,...
Malware Analysis – djvu – 5295dd60a35b55ad49a709d9d2601b62
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 5295dd60a35b55ad49a709d9d2601b62SHA1: 180c7fb35bc98fbd5a31afc27248efa4744af236ANALYSIS DATE: 2023-02-23T10:32:21ZTTPS: T1222, T1005, T1081, T1060, T1112,...
Malware Analysis – djvu – 05c2ad3a05f5d1d00c70b8d9118a93ad
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 05c2ad3a05f5d1d00c70b8d9118a93adSHA1: a4191491d990c61c49167206e9e1d373aff2b61eANALYSIS DATE: 2023-02-23T10:45:34ZTTPS: T1222, T1082, T1012, T1053, T1005,...
Malware Analysis – djvu – 40f1ef64ddef4159773b49a10289b9df
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, backdoor, discovery, evasion, persistence, ransomware, stealer, trojan, vmprotectMD5: 40f1ef64ddef4159773b49a10289b9dfSHA1: 304b0390f20f510ee0ed3065227b2265c8de02d5ANALYSIS DATE: 2023-02-23T10:39:30ZTTPS: T1222,...
Nautobot code execution | CVE-2023-25657
NAME__________Nautobot code executionPlatforms Affected:Nautobot Nautobot 1.5.6Risk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Nautobot could allow a remote authenticated attacker to execute arbitrary code on...
