CISA: CISA Releases Three Industrial Systems Control Advisories
CISA Releases Three Industrial Systems Control Advisories CISA released three Industrial Control Systems (ICS) advisories on January 5 2023. These...
Cobalt Stike Beacon Detected – 114[.]115[.]235[.]249:8082
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 8[.]134[.]209[.]29:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]148[.]1[.]251:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 137[.]184[.]247[.]75:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Fortinet FortiADC command execution | CVE-2022-39947
NAME Fortinet FortiADC command execution Platforms Affected:Fortinet FortiADC 6.0.4 Fortinet FortiADC 6.1.5 Fortinet FortiADC 6.2.0 Fortinet FortiADC 6.2.1 Fortinet FortiADC...
ODude UPG plugin for WordPress command execution | CVE-2023-0039
NAME ODude UPG plugin for WordPress command execution Platforms Affected:ODude UPG plugin for WordPress 2.19Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION ODude UPG...
Daily Vulnerability Trends: Thu Jan 05 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-38627Nortek Linear eMerge E3-Series 0.32-08f, 0.32-07p, 0.32-07e, 0.32-09c, 0.32-09b, 0.32-09a, and 0.32-08e...
Royal Ransomware Victim: DSBJ DATA LEAK
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Cobalt Stike Beacon Detected – 107[.]189[.]5[.]117:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 168[.]61[.]161[.]153:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 5[.]188[.]86[.]194:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 49[.]4[.]88[.]243:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 37[.]72[.]168[.]213:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – spyware – f65a05f7af44b5054e8b77aa0ce1468c
Score: 8 MALWARE FAMILY: spywareTAGS:spyware, stealerMD5: f65a05f7af44b5054e8b77aa0ce1468cSHA1: 683ca30368c8150776f26ff470129028c5fdfa12ANALYSIS DATE: 2023-01-04T22:22:31ZTTPS: T1102, T1005, T1081, T1012, T1082 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – amadey – b5a3f6244498a9aff40f6e3c9764e3d5
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojan, vmprotectMD5: b5a3f6244498a9aff40f6e3c9764e3d5SHA1: 896d4bc913f77d15f2666b8212eab0483ac9940eANALYSIS DATE:...
Malware Analysis – discovery – bedb06e830e94cbd82a964874a79b35a
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomwareMD5: bedb06e830e94cbd82a964874a79b35aSHA1: 6ed5453096529de19235d223a475a0cfa706425fANALYSIS DATE: 2023-01-04T22:31:12ZTTPS: T1012, T1120, T1082, T1057, T1031, T1222, T1562, T1489,...
Malware Analysis – djvu – e556df5dafcb1cba319216b0ab250c37
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: e556df5dafcb1cba319216b0ab250c37SHA1: 83a3af0ee04454412044accf81d0f2b93cc2aa59ANALYSIS DATE: 2023-01-04T22:45:26ZTTPS: T1222, T1012, T1082, T1060,...
Empire C2 Detected – 109[.]200[.]24[.]62:443
The Information provided at the time of posting was detected as "Empire C2". Depending on when you are viewing this...
Malware Analysis – – 8c95b758ba42a8920cc4803172392b69
Score: 3 MALWARE FAMILY: TAGS:MD5: 8c95b758ba42a8920cc4803172392b69SHA1: 8f769c533a14defed94e51854ca5793d42d5cfe7ANALYSIS DATE: 2023-01-04T23:17:26ZTTPS: T1012, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – discovery – 2c628cca730d954ab017d56992c5afdf
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 2c628cca730d954ab017d56992c5afdfSHA1: 4686d228df5031e36cd3db6b76571f19f0e6781aANALYSIS DATE: 2023-01-04T23:12:35ZTTPS: T1082, T1012, T1112, T1042, T1060 ScoreMeaningExample10Known badA malware family...
Malware Analysis – djvu – 8f8eca0d17868d69f770cded01f0e515
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 8f8eca0d17868d69f770cded01f0e515SHA1: 7a300200faed480c61fd71319ce2dd1dd5ba29b1ANALYSIS DATE: 2023-01-04T23:15:48ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – amadey – 81ede1353918bc7bd5fa5fd237365764
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:19, botnet:555555555444, botnet:@redlinevip cloud (tg: @fatherofcarders), botnet:logss, backdoor, brand:microsoft, collection,...
US-CERT Bulletin (SB23-002):Vulnerability Summary for the Week of December 26, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
