Researchers Link SideWinder Group to Dozens of Targeted Attacks in Multiple Countries
The prolific SideWinder group has been attributed as the nation-state actor behind attempted attacks against 61 entities in Afghanistan, Bhutan,...
Researchers Hijack Popular NPM Package with Millions of Downloads
A popular npm package with more than 3.5 million weekly downloads has been found vulnerable to an account takeover attack....
Critical RCE Vulnerability Discovered in ClamAV Open Source Antivirus Software
Cisco has rolled out security updates to address a critical flaw reported in the ClamAV open source antivirus engine that...
CISA: CISA Releases Fifteen Industrial Control Systems Advisories
CISA Releases Fifteen Industrial Control Systems Advisories CISA released fifteen (15) Industrial Control Systems (ICS) advisories on February 16, 2023....
Daily Vulnerability Trends: Thu Feb 16 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-23514 No description provided CVE-2023-23376Windows Common Log File System Driver Elevation of...
Malware Analysis – ransomware – b7718f4a9760791f4123329c0320de16
Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: b7718f4a9760791f4123329c0320de16SHA1: f7b2bf4ae4161186442dc841363d616e479b1d2dANALYSIS DATE: 2023-02-16T03:11:47ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – ransomware – 000fb3406dffe4e4933612e9f7259c52
Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 000fb3406dffe4e4933612e9f7259c52SHA1: c597b6898d40ea20a92a5c292d1400fa6434a9a9ANALYSIS DATE: 2023-02-16T03:30:01ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – 051d5874bdc197f10e9db0668ebfb12b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 051d5874bdc197f10e9db0668ebfb12bSHA1: c30a61aa11e42b444b59d842596d88004f337116ANALYSIS DATE: 2023-02-16T04:30:33ZTTPS: T1005, T1081, T1012, T1222,...
Malware Analysis – djvu – e5ae8001839ba54edbfec99076911622
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: e5ae8001839ba54edbfec99076911622SHA1: 6792e2ecffa213cbde0f36afa4d43594c93b3e09ANALYSIS DATE: 2023-02-16T04:20:29ZTTPS: T1082, T1012, T1005, T1081,...
Malware Analysis – djvu – 12abe389cca03fa67190601574816b5a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:gozi, family:smokeloader, botnet:1001, backdoor, banker, discovery, isfb, persistence, ransomware, trojan, vmprotectMD5: 12abe389cca03fa67190601574816b5aSHA1: 00bc25d24abb479426e04ee7222f22dbe5b19f69ANALYSIS DATE: 2023-02-16T03:37:13ZTTPS:...
Malware Analysis – djvu – 1b0cb243ac3ee82f10ab7cc4a02109b7
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:gozi, family:laplas, family:rhadamanthys, family:smokeloader, family:vidar, botnet:1001, botnet:19, backdoor, banker, clipper, collection, discovery, evasion, isfb, persistence,...
Malware Analysis – djvu – 6698f16c7ba19114051877c9d33eb69f
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 6698f16c7ba19114051877c9d33eb69fSHA1: 3a0ff9ad37b183f1b3d2d44638ef9ca35134ef1bANALYSIS DATE: 2023-02-16T05:41:12ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – djvu – d0c450199d3b304ae14673b5adebc79e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: d0c450199d3b304ae14673b5adebc79eSHA1: bb0048e76a4dbbba54c4979e3ac3ecd2c3540e8bANALYSIS DATE: 2023-02-16T05:30:45ZTTPS: T1012, T1082, T1060, T1112,...
Malware Analysis – evasion – 59d1e6cf42825dec6bc1f7ea27dd5901
Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 59d1e6cf42825dec6bc1f7ea27dd5901SHA1: 3949dfc0d598e87e1f51e0c4ead11058b6ed5993ANALYSIS DATE: 2023-02-16T05:14:25ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – djvu – b01a66a4ffdc6b95cd9c392a03ec43fa
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:gozi, family:rhadamanthys, family:smokeloader, botnet:1001, backdoor, banker, discovery, isfb, ransomware, spyware, stealer, trojan, vmprotectMD5: b01a66a4ffdc6b95cd9c392a03ec43faSHA1: ee76990db76f909aecf3692ff0586bdc1d3eec8cANALYSIS...
My Password Manager was Hacked! How to Prevent a Catastrophe
The LastPass security breach in late 2022 sent a shockwave through the security community. Password managers are typically seen as...
Emsisoft says hackers are spoofing its certs to breach networks
A hacker is using fake code-signing certificates impersonating cybersecurity firm Emsisoft to target customers using its security products, hoping to...
City of Oakland declares state of emergency after ransomware attack
Oakland has declared a local state of emergency because of the impact of a ransomware attack that forced the City...
GitHub Copilot update stops AI model from revealing secrets
GitHub has updated the AI model of Copilot, a programming assistant that generates real-time source code and function recommendations in...
Hyundai, Kia patch bug allowing car thefts with a USB cable
Automakers Hyundai and KIA are rolling out an emergency software update on several of their car models impacted by an...
Russian hacker convicted of $90 million hack-to-trade charges
Russian national Vladislav Klyushin was found guilty of participating in a global scheme that involved hacking into U.S. computer networks...
Citrix fixes severe flaws in Workspace, Virtual Apps and Desktops
Citrix Systems has released security updates for vulnerabilities in its Virtual Apps and Desktops, and Workspace Apps products. The addressed...
Hackers start using Havoc post-exploitation framework in attacks
Security researchers are seeing threat actors switching to a new and open-source command and control (C2) framework known as Havoc...
Malware Analysis – djvu – b677e02f354bc39fbd56b84ded18922d
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, vmprotectMD5: b677e02f354bc39fbd56b84ded18922dSHA1: 9c659cf1f14487a73fc4ed0cd6bce5d428a6addbANALYSIS DATE: 2023-02-15T22:03:41ZTTPS: T1012, T1120, T1082, T1053, T1060, T1112, T1222...
