LockBit 3.0 Ransomware Victim: royallepage[.]ca
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
New Threat Actor WIP26 Targeting Telecom Service Providers in the Middle East
Telecommunication service providers in the Middle East are being targeted by a previously undocumented threat actor as part of a...
Researchers Warn of Critical Security Bugs in Schneider Electric Modicon PLCs
Security researchers have disclosed two new vulnerabilities affecting Schneider Electric Modicon programmable logic controllers (PLCs) that could allow for authentication...
Breaking the Security “Black Box” in DBs, Data Warehouses and Data Lakes
Security teams typically have great visibility over most areas, for example, the corporate network, endpoints, servers, and cloud infrastructure. They...
ESXiArgs Ransomware Hits Over 500 New Targets in European Countries
More than 500 hosts have been newly compromised en masse by the ESXiArgs ransomware strain, most of which are located...
Hackers Using Google Ads to Spread FatalRAT Malware Disguised as Popular Apps
Chinese-speaking individuals in Southeast and East Asia are the targets of a new rogue Google Ads campaign that delivers remote...
Researchers Link SideWinder Group to Dozens of Targeted Attacks in Multiple Countries
The prolific SideWinder group has been attributed as the nation-state actor behind attempted attacks against 61 entities in Afghanistan, Bhutan,...
Researchers Hijack Popular NPM Package with Millions of Downloads
A popular npm package with more than 3.5 million weekly downloads has been found vulnerable to an account takeover attack....
Critical RCE Vulnerability Discovered in ClamAV Open Source Antivirus Software
Cisco has rolled out security updates to address a critical flaw reported in the ClamAV open source antivirus engine that...
CISA: CISA Releases Fifteen Industrial Control Systems Advisories
CISA Releases Fifteen Industrial Control Systems Advisories CISA released fifteen (15) Industrial Control Systems (ICS) advisories on February 16, 2023....
Daily Vulnerability Trends: Thu Feb 16 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-23514 No description provided CVE-2023-23376Windows Common Log File System Driver Elevation of...
Malware Analysis – ransomware – b7718f4a9760791f4123329c0320de16
Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: b7718f4a9760791f4123329c0320de16SHA1: f7b2bf4ae4161186442dc841363d616e479b1d2dANALYSIS DATE: 2023-02-16T03:11:47ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – ransomware – 000fb3406dffe4e4933612e9f7259c52
Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 000fb3406dffe4e4933612e9f7259c52SHA1: c597b6898d40ea20a92a5c292d1400fa6434a9a9ANALYSIS DATE: 2023-02-16T03:30:01ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – 051d5874bdc197f10e9db0668ebfb12b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 051d5874bdc197f10e9db0668ebfb12bSHA1: c30a61aa11e42b444b59d842596d88004f337116ANALYSIS DATE: 2023-02-16T04:30:33ZTTPS: T1005, T1081, T1012, T1222,...
Malware Analysis – djvu – e5ae8001839ba54edbfec99076911622
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: e5ae8001839ba54edbfec99076911622SHA1: 6792e2ecffa213cbde0f36afa4d43594c93b3e09ANALYSIS DATE: 2023-02-16T04:20:29ZTTPS: T1082, T1012, T1005, T1081,...
Malware Analysis – djvu – 12abe389cca03fa67190601574816b5a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:gozi, family:smokeloader, botnet:1001, backdoor, banker, discovery, isfb, persistence, ransomware, trojan, vmprotectMD5: 12abe389cca03fa67190601574816b5aSHA1: 00bc25d24abb479426e04ee7222f22dbe5b19f69ANALYSIS DATE: 2023-02-16T03:37:13ZTTPS:...
Malware Analysis – djvu – 1b0cb243ac3ee82f10ab7cc4a02109b7
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:gozi, family:laplas, family:rhadamanthys, family:smokeloader, family:vidar, botnet:1001, botnet:19, backdoor, banker, clipper, collection, discovery, evasion, isfb, persistence,...
Malware Analysis – djvu – 6698f16c7ba19114051877c9d33eb69f
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 6698f16c7ba19114051877c9d33eb69fSHA1: 3a0ff9ad37b183f1b3d2d44638ef9ca35134ef1bANALYSIS DATE: 2023-02-16T05:41:12ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – djvu – d0c450199d3b304ae14673b5adebc79e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: d0c450199d3b304ae14673b5adebc79eSHA1: bb0048e76a4dbbba54c4979e3ac3ecd2c3540e8bANALYSIS DATE: 2023-02-16T05:30:45ZTTPS: T1012, T1082, T1060, T1112,...
Malware Analysis – evasion – 59d1e6cf42825dec6bc1f7ea27dd5901
Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 59d1e6cf42825dec6bc1f7ea27dd5901SHA1: 3949dfc0d598e87e1f51e0c4ead11058b6ed5993ANALYSIS DATE: 2023-02-16T05:14:25ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – djvu – b01a66a4ffdc6b95cd9c392a03ec43fa
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:gozi, family:rhadamanthys, family:smokeloader, botnet:1001, backdoor, banker, discovery, isfb, ransomware, spyware, stealer, trojan, vmprotectMD5: b01a66a4ffdc6b95cd9c392a03ec43faSHA1: ee76990db76f909aecf3692ff0586bdc1d3eec8cANALYSIS...
My Password Manager was Hacked! How to Prevent a Catastrophe
The LastPass security breach in late 2022 sent a shockwave through the security community. Password managers are typically seen as...
Emsisoft says hackers are spoofing its certs to breach networks
A hacker is using fake code-signing certificates impersonating cybersecurity firm Emsisoft to target customers using its security products, hoping to...
City of Oakland declares state of emergency after ransomware attack
Oakland has declared a local state of emergency because of the impact of a ransomware attack that forced the City...
