Probing Weaponized Chat Applications Abused in Supply-Chain Attacks
This report examines the infection chain and the pieces of malware used by malicious actors in supply-chain attacks that leveraged...
GoTrim botnet actively brute forces WordPress and OpenCart sites
Researchers discovered a new Go-based botnet, dubbed GoTrim, attempting to brute force WordPress websites. Fortinet FortiGuard Labs researchers spotted a...
December 2022 Patch Tuesday fixed 2 zero-day flaws
Microsoft released December 2022 Patch Tuesday security updates that fix 52 vulnerabilities across its products. Microsoft December 2022 Patch Tuesday security updates...
HackerOne Bug Bounty Disclosure: electron-cve-2022-35954-delimiter-injection-vulnerability-in-exportvariablebytheinternetofdefcon_
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by theinternetofdefcon_ theinternetofdefcon_ Report Electron CVE-2022-35954 Delimiter Injection Vulnerability in exportVariable...
Apple fixed the tenth actively exploited zero-day this year
Apple rolled out security updates to iOS, iPadOS, macOS, tvOS, and Safari to fix a new actively exploited zero-day (CVE-2022-42856)....
FarsightAD – PowerShell Script That Aim To Help Uncovering (Eventual) Persistence Mechanisms Deployed By A Threat Actor Following An Active Directory Domain Compromise
FarsightAD is a PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an...
Cobalt Stike Beacon Detected – 104[.]244[.]77[.]185:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 31[.]172[.]83[.]154:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 5[.]199[.]168[.]212:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 79[.]137[.]248[.]24:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 49[.]232[.]34[.]39:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]139[.]18[.]81:7777
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]94[.]40[.]43:7777
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 13[.]251[.]35[.]194:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 120[.]26[.]240[.]21:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 52[.]200[.]176[.]43:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 157[.]245[.]149[.]236:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 81[.]70[.]11[.]25:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]136[.]128[.]160:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 137[.]220[.]232[.]89:81
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – play – ae2f7584b3664e0dd9b2a29c93481a88
Score: 10 MALWARE FAMILY: playTAGS:family:play, ransomware, spyware, stealerMD5: ae2f7584b3664e0dd9b2a29c93481a88SHA1: 88b605c0a7e71233cc89270005febd5b949d1c74ANALYSIS DATE: 2022-12-14T09:15:38ZTTPS: T1005, T1081, T1012, T1120, T1082 ScoreMeaningExample10Known badA malware...
Malware Analysis – amadey – acd12a5642fae3385475b7b23558ce60
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:danabot, family:dcrat, family:djvu, family:raccoon, family:smokeloader, botnet:ec7a54fb6492ff3a52d09504b8ecf082, backdoor, banker, bootkit, collection, discovery, infostealer, persistence, ransomware, rat,...
Malware Analysis – amadey – 6cf78b93ea34e9eb07a574d238e9ed11
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:danabot, family:djvu, family:raccoon, family:redline, family:smokeloader, botnet:amddriveer999999, botnet:ec7a54fb6492ff3a52d09504b8ecf082, botnet:mario23_10, backdoor, banker, bootkit, collection, discovery, infostealer, persistence,...
Malware Analysis – – 9edf6b36ab6c5a0850c9cc84e3525c58
Score: 7 MALWARE FAMILY: TAGS:MD5: 9edf6b36ab6c5a0850c9cc84e3525c58SHA1: ac607604d20b8d83655851fd4edce975182c6839ANALYSIS DATE: 2022-12-14T10:01:59ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
