Cobalt Stike Beacon Detected – 124[.]70[.]100[.]184:4567
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – a484413e61615e2aac80d6a3908ee9ff
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, backdoor, bootkit, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: a484413e61615e2aac80d6a3908ee9ffSHA1: 84917aa2d1755f054255e916cec417160312e4e7ANALYSIS DATE: 2022-12-12T23:31:04ZTTPS: T1082,...
Malware Analysis – smokeloader – 146ed6fd74dddfb1127fdc5765cdcb55
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 146ed6fd74dddfb1127fdc5765cdcb55SHA1: 0ab6b06854da85d50dc8189d6d09aad3c1bdd073ANALYSIS DATE: 2022-12-12T23:04:51ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – cf386c67951a059789d0d70abed7d7c1
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: cf386c67951a059789d0d70abed7d7c1SHA1: 8a09e1116bd210b9cc678561795d9fbda2037d0dANALYSIS DATE: 2022-12-12T23:12:11ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – bcf9456781cec3d8c62b9e1706368496
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: bcf9456781cec3d8c62b9e1706368496SHA1: 3edab2399ea087470a161bea548346c92c139c37ANALYSIS DATE: 2022-12-12T23:31:17ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Linux Cryptocurrency Mining Attacks Enhanced via CHAOS RAT
We intercepted a cryptocurrency mining attack that incorporated an advanced remote access trojan (RAT) named the CHAOS Remote Administrative Tool....
US-CERT Bulletin (SB22-346):Vulnerability Summary for the Week of December 5, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
CISA: Fortinet Releases Security Updates for FortiOS
Fortinet Releases Security Updates for FortiOS Fortinet has released security updates to address a heap-based buffer overflow vulnerability (CVE-2022-42475) in...
Fortinet urges customers to fix actively exploited FortiOS SSL-VPN bug
Fortinet fixed an actively exploited FortiOS SSL-VPN flaw that could allow a remote, unauthenticated attacker to execute arbitrary code on devices....
LockBit 3.0 Ransomware Victim: tdtu[.]edu[.]vn
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: k-toko[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: financierareyes[.]com[.]mx
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: sentecgroup[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: veolus[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
LockBit 3.0 Ransomware Victim: luxeprint[.]com[.]tw
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: rkfoodland[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: dof[.]ca[.]gov
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Indian foreign ministry’s Global Pravasi Rishta portal leaks expat passport details
The Cybernews research team reported that India’s government platform Global Pravasi Rishta Portal was leaking sensitive user data. Original post...
HackerOne Bug Bounty Disclosure: cd=false-(dnssec)-not-respected-in-dns-over-https-json-requestsbymattipv4
Programme HackerOne Cloudflare Public Bug Bounty Cloudflare Public Bug Bounty Submitted by mattipv4 mattipv4 Report cd=false (DNSSEC) not respected in...
HackerOne Bug Bounty Disclosure: link-shortener-bypass-(regression-on-fix-for-#1032610)byjub0bs
Programme HackerOne Twitter Twitter Submitted by jub0bs jub0bs Report Link-shortener bypass (regression on fix for #1032610) Full Report A considerable...
Malware Analysis – djvu – a086c884d1dc2920e8a959fcb8457f93
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:1808, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: a086c884d1dc2920e8a959fcb8457f93SHA1: 8a3e9388794c8ba3fcfd43906ea7942673cf26b0ANALYSIS DATE:...
Malware Analysis – medusalocker – 8645a413332f840e925bac3cf19ceb57
Score: 10 MALWARE FAMILY: medusalockerTAGS:family:medusalocker, evasion, ransomware, spyware, stealer, trojanMD5: 8645a413332f840e925bac3cf19ceb57SHA1: 87ca0cd2e1c04c2437d302f2864d1e68ea991677ANALYSIS DATE: 2022-12-12T15:09:16ZTTPS: T1005, T1081, T1082, T1088, T1089, T1112,...
Malware Analysis – djvu – 117665adcf6258541591a576ef8f1bb0
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:1808, botnet:517, backdoor, bootkit, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 117665adcf6258541591a576ef8f1bb0SHA1: b479d82bd0b2bf6f207de043aa394a15437d84baANALYSIS...
Malware Analysis – djvu – d39f81d9c3234aef7cd5d6bd996686f3
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: d39f81d9c3234aef7cd5d6bd996686f3SHA1: a35001f1dcefbebe6087cd08132c141f12eed152ANALYSIS DATE: 2022-12-12T16:22:53ZTTPS: T1222, T1053, T1012, T1060,...
