Cobalt Stike Beacon Detected – 8[.]141[.]161[.]11:5555
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 194[.]180[.]48[.]249:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Critical Ping bug potentially allows remote hack of FreeBSD systems
A critical stack-based buffer overflow bug, tracked as CVE-2022-23093, in the ping service can allow to take over FreeBSD systems. The maintainers...
Veritas NetBackup Flex Scale and Access Appliance privilege escalation | CVE-2022-46410
NAME Veritas NetBackup Flex Scale and Access Appliance privilege escalation Platforms Affected:Veritas Access Appliance 8.0.100 Veritas NetBackup Flex Scale 3.0Risk...
Google Chrome code execution | CVE-2022-4262
NAME Google Chrome code execution Platforms Affected:Google Chrome 108.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote attacker to...
Node.js snyk module code execution | CVE-2022-24441
NAME Node.js snyk module code execution Platforms Affected:Node.js snyk 1.1063.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js snyk module could allow a remote...
Veritas NetBackup Flex Scale and Access Appliance command execution | CVE-2022-46413
NAME Veritas NetBackup Flex Scale and Access Appliance command execution Platforms Affected:Veritas Access Appliance 8.0.100 Veritas NetBackup Flex Scale 3.0Risk...
Veritas NetBackup Flex Scale and Access Appliance privilege escalation | CVE-2022-46412
NAME Veritas NetBackup Flex Scale and Access Appliance privilege escalation Platforms Affected:Veritas Access Appliance 8.0.100 Veritas NetBackup Flex Scale 3.0Risk...
Apache Tapestry code execution | CVE-2022-46366
NAME Apache Tapestry code execution Platforms Affected:Apache Tapestry 3.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apache Tapestry could allow a remote attacker to...
Daily Vulnerability Trends: Mon Dec 05 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-3786A buffer overrun can be triggered in X.509 certificate verification, specifically in...
Lazarus APT uses fake cryptocurrency apps to spread AppleJeus Malware
The North Korea-linked Lazarus APT spreads fake cryptocurrency apps under the fake brand BloxHolder to install the AppleJeus malware. Volexity...
Cobalt Stike Beacon Detected – 43[.]139[.]69[.]104:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]138[.]127[.]159:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Law enforcement agencies can extract data from thousands of cars’ infotainment systems
Law enforcement agencies can extract data from the infotainment systems of thousands of different car models. Data managed by infotainment...
Malware Analysis – djvu – 7735257079f68c14085172a039be19c1
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 7735257079f68c14085172a039be19c1SHA1: d309f77684d82dd81896f46a41ebe9882352e459ANALYSIS DATE: 2022-12-04T15:47:11ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – dcrat – 9f698fc266aff6e94205f920a615106f
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojanMD5: 9f698fc266aff6e94205f920a615106fSHA1:...
Malware Analysis – wannacry – 84505f29fde00a6200617e8485d21bd7
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, ransomware, wormMD5: 84505f29fde00a6200617e8485d21bd7SHA1: b57d66060afb3b7b0d69901ce3f4c174e7beadb6ANALYSIS DATE: 2022-12-04T15:52:49ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – smokeloader – 60130c36350c6b3d646ec4f3b83c12e2
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 60130c36350c6b3d646ec4f3b83c12e2SHA1: 6e22ee16e8e6bed7f75cfee657352650edcccbd8ANALYSIS DATE: 2022-12-04T17:14:38ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – a1216bce2dcf7c35dfe1ab2119579211
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, stealerMD5: a1216bce2dcf7c35dfe1ab2119579211SHA1: 00805f940cb220ab8045059236b11fb53fc5f3cdANALYSIS DATE: 2022-12-04T17:27:46ZTTPS: T1222, T1012, T1082, T1053, T1060,...
Malware Analysis – smokeloader – cce955acd6c57914fac564a5421b6f43
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: cce955acd6c57914fac564a5421b6f43SHA1: 80847cd8e71b5e63679fee62cd0d8bd75e56d034ANALYSIS DATE: 2022-12-04T16:20:15ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – venus – 07f5fbcb96179acffab2638392d08fb8
Score: 10 MALWARE FAMILY: venusTAGS:family:venus, evasion, persistence, ransomwareMD5: 07f5fbcb96179acffab2638392d08fb8SHA1: 22d84ca8e620ef5fc0027b3e06876d1a04d10406ANALYSIS DATE: 2022-12-04T15:56:17ZTTPS: T1060, T1112, T1012, T1120, T1082, T1018, T1031 ScoreMeaningExample10Known...
US DHS Cyber Safety Board will review Lapsus$ gang’s operations
US DHS Cyber Safety Review Board will review attacks linked to the Lapsus$ extortion gang that hit multiple high-profile companies....
Neton – Tool For Getting Information From Internet Connected Sandboxes
Neton is a tool for getting information from Internet connected sandboxes. It is composed by an agent and a web...
Malware Analysis – ransomware – 1c6e7fbaddc1a16bccd1a252105f07bf
Score: 5 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 1c6e7fbaddc1a16bccd1a252105f07bfSHA1: 4409f9b401979a61850b9d37129476f00189902bANALYSIS DATE: 2022-12-02T01:47:09ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
