New ‘HinataBot’ botnet could launch massive 3.3 Tbps DDoS attacks
A new malware botnet was discovered targeting Realtek SDK, Huawei routers, and Hadoop YARN servers to recruit devices into DDoS...
FindUncommonShares – A Python Equivalent Of PowerView’s Invoke-ShareFinder.ps1 Allowing To Quickly Find Uncommon Shares In Vast Windows Domains
The script FindUncommonShares.py is a Python equivalent of PowerView's Invoke-ShareFinder.ps1 allowing to quickly find uncommon shares in vast Windows...
Ator – Authentication Token Obtain and Replace Extender
The plugin is created to help automated scanning using Burp in the following scenarios: Access/Refresh token Token replacement in XML,JSON...
Malware Analysis – smokeloader – 8339a07c7c59540a7a18bd08ceaaf697
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 8339a07c7c59540a7a18bd08ceaaf697SHA1: 3f7a7604b7e0fee6f9394fde0f04d7a71ba900ddANALYSIS DATE: 2023-03-19T15:59:05ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – amadey – bc1542af70b8f11f4e5b26d40055ddca
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, botnet:pub1, backdoor, discovery, ransomware, trojanMD5: bc1542af70b8f11f4e5b26d40055ddcaSHA1: 26a25e1ebadc473a88edc3952322656af609d5aeANALYSIS DATE: 2023-03-19T16:32:45ZTTPS: T1012, T1120, T1082, T1222...
Malware Analysis – djvu – 1286bece590bfcc785000c42c0306e51
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 1286bece590bfcc785000c42c0306e51SHA1: 7b6ec7d4f5137e2f938f2dd4d8f4e6172f4a4681ANALYSIS DATE: 2023-03-19T16:58:17ZTTPS: T1082, T1005, T1081, T1012,...
Malware Analysis – smokeloader – 14b57dd8abab813ac4a2bdcab8665756
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 14b57dd8abab813ac4a2bdcab8665756SHA1: b6453b508896184de43582e1078c274f5c0d196aANALYSIS DATE: 2023-03-19T17:28:51ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 1598f2e9280699a04f40a21ec802e931
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 1598f2e9280699a04f40a21ec802e931SHA1: ceeb855a0a1384220c040114fe6e689ed8680c81ANALYSIS DATE: 2023-03-19T17:21:49ZTTPS: T1082, T1012, T1222, T1060,...
Malware Analysis – – 1c38d65b19c09302e0b4809921d75ac8
Score: 3 MALWARE FAMILY: TAGS:MD5: 1c38d65b19c09302e0b4809921d75ac8SHA1: 21e42a4fce074490449e3cabb92eb1f067c1ecf8ANALYSIS DATE: 2023-03-19T17:35:45ZTTPS: T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – smokeloader – 8b5a7c5ca690cc7b668080527ec8ffd1
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 8b5a7c5ca690cc7b668080527ec8ffd1SHA1: a781829b80c1297cd59bbd663c11699f2babd2bfANALYSIS DATE: 2023-03-19T17:29:24ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 9dbe786814db6633aee66dc133bd1e71
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 9dbe786814db6633aee66dc133bd1e71SHA1: db2b09159ae6ff57dd7efae3de0fdd382c3cbed5ANALYSIS DATE: 2023-03-19T17:43:44ZTTPS: T1053, T1005, T1081, T1012,...
Malware Analysis – smokeloader – ff93772b788657f2f6f9f6f8077e1cdf
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: ff93772b788657f2f6f9f6f8077e1cdfSHA1: cf5102f1c64357d65cfb141cc3718ef3aa17a7a8ANALYSIS DATE: 2023-03-19T17:41:19ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 54b1e35070ee198984153b0bf2f2bea9
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, discovery, persistence, ransomware, spyware, stealerMD5: 54b1e35070ee198984153b0bf2f2bea9SHA1: 1a2cecd44275a0d0e8bdd66bf4d57d1ac4c05f00ANALYSIS DATE: 2023-03-19T17:39:51ZTTPS: T1005, T1081, T1053, T1012,...
Malware Analysis – – 11909c94a6185e0da416f0ba77601fa9
Score: 1 MALWARE FAMILY: TAGS:MD5: 11909c94a6185e0da416f0ba77601fa9SHA1: 775f334eb52afdff27ddbafd388373d12f2b0dd4ANALYSIS DATE: 2023-03-19T17:49:26ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – smokeloader – 458ea61b5eb9053e3c99e0370030fece
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 458ea61b5eb9053e3c99e0370030feceSHA1: c241bf248b0550a120dd95d69d6ea78e101005a3ANALYSIS DATE: 2023-03-19T18:06:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – e2d2f8d3ce4b85cfa4fe4ed1558210ea
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: e2d2f8d3ce4b85cfa4fe4ed1558210eaSHA1: 38ce578e3f7bf9e44cd1d39f0428bfb0661c6516ANALYSIS DATE: 2023-03-19T18:41:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – amadey – 27099a586ea99f4528e4dd0368c03831
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:pseudomanuscrypt, family:raccoon, family:redline, family:rhadamanthys, family:smokeloader, family:vidar, botnet:d6ef050131e7d5a1d595c51613328971, botnet:fronx2, botnet:pub1, botnet:sprg, backdoor, discovery, infostealer, loader,...
Malware Analysis – smokeloader – 6f0856acdb73e5cb8354d1e650024cb9
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 6f0856acdb73e5cb8354d1e650024cb9SHA1: eed7faee4b46992a02c1dbd9152df1813ed82de4ANALYSIS DATE: 2023-03-19T18:12:18ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
HackerOne Bug Bounty Disclosure: regular-expression-denial-of-service-in-headersbysno2
Programme HackerOne Node.js Node.js Submitted by sno2 sno2 Report Regular Expression Denial of Service in Headers Full Report A...
HackerOne Bug Bounty Disclosure: permissions-policies-can-be-bypassed-via-process-mainmodulebygoums
Programme HackerOne Node.js Node.js Submitted by goums goums Report Permissions policies can be bypassed via process.mainModule Full Report A...
HackerOne Bug Bounty Disclosure: insecure-loading-of-icu-data-through-icu_data-environment-variablebybnoordhuis
Programme HackerOne Node.js Node.js Submitted by bnoordhuis bnoordhuis Report Insecure loading of ICU data through ICU_DATA environment variable Full Report...
LockBit 3.0 Ransomware Victim: spoormaker[.]co[.]za
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
silverstripe/graphql denial of service | CVE-2023-28104
NAME__________silverstripe/graphql denial of servicePlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________silverstripe/graphql is vulnerable to a denial of service, caused by a flaw...
Contec CONPROSYS IoT Gateway products information disclosure | CVE-2023-23575
NAME__________Contec CONPROSYS IoT Gateway products information disclosurePlatforms Affected:Contec M2M Gateway 3.7.10 Contec M2M Controller Integrated Type 3.7.6 Contec M2M Controller...
