Google provides rules to detect tens of cracked versions of Cobalt Strike
Researchers at Google Cloud identified 34 different hacked release versions of the Cobalt Strike tool in the wild. Cobalt Strike...
Cobalt Stike Beacon Detected – 104[.]233[.]224[.]78:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 146[.]70[.]115[.]16:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 82[.]157[.]136[.]219:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 91[.]240[.]118[.]209:9199
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 37[.]1[.]212[.]100:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 141[.]98[.]82[.]243:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
BugCrowd Bug Bounty Disclosure: – Impersonation via Broken Link Hijacking on https://sv.hellosign.com – By CoffeeAddict_exe
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – Panel access at https://news-push-88.op-mobile.opera.com/. – By rahul0x01
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Octocrypt, Alice, and AXLocker Ransomware, new threats in the wild
Experts from Cyble Research and Intelligence Labs (CRIL) discovered three new ransomware families: AXLocker, Octocrypt, and Alice Ransomware. Threat intelligence...
Daily Vulnerability Trends: Mon Nov 21 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-41622 No description provided CVE-2022-20867A vulnerability in web-based management interface of the...
BlackCat/ALPHV Ransomware Victim: Nok Air
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Malware Analysis – djvu – b8a3b7f9c04e2522b454963e5c7d67be
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: b8a3b7f9c04e2522b454963e5c7d67beSHA1:...
Malware Analysis – djvu – 8e637847078984ede008e53a549aaf59
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 8e637847078984ede008e53a549aaf59SHA1: 7dd746cfecce7b728918bd15d7d7eb3e2da70474ANALYSIS DATE: 2022-11-21T04:20:44ZTTPS: T1005, T1081, T1012, T1082,...
BugCrowd Bug Bounty Disclosure: – Impersonation via Broken Link Hijacking on https://sv.hellosign.com – By CoffeeAddict_exe
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
BugCrowd Bug Bounty Disclosure: – Panel access at https://news-push-88.op-mobile.opera.com/. – By rahul0x01
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Malware Analysis – buran – 3ea0ab42bcab5745ba3631f01c4d4cd3
Score: 10 MALWARE FAMILY: buranTAGS:family:buran, ransomwareMD5: 3ea0ab42bcab5745ba3631f01c4d4cd3SHA1: 9eb457ce8568fa4a4375cdebbf3b181976a99718ANALYSIS DATE: 2022-11-21T05:47:20ZTTPS: T1018, T1102, T1082, T1012, T1120 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – evasion – 14e5a91d1292a99bb872f4b31acd9646
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, upxMD5: 14e5a91d1292a99bb872f4b31acd9646SHA1: d2b91d461ab3e9bd0c70b49860d455f841673eccANALYSIS DATE: 2022-11-21T05:25:42ZTTPS: T1091, T1082, T1158, T1112, T1060, T1491 ScoreMeaningExample10Known badA...
Malware Analysis – djvu – e31c38e9f1ab45320a0053dd649ec8f9
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: e31c38e9f1ab45320a0053dd649ec8f9SHA1: 3047d3bf2654a5fb51a4438bb44dacab296e1d70ANALYSIS DATE: 2022-11-21T05:40:10ZTTPS: T1060, T1112, T1222, T1082, T1012, T1053 ScoreMeaningExample10Known badA...
Malware Analysis – djvu – c1ba21c6be66db5f18e143f95df50241
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: c1ba21c6be66db5f18e143f95df50241SHA1:...
Cobalt Stike Beacon Detected – 49[.]232[.]17[.]51:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – dcrat – d609d7888ebd66e4cb502ae75ca86885
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer,...
Malware Analysis – ransomware – 6ba66ac7b56c6f31417db0c1ca9fe6b1
Score: 5 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 6ba66ac7b56c6f31417db0c1ca9fe6b1SHA1: 8ccc065e083d78b3a6b8996a687235234c2cd07dANALYSIS DATE: 2022-11-20T20:54:35ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Cobalt Stike Beacon Detected – 143[.]198[.]42[.]84:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
