Corsair keyboard bug makes it type on its own, no malware involved
Corsair has confirmed that a bug in the firmware of K100 keyboards, and not malware, is behind previously entered text...
GodFather Android malware targets 400 banks, crypto exchanges
An Android banking malware named 'Godfather' has been targeting users in 16 countries, attempting to steal account credentials for over...
Ransomware gang uses new Microsoft Exchange exploit to breach servers
Play ransomware threat actors are using a new exploit chain that bypasses ProxyNotShell URL rewrite mitigations to gain remote code...
Malicious ‘SentinelOne’ PyPI package steals data from developers
Threat actors have published a malicious Python package on PyPI, named 'SentinelOne,' that pretends to be the legitimate SDK client...
Russians hacked JFK airport’s taxi dispatch system for profit
Two U.S. citizens were arrested for allegedly conspiring with Russian hackers to hack the John F. Kennedy International Airport (JFK)...
Raspberry Robin worm drops fake malware to confuse researchers
The Raspberry Robin malware is now trying its hand at some trickery by dropping a fake payload to confuse researchers...
Microsoft finds macOS bug that lets malware bypass security checks
Apple has fixed a vulnerability attackers could leverage to deploy malware on vulnerable macOS devices via untrusted applications capable of...
Hackers bombard PyPi platform with information-stealing malware
The PyPi python package repository is being bombarded by a wave of information-stealing malware hiding inside malicious packages uploaded to...
Zerobot malware now spreads by exploiting Apache vulnerabilities
The Zerobot botnet has been upgraded to infect new devices by exploiting security vulnerabilities affecting Internet-exposed and unpatched Apache servers. The...
Google Ad fraud campaign used adult content to make millions
A massive advertising fraud campaign using Google Ads and 'popunders' on adult sites is estimated to have generated millions of...
Cobalt Stike Beacon Detected – 81[.]70[.]11[.]25:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 77[.]73[.]131[.]193:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 193[.]47[.]61[.]29:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – evasion – 0ada88218b67a313a4f5ab0062fbc4e6
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, trojanMD5: 0ada88218b67a313a4f5ab0062fbc4e6SHA1: 15dfcef932d666fdc7501bcee357ec2aabfcfdeeANALYSIS DATE: 2022-12-21T22:21:20ZTTPS: T1004, T1112, T1107, T1490, T1082, T1088, T1089, T1491...
Cobalt Stike Beacon Detected – 110[.]41[.]131[.]105:5555
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 84[.]32[.]128[.]5:88
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 2b2f148a884ecb4e1d0e2e785d3906c0
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 2b2f148a884ecb4e1d0e2e785d3906c0SHA1: b01445b11ebadf9e8cc7f6d56aad2c262806bfe8ANALYSIS DATE: 2022-12-21T23:55:03ZTTPS: T1005, T1081, T1012, T1082, T1053, T1060,...
Malware Analysis – persistence – 54919e1bd37c6431b3b1b8b6d53aabfe
Score: 8 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 54919e1bd37c6431b3b1b8b6d53aabfeSHA1: c2327bab84fa0d55cc23ee5006c83f0a6dc53e4cANALYSIS DATE: 2022-12-21T22:31:04ZTTPS: T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – djvu – 3ca3558a8b09fb85c4ad02c9c23ccee0
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 3ca3558a8b09fb85c4ad02c9c23ccee0SHA1: c9646bc7543a3f42d471510d48324b806b07c6f6ANALYSIS DATE: 2022-12-21T22:34:34ZTTPS: T1012, T1005, T1081, T1222, T1053, T1082,...
Malware Analysis – persistence – 155717a88626227ad8d01c821dbf71ab
Score: 8 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, upxMD5: 155717a88626227ad8d01c821dbf71abSHA1: 4622f32d8c97d5a457f4e9ad58aa153acd8cbfacANALYSIS DATE: 2022-12-21T23:20:54ZTTPS: T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
IT giant Cisco is warning of threat actors exploiting many old vulnerabilities in attacks in the wild
IT giant Cisco is warning of threat actors exploiting many old vulnerabilities in attacks in the wild.Cisco has updated multiple...
Play ransomware attacks target Exchange servers with a new exploit that bypasses Microsofts ProxyNotShell mitigations
Play ransomware attacks target Exchange servers with a new exploit that bypasses Microsoft’s ProxyNotShell mitigations.Play ransomware operators target Exchange servers...
FBI warns of search engine ads pushing malware, phishing
The FBI warns that threat actors are using search engine advertisements to promote websites distributing ransomware or stealing login credentials...
VirusTotal cheat sheet makes it easy to search for specific results
VirusTotal has published a cheat sheet to help researchers create queries leading to more specific results from the malware intelligence...
