Cobalt Stike Beacon Detected – 190[.]97[.]165[.]108:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 185[.]143[.]223[.]120:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 39[.]105[.]188[.]90:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]15[.]42[.]124:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 49558407bdf3851df97837959cca2910
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 49558407bdf3851df97837959cca2910SHA1: a9d42dbebf8d9ec47a444a13c584e8a0522cda88ANALYSIS DATE: 2023-03-04T11:35:41ZTTPS: T1060, T1112, T1053, T1005, T1081,...
Malware Analysis – djvu – b22d97534fde7cb0f61db19f58bf102a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: b22d97534fde7cb0f61db19f58bf102aSHA1: 951dfcaf058103e7a52bc5fca8ce5ca90d3486e2ANALYSIS DATE: 2023-03-04T09:20:26ZTTPS: T1082, T1012, T1053, T1005, T1081,...
Malware Analysis – djvu – 7be020f413f79d3c0b3e2edcef1b313b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 7be020f413f79d3c0b3e2edcef1b313bSHA1: e6441c81e947d6b59579b682ffb69ef4f9a366ecANALYSIS DATE: 2023-03-04T09:23:28ZTTPS: T1012, T1082, T1005, T1081, T1053,...
Malware Analysis – djvu – 043573153944d15959d309d7267d20af
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 043573153944d15959d309d7267d20afSHA1: 3ede425e4aef20a82f7365db2ea4f8b3bafbf67dANALYSIS DATE: 2023-03-04T11:39:03ZTTPS: T1012, T1082, T1222, T1005, T1081,...
Cobalt Stike Beacon Detected – 123[.]249[.]101[.]92:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 5[.]9[.]224[.]208:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 120[.]79[.]70[.]83:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 20[.]189[.]26[.]53:8406
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
XWiki Platform information disclosure | CVE-2023-26473
NAME__________XWiki Platform information disclosurePlatforms Affected:Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________XWiki Platform could allow a remote authenticated attacker to obtain sensitive information, caused...
Huawei FLMG-10 buffer overflow | CVE-2022-48330
NAME__________Huawei FLMG-10 buffer overflowPlatforms Affected:Huawei FLMG-10 10.0.1.0(H100SP22C00)Risk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Huawei Sound Box Product FLMG-10 is vulnerable to a buffer overflow,...
XWiki Platform security bypass | CVE-2023-26478
NAME__________XWiki Platform security bypassPlatforms Affected:Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________XWiki Platform could allow a remote authenticated attacker to bypass security restrictions, caused...
XWiki Platform denial of service | CVE-2023-26470
NAME__________XWiki Platform denial of servicePlatforms Affected:Risk Level:5.7Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________XWiki Platform is vulnerable to a denial of service, caused by...
phpseclib denial of service | CVE-2023-27560
NAME__________phpseclib denial of servicePlatforms Affected:Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________phpseclib is vulnerable to a denial of service, caused by an infinite...
SonicWall SonicOS SSLVPN security bypass | CVE-2023-1101
NAME__________SonicWall SonicOS SSLVPN security bypassPlatforms Affected:Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________SonicWall SonicOS SSLVPN could allow a remote authenticated attacker to bypass security...
Trusted Computing Group Trusted Platform Module information disclosure | US-CERT VU#782720
NAME__________Trusted Computing Group Trusted Platform Module information disclosurePlatforms Affected:Trusted Computing Group (TCG) Trusted Platform Module (TPM) 2.0Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Trusted...
XWiki Platform security bypass | CVE-2023-26056
NAME__________XWiki Platform security bypassPlatforms Affected:Risk Level:5.4Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________XWiki Platform could allow a remote authenticated attacker to bypass security restrictions, caused...
SonicWall SonicOS denial of service | CVE-2023-0656
NAME__________SonicWall SonicOS denial of servicePlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________SonicWall SonicOS is vulnerable to a denial of service, caused by...
XWiki Platform denial of service | CVE-2023-26479
NAME__________XWiki Platform denial of servicePlatforms Affected:Risk Level:6.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________XWiki Platform is vulnerable to a denial of service, caused by...
Cisco IP Phone 6800, 7800, and 8800 Series denial of service | CVE-2023-20079
NAME__________Cisco IP Phone 6800, 7800, and 8800 Series denial of servicePlatforms Affected:Cisco IP Phone 6800 Series Cisco IP Phone 7800...
XWiki Platform information disclosure | CVE-2023-26476
NAME__________XWiki Platform information disclosurePlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________XWiki Platform could allow a remote attacker to obtain sensitive information, caused by...
