Cobalt Stike Beacon Detected – 191[.]101[.]78[.]79:8090
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]71[.]84[.]65:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 104[.]238[.]159[.]118:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]76[.]97[.]48:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Royal Ransomware Victim: Zehnders of Frankenmuth
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Cobalt Stike Beacon Detected – 107[.]189[.]12[.]60:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 123[.]57[.]131[.]96:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 120[.]26[.]240[.]21:55443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 8[.]134[.]56[.]231:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 179[.]60[.]150[.]99:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 198[.]98[.]55[.]58:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 119[.]3[.]194[.]221:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 139[.]196[.]234[.]164:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Diving into an Old Exploit Chain and Discovering 3 new SIP-Bypass Vulnerabilities
More than two years ago, a researcher, A2nkF demonstrated the exploit chain from root privilege escalation to SIP-Bypass up to...
Raspberry Robin Malware Targets Telecom, Governments
We found samples of the Raspberry Robin malware spreading in telecommunications and government office systems beginning September. The main payload...
Web3 IPFS Only Used for Phishing – So Far
We discuss the use of the InterPlanetary File System (IPFS) in phishing attacks. If you like the site, please consider...
Daily Vulnerability Trends: Tue Dec 20 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-45141 No description provided CVE-2022-37966Windows Kerberos RC4-HMAC Elevation of Privilege Vulnerability.CVE-2022-46908SQLite through...
US-CERT Bulletin (SB22-353):Vulnerability Summary for the Week of December 12, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Microsoft announced that a botnet dubbed MCCrash is launching distributed denial-of-service (DDoS) attacks against private Minecraft servers.
Microsoft announced that a botnet dubbed MCCrash is launching distributed denial-of-service (DDoS) attacks against private Minecraft servers. Microsoft spotted a...
Cuba Ransomware Victim: Sae-a
Cuba Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
HackerOne Bug Bounty Disclosure: missing-length-validation-of-user-displayname-allows-to-generate-an-sql-errorbyerrorx404
Programme HackerOne Nextcloud Nextcloud Submitted by errorx404 errorx404 Report Missing length validation of user displayname allows to generate an SQL...
Malware Analysis – djvu – daf392649efbbfda72d564e792a21679
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: daf392649efbbfda72d564e792a21679SHA1: a8e8d94c5887ef837c812a51e528d3244493d98cANALYSIS DATE: 2022-12-20T16:49:37ZTTPS: T1222, T1082, T1005, T1081, T1012, T1060,...
Malware Analysis – djvu – 98f766d73ebce6d6f50e096bf91de915
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 98f766d73ebce6d6f50e096bf91de915SHA1: 66995579b886ad37ca5b6a60251f40c756177dcaANALYSIS DATE: 2022-12-20T16:15:06ZTTPS: T1060, T1112, T1082, T1053, T1012, T1222,...
Malware Analysis – play – 57bcb8cfad510109f7ddedf045e86a70
Score: 10 MALWARE FAMILY: playTAGS:family:play, ransomware, spyware, stealerMD5: 57bcb8cfad510109f7ddedf045e86a70SHA1: e6c381859f53d0c0db9fcd30fa601ecb935b93e0ANALYSIS DATE: 2022-12-20T15:47:27ZTTPS: T1005, T1081, T1012, T1120, T1082 ScoreMeaningExample10Known badA malware...
