Cobalt Stike Beacon Detected – 103[.]43[.]18[.]90:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – ef7834fb0c42f4ee862e531bf570227b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: ef7834fb0c42f4ee862e531bf570227bSHA1: 761538aa9bed93f4bb3252c04d6856904d93811fANALYSIS DATE:...
Malware Analysis – discovery – 199cad31ad21ac6a8edb62035892669a
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, ransomwareMD5: 199cad31ad21ac6a8edb62035892669aSHA1: abc8509b631cdd4063f4bb22213ad9961043cfd6ANALYSIS DATE: 2022-11-04T09:59:30ZTTPS: T1082, T1057, T1012 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – djvu – 46caeb9b470ef973d88cace1fae23f25
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:slovarik1btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: 46caeb9b470ef973d88cace1fae23f25SHA1: 3d8c919f658bdcb22e96bc55852db4dd565fce2aANALYSIS DATE:...
Malware Analysis – djvu – ac975fb5af0a817d64a23d721b525548
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: ac975fb5af0a817d64a23d721b525548SHA1: 45c53870a65c9fb494ab5e522a9a52124f0c60b6ANALYSIS DATE: 2022-11-04T10:31:04ZTTPS: T1130, T1112, T1060, T1222, T1082, T1053 ScoreMeaningExample10Known badA...
Malware Analysis – djvu – 2edfe3bc031c5cc9cc5bdf18aa7c3a02
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 2edfe3bc031c5cc9cc5bdf18aa7c3a02SHA1: b557b50822a2d788b410ead1e005197a0a4130d7ANALYSIS DATE: 2022-11-04T10:56:05ZTTPS: T1005, T1081, T1222, T1082, T1012, T1060,...
Malware Analysis – smokeloader – 8c5802d28df242578c2b1bf06fb05816
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 8c5802d28df242578c2b1bf06fb05816SHA1: 4f851c4b86f65c1198512865742eac529f7c7284ANALYSIS DATE: 2022-11-04T11:34:29ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
The 10th edition of the ENISA Threat Landscape (ETL) report is out!
I’m proud to announce the release of the 10th edition of the ENISA Threat Landscape (ETL) on the state of...
Cisco Identity Services Engine security bypass | CVE-2022-20956
NAME Cisco Identity Services Engine security bypass Platforms Affected:Cisco Identity Services EngineRisk Level:8.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Cisco Identity Services Engine could...
Canteen Management System SQL injection | CVE-2022-43232
NAME Canteen Management System SQL injection Platforms Affected:Risk Level:7.2Exploitability:HighConsequences:Data Manipulation DESCRIPTION Canteen Management System is vulnerable to SQL injection. A...
Cisco BroadWorks CommPilot Application Software code execution | CVE-2022-20958
NAME Cisco BroadWorks CommPilot Application Software code execution Platforms Affected:Cisco BroadWorks CommPilot Application SoftwareRisk Level:8.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Cisco BroadWorks CommPilot...
Cisco Identity Services Engine cross-site request forgery | CVE-2022-20961
NAME Cisco Identity Services Engine cross-site request forgery Platforms Affected:Cisco Identity Services Engine 2.2 Cisco Identity Services Engine 2.6 Patch...
Daily Vulnerability Trends: Fri Nov 04 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2202-3602 No description provided CVE-2022-31692Spring Security, versions 5.7 prior to 5.7.5 and...
Cisco addressed several high-severity flaws in its products
Cisco addressed multiple flaws impacting its products, including high-severity issues in identity, email, and web security solutions. Cisco addressed multiple...
LockBit 3.0 Ransomware Victim: cacula[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: kingteam[.]com[.]tw
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: santimuni[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: hettichbenelux[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Malware Analysis – djvu – c8974837ee9e62f78817492ef2cc71ff
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: c8974837ee9e62f78817492ef2cc71ffSHA1: 7e580765dd04d1c42c33611d39bd2682f0e5aa29ANALYSIS DATE:...
Malware Analysis – djvu – a8cf6c4ce9bae2e0433a9d6f5a9090b0
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:mario23_10, botnet:slovarik1btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5: a8cf6c4ce9bae2e0433a9d6f5a9090b0SHA1: 2b33cde4309e82bb278132dfddbf90319b2c9139ANALYSIS...
Malware Analysis – wannacry – 328ec0632c2a5318d3c189eceab6b488
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: 328ec0632c2a5318d3c189eceab6b488SHA1: bbd958285c9744c460f7da1ccda942c47d245cc6ANALYSIS DATE: 2022-11-04T03:00:34ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – – 045f8512e0b82b10dcd510492ae75a02
Score: 1 MALWARE FAMILY: TAGS:MD5: 045f8512e0b82b10dcd510492ae75a02SHA1: db7936f5f9e2f75634f5b39597bd68e1dc2d9618ANALYSIS DATE: 2022-11-04T03:18:03ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
BugCrowd Bug Bounty Disclosure: – Several internal applications have open CORS, allowing external folks to access the content – By bigBugGuy
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Malware Analysis – djvu – 52f22a333f60f4af27239ae51eb9d3d7
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 52f22a333f60f4af27239ae51eb9d3d7SHA1: 3bc9e4286878a61737763f260e5eefec96f1f20bANALYSIS DATE: 2022-11-04T05:51:22ZTTPS: T1012, T1082, T1053, T1005, T1081, T1060,...
