Cobalt Stike Beacon Detected – 195[.]189[.]96[.]146:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 159[.]65[.]140[.]121:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 35[.]89[.]195[.]215:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 179[.]43[.]156[.]134:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – smokeloader – f77d72707555a26065e33dc12449fd6f
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: f77d72707555a26065e33dc12449fd6fSHA1: a5ad0c808420aea73737299ba482797959835541ANALYSIS DATE: 2023-02-22T11:15:07ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – octo – 71d5c5dc3b8c5ded7b005155b84e3b16
Score: 10 MALWARE FAMILY: octoTAGS:family:octo, banker, evasion, infostealer, ransomware, rat, trojanMD5: 71d5c5dc3b8c5ded7b005155b84e3b16SHA1: a5c267fd84f0594279a0cc4f1c609a61120a5fdbANALYSIS DATE: 2023-02-22T11:10:11ZTTPS: ScoreMeaningExample10Known badA malware family was...
Malware Analysis – smokeloader – 145466b3234adf3b9745ea36d0531ec0
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 145466b3234adf3b9745ea36d0531ec0SHA1: 01a065a2cc04eb82f484e43f34cab6e921178559ANALYSIS DATE: 2023-02-22T11:11:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – harly – b40f641da0c05fe97e558341d59236e2
Score: 10 MALWARE FAMILY: harlyTAGS:family:harly, infostealer, ransomware, trojanMD5: b40f641da0c05fe97e558341d59236e2SHA1: 65632a662c5478555cede3301ac46f55d33d7ac5ANALYSIS DATE: 2023-02-22T11:34:48ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Dell Multifunction Printer E525w Driver and Software Suite privilege escalation | CVE-2023-24575
NAME__________Dell Multifunction Printer E525w Driver and Software Suite privilege escalationPlatforms Affected:Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION__________Dell Multifunction Printer E525w Driver and Software...
TP-Link Archer C50 denial of service | CVE-2023-0936
NAME__________TP-Link Archer C50 denial of servicePlatforms Affected:Risk Level:4.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________TP-Link Archer C50 is vulnerable to a denial of service,...
Sourcecodester Music Gallery Site SQL injection | CVE-2023-0938
NAME__________Sourcecodester Music Gallery Site SQL injectionPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Sourcecodester Music Gallery Site is vulnerable to SQL injection. A remote...
Visioglobe Visioweb cross-site scripting | CVE-2022-3901
NAME__________Visioglobe Visioweb cross-site scriptingPlatforms Affected:Visioglobe Visioweb 1.10.6Risk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Visioglobe Visioweb is vulnerable to cross-site scripting, caused by improper validation...
IBM InfoSphere Information Server cross-site scripting | CVE-2023-25928
NAME__________IBM InfoSphere Information Server cross-site scriptingPlatforms Affected:IBM InfoSphere Information Server 11.7Risk Level:4.6Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________IBM InfoSphere Information Server 11.7 is vulnerable...
DolphinPHP command execution | CVE-2023-0935
NAME__________DolphinPHP command executionPlatforms Affected:Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________DolphinPHP could allow a remote authenticated attacker to execute arbitrary commands on the system,...
Apollo security bypass | CVE-2023-25570
NAME__________Apollo security bypassPlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Apollo could allow a remote attacker to bypass security restrictions, caused by improper authentication...
Apollo cross-site request forgery | CVE-2023-25569
NAME__________Apollo cross-site request forgeryPlatforms Affected:Risk Level:5.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apollo is vulnerable to cross-site request forgery, caused by improper validation of user-supplied...
Siemens SiPass integrated AC5102, ACC-G2 and ACC-AP devices privilege escalation | CVE-2022-31808
NAME__________Siemens SiPass integrated AC5102, ACC-G2 and ACC-AP devices privilege escalationPlatforms Affected:Siemens SiPass integrated AC5100 Siemens SiPass integrated AC5102 Siemens SiPass...
Notary Project notation-go denial of service | CVE-2023-25656
NAME__________Notary Project notation-go denial of servicePlatforms Affected:Notary Project notation-go 0.9.0-alpha.1Risk Level:6.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Notary Project notation-go is vulnerable to a...
ARRIS TG2482A, ARRIS TG2492, and ARRIS SBG10 code execution | CVE-2022-45701
NAME__________ARRIS TG2482A, ARRIS TG2492, and ARRIS SBG10 code executionPlatforms Affected:Risk Level:4.7Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________ARRIS TG2482A, ARRIS TG2492, and ARRIS...
LockBit 3.0 Ransomware Victim: lyonhealy[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Daily Vulnerability Trends: Wed Feb 22 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-0544An integer underflow in the DDS loader of Blender leads to an...
LockBit 3.0 Ransomware Victim: treves-group[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Malware Analysis – quantum – 78f011f6196ab070e05e7e363a0c02f1
Score: 10 MALWARE FAMILY: quantumTAGS:family:quantum, ransomwareMD5: 78f011f6196ab070e05e7e363a0c02f1SHA1: 8d31d3e523d1e11631d05f01c410340cef780bfcANALYSIS DATE: 2023-02-22T03:33:29ZTTPS: T1158 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – ransomware – 5a9a8e900606307943a468a8868bcf7d
Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 5a9a8e900606307943a468a8868bcf7dSHA1: 2fe997248fbc19d2157de62b88ade74ac8768442ANALYSIS DATE: 2023-02-22T03:00:36ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
