Cobalt Stike Beacon Detected – 8[.]129[.]79[.]245:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 118[.]26[.]39[.]71:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 194[.]165[.]16[.]63:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – xorist – 5d46d851558adab2374ec9206f0b621b
Score: 10 MALWARE FAMILY: xoristTAGS:family:xorist, persistence, ransomware, spyware, stealer, upxMD5: 5d46d851558adab2374ec9206f0b621bSHA1: 07b39753ba49f541654ae3b04b1ced70accafdb1ANALYSIS DATE: 2022-10-28T08:20:10ZTTPS: T1060, T1112, T1005, T1081 ScoreMeaningExample10Known badA...
Malware Analysis – djvu – 8d37180cd9df7790e84bde3b55763ba9
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, family:vidar, botnet:1752, botnet:google2, botnet:mario23_10, botnet:slovarik15btc, backdoor, collection, discovery, infostealer, ransomware, spyware, stealer, trojan,...
Malware Analysis – smokeloader – 55cc2eba27a491218b7d57649241f550
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 55cc2eba27a491218b7d57649241f550SHA1: 2d60cd3f6f1f987414a5de5d28e84036657a4559ANALYSIS DATE: 2022-10-28T09:01:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – c3ac1f6d135647b204eb350e5529d6b6
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: c3ac1f6d135647b204eb350e5529d6b6SHA1: 1f3705b9c284616e13129798475c9e8598cdda18ANALYSIS DATE: 2022-10-28T08:16:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – persistence – 1afd68147ac485753917930116210a40
Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 1afd68147ac485753917930116210a40SHA1: 8c8deec48a8a7c3d4e5af8e26e8b3d09decad08bANALYSIS DATE: 2022-10-28T10:31:11ZTTPS: T1130, T1112, T1012, T1120, T1082, T1060 ScoreMeaningExample10Known badA malware family...
Malware Analysis – ransomware – 4c23c3e90104c74108cc92fb71b40e47
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 4c23c3e90104c74108cc92fb71b40e47SHA1: c594dbf47e29032a258e0bb64cbc2ce90e47f9d5ANALYSIS DATE: 2022-10-28T10:40:25ZTTPS: T1005, T1081, T1082, T1107, T1490, T1091 ScoreMeaningExample10Known badA malware...
Malware Analysis – djvu – 979b84f1ab146e6472e5c18346e46089
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, family:vidar, botnet:1752, botnet:517, botnet:google2, botnet:mario23_10, botnet:slovarik15btc, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware,...
Malware Analysis – ransomware – 05642d4d7f7c155d1fdf6607f78fe4f1
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 05642d4d7f7c155d1fdf6607f78fe4f1SHA1: 291a0a11a12c7a329a8ed36f6e6e99e49331b0d5ANALYSIS DATE: 2022-10-28T10:40:20ZTTPS: T1005, T1081, T1082, T1107, T1490, T1091 ScoreMeaningExample10Known badA malware...
Apple backports fixes for CVE-2022-42827 zero-day to older iPhones, iPads
Apple released updates to backport the recently released security patches for CVE-2022-42827 zero-day to older iPhones and iPads. Apple has...
Qualcomm Snapdragon products code execution | CVE-2022-33214
NAME Qualcomm Snapdragon products code execution Platforms Affected:Qualcomm Snapdragon Mobile Qualcomm Snapdragon Auto Qualcomm Snapdragon Compute Qualcomm Snapdragon Consumer IOT...
Zoom Client for Meetings open redirect | CVE-2022-28763
NAME Zoom Client for Meetings open redirect Platforms Affected:Zoom Zoom Client for Meetings 5.12Risk Level:8.8Exploitability:UnprovenConsequences:Other DESCRIPTION Zoom Client for Meetings...
Apple iOS and iPadOS code execution | CVE-2022-42808
NAME Apple iOS and iPadOS code execution Platforms Affected:Apple iPadOS 15.6 Apple iOS 16Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apple iOS and...
Apple macOS Ventura code execution | CVE-2022-32934
NAME Apple macOS Ventura code execution Platforms Affected:Apple macOS VenturaRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apple macOS Ventura could allow a remote...
Apple macOS Ventura code execution | CVE-2022-32888
NAME Apple macOS Ventura code execution Platforms Affected:Apple macOS VenturaRisk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apple macOS Ventura could allow a remote...
Apple Safari code execution | CVE-2022-42823
NAME Apple Safari code execution Platforms Affected:Apple Safari 16.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apple Safari could allow a remote attacker to...
New York Post hacked? No, the culprit is an employee
Threat actors hacked the website and Twitter account of the New York Post and published offensive messages against US politicians....
Daily Vulnerability Trends: Fri Oct 28 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-39144XStream is a simple library to serialize objects to XML and back...
Malware Analysis – persistence – f0979d897155f51fd96a63c61e05d85c
Score: 8 MALWARE FAMILY: persistenceTAGS:persistence, spyware, stealerMD5: f0979d897155f51fd96a63c61e05d85cSHA1: decf7df4b1c709879a023ed0b8b4f6317124aba6ANALYSIS DATE: 2022-10-28T02:40:14ZTTPS: T1060, T1112, T1005, T1081 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – evasion – 0d406739d2347f98f3df4dcd439cc405
Score: 8 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 0d406739d2347f98f3df4dcd439cc405SHA1: 0b5d30e69316ca06ca1c9703346c8998e5433a88ANALYSIS DATE: 2022-10-28T03:35:05ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – ransomware – 93a803afbb21cfbcc6e9371cc6c13f80
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 93a803afbb21cfbcc6e9371cc6c13f80SHA1: f55511cc24bcc621a924a2aeffa73fc21d0ea667ANALYSIS DATE: 2022-10-28T03:00:22ZTTPS: T1082, T1107, T1490, T1091, T1005, T1081 ScoreMeaningExample10Known badA malware...
Malware Analysis – wannacry – 962443d2cfa12dd0aaa0761250ddcc82
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: 962443d2cfa12dd0aaa0761250ddcc82SHA1: bc9d5e318b95e648d6a9da943c5e5a65c09f8931ANALYSIS DATE: 2022-10-28T03:20:20ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
