Cobalt Stike Beacon Detected – 47[.]243[.]31[.]199:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 42[.]192[.]19[.]75:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 119[.]8[.]121[.]85:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 156[.]234[.]180[.]235:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Brute Ratel C4 Detected – 45[.]137[.]117[.]219:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
Malware Analysis – amadey – 280610964b3447e00cf87e7a2116db06
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:1148, botnet:517, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer,...
Malware Analysis – amadey – 5d68f1c394a5b45caa31567eb295da8a
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:1148, botnet:517, botnet:lege, backdoor, collection, discovery, infostealer, persistence, ransomware, rat,...
Malware Analysis – djvu – 22498c1dce9fa5e8a02c9bb39c4329b4
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 22498c1dce9fa5e8a02c9bb39c4329b4SHA1: 02a5a0fe6d09669e2f525d89ca38c77d6a362188ANALYSIS DATE: 2022-12-01T22:30:09ZTTPS: T1005, T1081, T1012, T1222,...
Malware Analysis – djvu – d8d71a967f8cd0c1bcaf41f63e702a61
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: d8d71a967f8cd0c1bcaf41f63e702a61SHA1: 668d793a13b3ad46c92faeae7e850d5167c62fc5ANALYSIS DATE: 2022-12-01T23:52:08ZTTPS: T1005, T1081, T1012, T1082,...
New Go-based Redigo malware targets Redis servers
Redigo is a new Go-based malware employed in attacks against Redis servers affected by the CVE-2022-0543 vulnerability. Researchers from security firm...
Top 3 Non-Technical Cybersecurity Trends for 2023
A strong cybersecurity strategy isn’t just about choosing the right tools. Cybersecurity experts Greg Young and William Malik discuss three...
CISA: #StopRansomware: Cuba Ransomware
#StopRansomware: Cuba Ransomware Today, the Federal Bureau of Investigation (FBI) and CISA released a joint Cybersecurity Advisory (CSA) #StopRansomware: Cuba...
Karakurt Ransomware Victim: Trantor
KARAKURT RANSOMWARE NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
HackerOne Bug Bounty Disclosure: firebase-database-takeover-in-https://pulseradio-mtn-co-ug/byshuvam321
Programme HackerOne MTN Group MTN Group Submitted by shuvam321 shuvam321 Report Firebase Database Takeover in https://pulseradio.mtn.co.ug/ Full Report A considerable...
HackerOne Bug Bounty Disclosure: calendar-name-length-not-validated-before-writing-to-databasebyerrorx404
Programme HackerOne Nextcloud Nextcloud Submitted by errorx404 errorx404 Report Calendar name length not validated before writing to database Full Report...
HackerOne Bug Bounty Disclosure: unprotected-direct-object-referencebycoyemerald
Programme HackerOne MTN Group MTN Group Submitted by coyemerald coyemerald Report Unprotected Direct Object Reference Full Report A considerable amount...
HackerOne Bug Bounty Disclosure: remove-every-user,-admin,-and-owner-out-of-their-teams-on-developers-mtn-com-via-idor-+-information-disclosurebywallotry
Programme HackerOne MTN Group MTN Group Submitted by wallotry wallotry Report Remove Every User, Admin, And Owner Out Of Their...
HackerOne Bug Bounty Disclosure: cve-2022-45402:-apache-airflow:-open-redirect-during-loginbybugra
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by bugra bugra Report CVE-2022-45402: Apache Airflow: Open redirect during login...
HackerOne Bug Bounty Disclosure: double-evaluation-in–bash_prompt-of-dotfiles-allows-a-malicious-repository-to-execute-arbitrary-commandsbyryotak
Programme HackerOne Ian Dunn Ian Dunn Submitted by ryotak ryotak Report Double evaluation in .bash_prompt of dotfiles allows a malicious...
Malware Analysis – djvu – c41b65a6fd126476b33cd275cda7c842
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: c41b65a6fd126476b33cd275cda7c842SHA1: b22360d30d999df2ab08212ce9e37bc9754f8cb4ANALYSIS DATE: 2022-12-01T15:06:54ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – evasion – b91e11a7755a47d91fd3595900bf19eb
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: b91e11a7755a47d91fd3595900bf19ebSHA1: 4638226e9cad1ab5d2379999433834f547cb2b6cANALYSIS DATE: 2022-11-30T02:02:41ZTTPS: T1490, T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – redline – 60c672bf83f9ee919034423f7c9385f6
Score: 10 MALWARE FAMILY: redlineTAGS:family:redline, family:smokeloader, botnet:r102, backdoor, collection, infostealer, ransomware, trojanMD5: 60c672bf83f9ee919034423f7c9385f6SHA1: 4a262fce23796b58a08f7e953f33faf726ed1790ANALYSIS DATE: 2022-12-01T15:34:51ZTTPS: T1012, T1120, T1082, T1114...
Malware Analysis – amadey – d9e5a4ebf3b74e879d0acb16c43ed6de
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojanMD5:...
Malware Analysis – ransomware – b864e48610688b0139d84bcd63fd2878
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: b864e48610688b0139d84bcd63fd2878SHA1: 204daf52fa7099561dfbcf50758475cb79036ce5ANALYSIS DATE: 2022-12-01T15:31:21ZTTPS: T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
