Cobalt Stike Beacon Detected – 43[.]139[.]8[.]152:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 209[.]141[.]52[.]22:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]227[.]196[.]194:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 180[.]76[.]154[.]33:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 110[.]81[.]153[.]37:10443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 156[.]96[.]157[.]120:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]227[.]193[.]33:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]15[.]99[.]189:7777
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – discovery – 34d6da080af6ae29247f06bcae9292c5
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomware, spyware, stealer, trojanMD5: 34d6da080af6ae29247f06bcae9292c5SHA1: 6b1397afa50fd65b5dc38aac8e6c33ff11f9a1ddANALYSIS DATE: 2023-01-31T10:46:05ZTTPS: T1012, T1082, T1112, T1120, T1102,...
Malware Analysis – smokeloader – ef4734eb6342c1166b64c1597f8c1fed
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: ef4734eb6342c1166b64c1597f8c1fedSHA1: 598ad1a4ff2c5e4ed49e14ec89cfd871f9bb83eeANALYSIS DATE: 2023-01-31T09:10:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – eb49b2fd2f173fa20b1ca9f7fd28f6cd
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: eb49b2fd2f173fa20b1ca9f7fd28f6cdSHA1: 57afd277746bb9b96970c379eb1e32719a8180f4ANALYSIS DATE: 2023-01-31T09:57:37ZTTPS: T1012, T1222, T1082, T1053,...
Malware Analysis – discovery – f494e416737bbd1ea8af65d9bdfd6934
Score: 9 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, upxMD5: f494e416737bbd1ea8af65d9bdfd6934SHA1: 3de0d51ea664794278734c7b30d938ceb1495c47ANALYSIS DATE: 2023-01-31T10:32:51ZTTPS: T1082, T1012, T1060, T1112, T1130, T1102, T1018, T1497...
Malware Analysis – djvu – 58860a1c3b2041fef660374813f99273
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, ransomware, stealer, trojan, vmprotectMD5: 58860a1c3b2041fef660374813f99273SHA1: e8d503260b7ca66dfd0ca0e3fffb327c0a6cc7c1ANALYSIS DATE: 2023-01-31T11:17:20ZTTPS: T1222, T1053,...
Malware Analysis – djvu – 8a60eb120c54fec26aa191b030c26d28
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 8a60eb120c54fec26aa191b030c26d28SHA1: 6fc0adb8bd283e04d43db47408c3a9f2c26f93c0ANALYSIS DATE: 2023-01-31T11:14:25ZTTPS: T1005, T1081, T1222, T1053,...
Malware Analysis – djvu – 6263cf4ed224f1a7756f3d7c4c83cfda
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 6263cf4ed224f1a7756f3d7c4c83cfdaSHA1: 8952d8e4aa5ffd114c09afb07d082e05492b087fANALYSIS DATE: 2023-01-31T10:51:11ZTTPS: T1053, T1060, T1112, T1012,...
Malware Analysis – smokeloader – c8558073caf7732e00775c381de062df
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: c8558073caf7732e00775c381de062dfSHA1: c5c51097f6957cdc2feef36d40929bf5ba54cbd3ANALYSIS DATE: 2023-01-31T10:58:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Siretta QUARTZ-GOLD command execution | CVE-2022-42490
NAME__________Siretta QUARTZ-GOLD command executionPlatforms Affected:Risk Level:9.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Siretta QUARTZ-GOLD could allow a remote attacker to execute arbitrary commands...
Eta code execution | CVE-2022-25967
NAME__________Eta code executionPlatforms Affected:Eta Eta 1.14.2Risk Level:8.1Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Eta could allow a remote attacker to execute arbitrary code...
Discourse denial of service | CVE-2023-23621
NAME__________Discourse denial of servicePlatforms Affected:Risk Level:8.6Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Discourse is vulnerable to a denial of service, caused by a regular...
BaiCells Nova 227, Nova 233, Nova 243, and Nova 246 LTE TDD eNodeB devices code execution | CVE-2023-24508
NAME__________BaiCells Nova 227, Nova 233, Nova 243, and Nova 246 LTE TDD eNodeB devices code executionPlatforms Affected:BaiCells Nova 246 RTS/RTD...
OpenMage LTS code execution | CVE-2021-41144
NAME__________OpenMage LTS code executionPlatforms Affected:OpenMage Magento-lts 20.0.8 OpenMage Magento-lts 19.4.12Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________OpenMage LTS could allow a remote authenticated attacker...
OpenMage LTS command execution | CVE-2021-39217
NAME__________OpenMage LTS command executionPlatforms Affected:OpenMage Magento-lts 20.0.8 OpenMage Magento-lts 19.4.12Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________OpenMage LTS could allow a remote authenticated attacker...
QNAP running QTS and running QTS code execution | CVE-2022-27596
NAME__________QNAP running QTS and running QTS code executionPlatforms Affected:QNAP QTS 5.0.1 QNAP QuTS hero h5.0.1Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________QNAP running QTS...
Daily Vulnerability Trends: Tue Jan 31 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-35394Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool...
