Cobalt Stike Beacon Detected – 194[.]165[.]16[.]62:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]189[.]5[.]117:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Apple Safari WebKit code execution | CVE-2023-23518
NAME__________Apple Safari WebKit code executionPlatforms Affected:Apple Safari 16.2Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apple Safari could allow a remote attacker to execute arbitrary...
PowerDNS Recursor denial of service | CVE-2023-22617
NAME__________PowerDNS Recursor denial of servicePlatforms Affected:PowerDNS Recursor 4.5.9 PowerDNS Recursor 4.6.2 PowerDNS Recursor 4.7.1Risk Level:8.2Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________PowerDNS Recursor is...
Apache Airflow command execution | CVE-2023-22884
NAME__________Apache Airflow command executionPlatforms Affected:Apache Airflow 2.3.0 Apache Airflow 2.4.0 Apache Airflow 2.4.1 Apache Airflow 2.4.2Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apache Airflow...
Apple Safari WebKit code execution | CVE-2023-23517
NAME__________Apple Safari WebKit code executionPlatforms Affected:Apple Safari 16.2Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apple Safari could allow a remote attacker to execute arbitrary...
Apple Safari WebKit code execution | CVE-2023-23496
NAME__________Apple Safari WebKit code executionPlatforms Affected:Apple Safari 16.2Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apple Safari could allow a remote attacker to execute arbitrary...
Oracle Systems Solaris Common Desktop Environment buffer overflow | CVE-2023-24039
NAME__________Oracle Systems Solaris Common Desktop Environment buffer overflowPlatforms Affected:Oracle Solaris 10Risk Level:7.8Exploitability:Proof of ConceptConsequences:Gain Privileges DESCRIPTION__________Oracle Systems Solais is vulnerable...
Daily Vulnerability Trends: Tue Jan 24 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-24068Signal Desktop before 6.2.0 on Windows, Linux, and macOS allows an attacker...
Malware Analysis – djvu – d3d65090cad621234a92329236fb75e6
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: d3d65090cad621234a92329236fb75e6SHA1: 18d5e6b99a1bb323f2b3ad6c3e8a4c2cb46b650aANALYSIS DATE: 2023-01-24T03:20:48ZTTPS: T1053, T1005, T1081, T1060,...
Malware Analysis – djvu – 70fd03a7711ed5316b20dbe3110bd301
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 70fd03a7711ed5316b20dbe3110bd301SHA1: 60c30f7fc1c491085c0958d51cb7f9cf7ff26fa6ANALYSIS DATE: 2023-01-24T05:40:05ZTTPS: T1060, T1112, T1012, T1082,...
Malware Analysis – discovery – 6f19490d77a2076e8779ca5ca82bd454
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, ransomwareMD5: 6f19490d77a2076e8779ca5ca82bd454SHA1: 9f54708bc313f5863ca8e5cca60f727cb6e29154ANALYSIS DATE: 2023-01-24T04:25:49ZTTPS: T1012, T1130, T1112, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – evasion – 4e775bc9cb9d1e9818208935fbdba509
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, trojanMD5: 4e775bc9cb9d1e9818208935fbdba509SHA1: 7f72d5601ff522fef0dbabebdc01fa4289e5d4bcANALYSIS DATE: 2023-01-24T04:44:45ZTTPS: T1490, T1059, T1107, T1082, T1112, T1053, T1485, T1031,...
Malware Analysis – djvu – 9072bbefe62a6289483a541fa22d8d64
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 9072bbefe62a6289483a541fa22d8d64SHA1: 2ebdf7f18cfcd9827768b6981197832c672e556fANALYSIS DATE: 2023-01-24T05:39:04ZTTPS: T1222, T1060, T1112, T1053,...
KomplettFritid – 139,401 breached accounts
HIBP In January 2023, the online Norwegian store KomplettFritid was reported as having had a data breach dating back to...
Autotrader – 20,032 breached accounts
HIBP In January 2023, 1.4M records from the Autotrader online vehicle marketplace appeared on a popular hacking forum. Autotrader stated...
Play Ransomware Victim: A?????L S?????????? ????
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – 185[.]175[.]156[.]42:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 167[.]235[.]157[.]186:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 88[.]119[.]175[.]149:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 216[.]146[.]25[.]20:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – persistence – 425cbeecc22af1cbd3683702bad47d2b
Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 425cbeecc22af1cbd3683702bad47d2bSHA1: d9df389bf4f5699414ae265bab820d16c97153f4ANALYSIS DATE: 2023-01-23T21:20:34ZTTPS: T1060, T1130, T1112, T1012, T1082, T1120 ScoreMeaningExample10Known badA malware family...
Malware Analysis – djvu – cc426856236596a24223d23bcb84d8c8
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: cc426856236596a24223d23bcb84d8c8SHA1: 03c225a58255b94fd7917f304af3a9bc172ee681ANALYSIS DATE: 2023-01-23T21:03:36ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – djvu – c93dffef8975b746c23b3dfa89fab68d
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: c93dffef8975b746c23b3dfa89fab68dSHA1: 526e90755a469488a6fdfc90158d7c23a3f8db94ANALYSIS DATE: 2023-01-23T21:23:26ZTTPS: T1222, T1005, T1081, T1082,...
