Product Security Incident Response: Key Strategies and Best Practices
Written By: Samuel Cure, CISO, AMI In today's digital landscape, it is essential to implement proactive measures to ensure the...
Bitzlato crypto exchange seized for ransomware, drugs money laundering
The U.S. Department of Justice arrested and charged Russian national Anatoly Legkodymov, the founder of the Hong Kong-registered cryptocurrency exchange...
New York man defrauded thousands using credit cards sold on dark web
A New York resident has pleaded guilty to charges of conspiracy to commit bank fraud using stolen credit cards purchased...
Hackers push malware via Google search ads for VLC, 7-Zip, CCleaner
Hackers are setting up fake websites for popular free and open-source software to promote malicious downloads through advertisements in Google...
MailChimp discloses new breach after employees got hacked
Email marketing firm MailChimp suffered another breach after hackers accessed an internal customer support and account administration tool, allowing the...
Illegal Solaris darknet market hijacked by competitor Kraken
Solaris, a large darknet marketplace focused on drugs and illegal substances, has been taken over by a smaller competitor named...
Malware Analysis – djvu – 1e12ef6d811ea006a932860cd74b0282
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, stealerMD5: 1e12ef6d811ea006a932860cd74b0282SHA1: fcbef26773b2ef3a41bf1a74f4ed59233283321dANALYSIS DATE: 2023-01-19T09:27:14ZTTPS: T1130, T1112, T1060, T1222, T1082,...
Cobalt Stike Beacon Detected – 202[.]182[.]117[.]134:8087
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]117[.]117[.]162:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]242[.]164[.]33:9998
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 103[.]105[.]49[.]52:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 1c7c18d59d23a9901b0e2b8e48dcde2c
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, stealerMD5: 1c7c18d59d23a9901b0e2b8e48dcde2cSHA1: 4579072148edd252a0a6eaa87eea1a0f73599258ANALYSIS DATE: 2023-01-19T11:39:45ZTTPS: T1222, T1082, T1130, T1112, T1060...
Malware Analysis – djvu – 30f074e92a9351c582e31b3be1e4a6c3
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:rhadamanthys, family:smokeloader, family:vidar, botnet:19, botnet:test, backdoor, collection, discovery, infostealer, persistence, ransomware, spyware, stealer, trojanMD5:...
Malware Analysis – djvu – 892865bd136926da1ef72498bb1fb355
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 892865bd136926da1ef72498bb1fb355SHA1: 53103a535dd72d6156b0a2ba739071b98ec549a8ANALYSIS DATE: 2023-01-19T11:02:44ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – vidar – 6fb6025c04ba6fa3d4820aea944e3667
Score: 10 MALWARE FAMILY: vidarTAGS:family:vidar, botnet:408, discovery, persistence, ransomware, spyware, stealerMD5: 6fb6025c04ba6fa3d4820aea944e3667SHA1: b5fa73ed8561665ddaa9b9baecb427dd166d034bANALYSIS DATE: 2023-01-19T09:28:45ZTTPS: T1005, T1081, T1130, T1112, T1082,...
Oracle VM VirtualBox privilege escalation | CVE-2023-21886
NAME__________Oracle VM VirtualBox privilege escalationPlatforms Affected:Risk Level:8.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________An unspecified vulnerability in Oracle VM VirtualBox related to the Core component...
Oracle Communications Applications privilege escalation | CVE-2023-21848
NAME__________Oracle Communications Applications privilege escalationPlatforms Affected:Risk Level:8.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________An unspecified vulnerability in Oracle Communications Applications related to the Admin Configuration...
Hospital Management System SQL injection | CVE-2022-46093
NAME__________Hospital Management System SQL injectionPlatforms Affected:Risk Level:9.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Hospital Management System is vulnerable to SQL injection. A remote attacker could...
Oracle Communications privilege escalation | CVE-2023-21890
NAME__________Oracle Communications privilege escalationPlatforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________An unspecified vulnerability in Oracle Communications related to the Core component could allow...
libXpm code execution | CVE-2022-4883
NAME__________libXpm code executionPlatforms Affected:libXpm libXpm 3.5.14Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________libXpm could allow a remote attacker to execute arbitrary code on the...
Cisco Unified Communications Manager SQL injection | CVE-2023-20010
NAME__________Cisco Unified Communications Manager SQL injectionPlatforms Affected:Risk Level:8.1Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Cisco Unified Communications Manager is vulnerable to SQL injection. A remote...
Daily Vulnerability Trends: Thu Jan 19 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-31985Microsoft Defender Remote Code Execution VulnerabilityCVE-2023-21674Windows Advanced Local Procedure Call (ALPC) Elevation...
BlackCat/ALPHV Ransomware Victim: Fresh Del Monte
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: Pharmacare
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
