Cobalt Stike Beacon Detected – 107[.]174[.]95[.]204:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]201[.]35[.]218:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 068a01b46b7fd84d9d37d37b9307c514
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 068a01b46b7fd84d9d37d37b9307c514SHA1: 5b659a6d2c3c3c3e79e2dff0e0d61abe0d6e5325ANALYSIS DATE: 2022-11-10T10:53:29ZTTPS: T1222, T1082, T1005, T1081,...
Malware Analysis – chaos – f28dab0d7488b9d69a566c9ca7c084e1
Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, evasion, persistence, ransomware, spyware, stealerMD5: f28dab0d7488b9d69a566c9ca7c084e1SHA1: 32537b66204e8c76642da46aa286433cb868b453ANALYSIS DATE: 2022-11-10T10:20:08ZTTPS: T1490, T1059, T1107, T1005, T1081, T1082,...
Malware Analysis – wannacry – 2246127934495b3206cb318271092a5d
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: 2246127934495b3206cb318271092a5dSHA1: bb1d5148afc44635a9e103de45441c4c75db64aaANALYSIS DATE: 2022-11-10T10:40:26ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – wannacry – 9f73c18d38017fdef2011b186dead35b
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: 9f73c18d38017fdef2011b186dead35bSHA1: de15099805cce28f7fec1edf701e3d1f14d66f51ANALYSIS DATE: 2022-11-10T10:00:31ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – blackcat – d28d12f328105aa089129301da9919d0
Score: 10 MALWARE FAMILY: blackcatTAGS:family:blackcat, discovery, evasion, ransomware, trojanMD5: d28d12f328105aa089129301da9919d0SHA1: 234f34e9725dadcf109e3c8065f1841d4c2f74e9ANALYSIS DATE: 2022-11-10T11:04:58ZTTPS: T1107, T1490, T1012, T1120, T1082, T1089, T1112,...
Malware Analysis – wannacry – b54c96716a5453ad729d91bb5fb39bf9
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, ransomware, wormMD5: b54c96716a5453ad729d91bb5fb39bf9SHA1: c72f2c21ef5e82132fd1c68f4e0afe6e0a94ccf6ANALYSIS DATE: 2022-11-10T11:00:32ZTTPS: T1046 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – ransomware – 4617028009902b4530adbfee151d3126
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 4617028009902b4530adbfee151d3126SHA1: 186828382c2d4e3be2054675614bef990972b23aANALYSIS DATE: 2022-11-10T11:00:18ZTTPS: T1059, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – amadey – 29edbd2942ee93a290930a8384fb0362
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:raccoon, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:53508e7dc4e08bd33122d190a04a1200, botnet:mario23_10, backdoor, collection, discovery, infostealer, persistence, ransomware,...
BugCrowd Bug Bounty Disclosure: – Panel access at https://news-push-88.op-mobile.opera.com/. – By rahul0x01
The below information is fully automated and the information is captured from the BugCrowd Disclosure website. The information was correct...
Posh C2 Detected – 20[.]218[.]128[.]59:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
APT29 abused the Windows Credential Roaming in an attack against a diplomatic entity
Russia-linked APT29 cyberespionage group exploited a Windows feature called Credential Roaming to target a European diplomatic entity. Mandiant researchers in...
Intel Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families privilege escalation | CVE-2022-30542
NAME Intel Server Board S2600WF, Intel(R) Server System R1000WF and Intel(R) Server System R2000WF families privilege escalation Platforms Affected:Intel Server...
Intel AMT privilege escalation | CVE-2022-26845
NAME Intel AMT privilege escalation Platforms Affected:Intel AMT 11.0 Intel AMT 12.0 Intel AMT 14.0.0 Intel AMT 15.0.34Risk Level:8.7Exploitability:UnprovenConsequences:Gain Privilege...
Intel NUC BIOS firmware privilege escalation | CVE-2021-33164
NAME Intel NUC BIOS firmware privilege escalation Platforms Affected:Risk Level:8.2Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION Intel NUC BIOS firmware could allow a local...
Intel privilege escalation | CVE-2022-26006
NAME Intel privilege escalation Platforms Affected:Intel Xeon E ProcessorRisk Level:8.2Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION Intel could allow a local authenticated attacker to...
Intel NUC BIOS firmware privilege escalation | CVE-2022-33176
NAME Intel NUC BIOS firmware privilege escalation Platforms Affected:Risk Level:8.2Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION Intel NUC BIOS firmware could allow a local...
Google Chrome Crashpad code execution | CVE-2022-3890
NAME Google Chrome Crashpad code execution Platforms Affected:Risk Level:9.6Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome is vulnerable to a heap-based buffer overflow,...
Intel XMM 7560 Modem software privilege escalation | CVE-2022-26513
NAME Intel XMM 7560 Modem software privilege escalation Platforms Affected:Intel XMM 7560 Modem softwareRisk Level:8Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION Intel XMM 7560...
Intel AMT privilege escalation | CVE-2022-29893
NAME Intel AMT privilege escalation Platforms Affected:Intel AMT 11.0 Intel AMT 12.0 Intel AMT 14.0.0 Intel AMT 15.0.34Risk Level:8.1Exploitability:UnprovenConsequences:Gain Privilege...
Intel Xeon processors privilege escalation | CVE-2022-26006
NAME Intel Xeon processors privilege escalation Platforms Affected:Risk Level:8.2Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION Intel Xeon processors could allow a local authenticated attacker...
Google Chrome WebCodecs code execution | CVE-2022-3888
NAME Google Chrome WebCodecs code execution Platforms Affected:Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote attacker to execute...
Google Chrome Web Workers code execution | CVE-2022-3887
NAME Google Chrome Web Workers code execution Platforms Affected:Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote attacker to...
