Cobalt Stike Beacon Detected – 54[.]178[.]175[.]181:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 82[.]156[.]55[.]208:7788
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Multiple Nintendo games buffer overflow | CVE-2022-47949
NAME Multiple Nintendo games buffer overflow Platforms Affected:Nintendo Mario Kart 7 Nintendo Mario Kart 8 Nintendo Mario Kart 8 Deluxe...
memos security bypass | CVE-2022-4814
NAME memos security bypass Platforms Affected:Risk Level:8.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION memos could allow a remote attacker to bypass security restrictions, caused...
TrueConf Server SQL Injection | CVE-2022-46763
NAME TrueConf Server SQL Injection Platforms Affected:TrueConf TrueConf Server 5.2.0.10225Risk Level:7.3Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION TrueConf Server is vulnerable to SQL injection....
LiuOS security bypass | CVE-2022-46179
NAME LiuOS security bypass Platforms Affected:LiuOS LiuOSRisk Level:8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION LiuOS could allow a local attacker to bypass security restrictions,...
memos security bypass | CVE-2022-4812
NAME memos security bypass Platforms Affected:Risk Level:8.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION memos could allow a remote attacker to bypass security restrictions, caused...
TrueConf Server SQL Injection | CVE-2022-46764
NAME TrueConf Server SQL Injection Platforms Affected:TrueConf TrueConf Server 5.2.0.10225Risk Level:7.3Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION TrueConf Server is vulnerable to SQL injection....
memos security bypass | CVE-2022-4813
NAME memos security bypass Platforms Affected:Risk Level:8.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION memos could allow a remote attacker to bypass security restrictions, caused...
Daily Vulnerability Trends: Sun Jan 01 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-48196Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated...
Malware Analysis – amadey – 875a57a33e01873ee9c566882252f2f9
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:lgoogloader, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, downloader, infostealer, persistence, ransomware, rat, spyware,...
Malware Analysis – djvu – c32f1f18730491571309a796b9f38f46
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: c32f1f18730491571309a796b9f38f46SHA1: 2594f24d355cf087d0a69ed603293c202403acf2ANALYSIS DATE: 2022-12-31T21:01:23ZTTPS: T1005, T1081, T1060, T1112,...
Malware Analysis – discovery – 30cbb7176e5eff6db09b9ac58e2d0087
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, ransomwareMD5: 30cbb7176e5eff6db09b9ac58e2d0087SHA1: 383b8b1f5517c856df40eee799ab19689e7bbbbdANALYSIS DATE: 2022-12-31T22:42:09ZTTPS: T1130, T1112, T1012, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – cdc85b918fbbb00351af10de34cc606a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: cdc85b918fbbb00351af10de34cc606aSHA1: e11c47a9601aa3deef7baaceded201e90b90f2afANALYSIS DATE: 2022-12-31T22:21:19ZTTPS: T1005, T1081, T1082, T1053,...
Malware Analysis – amadey – e9de3e39d8e212cd00a606f8e5b0f986
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lgoogloader, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, downloader, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: e9de3e39d8e212cd00a606f8e5b0f986SHA1:...
Malware Analysis – djvu – 49cbd9d2518f657fff793edb6e69aa34
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 49cbd9d2518f657fff793edb6e69aa34SHA1: 5811fa647ad74bc7162eec0de91cbb989bd30abfANALYSIS DATE: 2022-12-31T22:32:05ZTTPS: T1012, T1082, T1222, T1005,...
Cobalt Stike Beacon Detected – 121[.]127[.]233[.]205:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 120[.]40[.]7[.]23:8999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 49[.]4[.]88[.]243:82
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – amadey – 01c5089df96b9c8da162b9a83c5056a8
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lgoogloader, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, downloader, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5:...
Malware Analysis – amadey – 43fec7a0e3948a78bedf6cf27e9bf538
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:lgoogloader, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, downloader, infostealer, persistence, ransomware, rat, spyware,...
Malware Analysis – discovery – 3a02deed11f7ff4dbc1188d201ad164a
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 3a02deed11f7ff4dbc1188d201ad164aSHA1: 5c935f5c25c2975ef384878bb094567fb19519c9ANALYSIS DATE: 2022-12-31T23:29:57ZTTPS: T1060, T1012, T1082, T1120, T1112 ScoreMeaningExample10Known badA malware family...
Malware Analysis – evasion – 7237bb5c2bcc4b19e8f574b3d9525df7
Score: 6 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 7237bb5c2bcc4b19e8f574b3d9525df7SHA1: 80e73da87d2c5f19a2c6c7ba0140520bb345acc3ANALYSIS DATE: 2022-12-31T22:47:53ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Posh C2 Detected – 52[.]62[.]27[.]203:4443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
