DuckDuckGo now blocks Google sign-in pop-ups on all sites
DuckDuckGo apps and extensions are now blocking Google Sign-in pop-ups on all its apps and browser extensions, removing what it...
Leading sports betting firm BetMGM discloses data breach
Leading sports betting company BetMGM disclosed a data breach after a threat actor stole personal information belonging to an undisclosed...
Ghost CMS vulnerable to critical authentication bypass flaw
A critical vulnerability in the Ghost CMS newsletter subscription system could allow external users to create newsletters or modify existing...
Daily Vulnerability Trends: Fri Dec 23 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-46689A race condition was addressed with additional validation. This issue is fixed...
Ransomware and wiper signed with stolen certificates
Introduction On July 17, 2022, Albanian news outlets reported a massive cyberattack that affected Albanian government e-services. A few weeks...
Malware Analysis – smokeloader – cd2f32885f77776c6870994c9dea4b0e
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: cd2f32885f77776c6870994c9dea4b0eSHA1: 3afebca15a24af9a925523c7ff4fb5f196a17a7bANALYSIS DATE: 2022-12-23T03:32:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 11ef4e7da7336b07a610f53246bd2a37
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 11ef4e7da7336b07a610f53246bd2a37SHA1: 51c2c3502d74aaf3fd4f253fb33a11425d64c6beANALYSIS DATE: 2022-12-23T04:40:48ZTTPS: T1222, T1012, T1082, T1005, T1081, T1060,...
Malware Analysis – djvu – c02eeb1769431e512a18cb8a8d6d346c
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: c02eeb1769431e512a18cb8a8d6d346cSHA1: b803c2dede5ff1e9c69767569197ab0104b1e94aANALYSIS DATE: 2022-12-23T05:20:45ZTTPS: T1222, T1082, T1005, T1081, T1012, T1060,...
Malware Analysis – smokeloader – cd259460368f6993bd59dbd869add7d6
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: cd259460368f6993bd59dbd869add7d6SHA1: 1a4bb76edacd425ceee03894e52eec3484fb17acANALYSIS DATE: 2022-12-23T05:31:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – eed5dd7b206c7d4fb1b4c0bd50486a89
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: eed5dd7b206c7d4fb1b4c0bd50486a89SHA1: 19deb6f83a9c7859be8ce667bff7e34f0200cc40ANALYSIS DATE: 2022-12-23T04:32:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Using GitHub Actions to manage CI/CD for Empire
We’ve been using GitHub actions for Empire and Starkiller for quite some time now. It’s been a significant productivity boost...
LockBit 3.0 Ransomware Victim: thedonovancompany[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – 4[.]205[.]51[.]119:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 103[.]100[.]210[.]43:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 51[.]79[.]230[.]42:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – smokeloader – b1e6371800ed2beea2b05572054e5fa3
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: b1e6371800ed2beea2b05572054e5fa3SHA1: 5e1f3278645fa1ff22d32e494a9c6580030d5232ANALYSIS DATE: 2022-12-22T21:01:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – ransomware – b08b6219961caac74b033c88233c67f6
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: b08b6219961caac74b033c88233c67f6SHA1: f4d8c562f51537b57b7c25ff552c736c383c2d60ANALYSIS DATE: 2022-12-22T21:31:49ZTTPS: T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – smokeloader – 79fe9ab1a7a010786684dfbb784b7837
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 79fe9ab1a7a010786684dfbb784b7837SHA1: 2d709acfb03604d76949053d42174e3d416ae515ANALYSIS DATE: 2022-12-22T21:31:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – 2eb56154df927e0c5fcae69ed3c11990
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 2eb56154df927e0c5fcae69ed3c11990SHA1: fd16efabd12014a64c9d71f480618eded76fab59ANALYSIS DATE: 2022-12-22T23:01:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – ransomware – c09116efea795c3170634211222aa3c9
Score: 5 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: c09116efea795c3170634211222aa3c9SHA1: a3ceacdcb37a45bc6d36d84b28c2ed71492caef8ANALYSIS DATE: 2022-12-22T23:45:23ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – 9867a82df7697272a3dbfad12519aac6
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 9867a82df7697272a3dbfad12519aac6SHA1: 7027244a46aefbf80c7903f59ad019394d548f36ANALYSIS DATE: 2022-12-22T22:22:13ZTTPS: T1222, T1005, T1081, T1012, T1060, T1112,...
Malware Analysis – djvu – 329c38dfcf60d7e05c4e28d9da5fa426
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: 329c38dfcf60d7e05c4e28d9da5fa426SHA1: cc02de6e3facb660a01b24c1c2633a55829b8cc2ANALYSIS DATE: 2022-12-22T23:08:10ZTTPS: T1082, T1053, T1005, T1081, T1012, T1060,...
North Korea linked threat actors have stolen an estimated billion worth of cryptocurrency and other virtual assets in the past five years
North Korea-linked threat actors have stolen an estimated $1.2 billion worth of cryptocurrency and other virtual assets in the past...
The Vice Society ransomware group has adopted new custom ransomware with a strong encryption scheme in recent intrusions
The Vice Society ransomware group has adopted new custom ransomware, with a strong encryption scheme, in recent intrusions.SentinelOne researchers discovered...
