Cobalt Stike Beacon Detected – 20[.]189[.]74[.]59:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – smokeloader – da627411e7e85229355ed325520a7d4e
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: da627411e7e85229355ed325520a7d4eSHA1: 3a603f52b7285be51b1533815eecc67b0447af35ANALYSIS DATE: 2023-01-29T11:35:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – discovery – 360ef53ce1b09b03998bf2ab743f7dc7
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomware, spyware, stealerMD5: 360ef53ce1b09b03998bf2ab743f7dc7SHA1: 9166c3760b1d1cf9a395e344858e4e01158795bcANALYSIS DATE: 2023-01-29T11:09:44ZTTPS: T1060, T1012, T1005, T1081, T1082, T1059, T1102,...
Malware Analysis – – bfe6ee8069f6e7c572382a97fd16d104
Score: 3 MALWARE FAMILY: TAGS:MD5: bfe6ee8069f6e7c572382a97fd16d104SHA1: e017c8f52a53cd0374d7867af14e567b79d6cffdANALYSIS DATE: 2023-01-29T11:33:49ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Cobalt Stike Beacon Detected – 3[.]29[.]24[.]212:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 54[.]188[.]58[.]32:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 109[.]172[.]45[.]28:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Siretta QUARTZ-GOLD directory traversal | CVE-2022-41154
NAME__________Siretta QUARTZ-GOLD directory traversalPlatforms Affected:Risk Level:8.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Siretta QUARTZ-GOLD could allow a remote attacker to traverse directories on the system,...
Argo Project Argo CD security bypass | CVE-2023-22736
NAME__________Argo Project Argo CD security bypassPlatforms Affected:Argo Project Argo CD 2.5.7 Argo Project Argo CD 2.6.0-rc4 Argo Project Argo CD...
Siretta QUARTZ-GOLD command execution |
NAME__________Siretta QUARTZ-GOLD command executionPlatforms Affected:Risk Level:9.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Siretta QUARTZ-GOLD could allow a remote attacker to execute arbitrary commands...
UFLO2 code execution | CVE-2022-25894
NAME__________UFLO2 code executionPlatforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________UFLO2 could allow a remote attacker to execute arbitrary code on the system, caused...
Pi-hole security bypass | CVE-2023-23614
NAME__________Pi-hole security bypassPlatforms Affected:Pi-hole Pi-hole 4.0 Pi-hole Pi-hole 5.18.2Risk Level:8.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Pi-hole could allow a remote authenticated attacker to bypass...
BaiCells Nova 227, Nova 233, Nova 243, and Nova 246 LTE TDD eNodeB devices code execution | CVE-2023-24508
NAME__________BaiCells Nova 227, Nova 233, Nova 243, and Nova 246 LTE TDD eNodeB devices code executionPlatforms Affected:BaiCells Nova 246 RTS/RTD...
Siretta QUARTZ-GOLD command execution | CVE-2022-42491
NAME__________Siretta QUARTZ-GOLD command executionPlatforms Affected:Risk Level:9.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Siretta QUARTZ-GOLD could allow a remote attacker to execute arbitrary commands...
Siretta QUARTZ-GOLD command execution | CVE-2022-42492
NAME__________Siretta QUARTZ-GOLD command executionPlatforms Affected:Risk Level:9.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Siretta QUARTZ-GOLD could allow a remote attacker to execute arbitrary commands...
Argo Project Argo CD security bypass | CVE-2023-22482
NAME__________Argo Project Argo CD security bypassPlatforms Affected:Argo CD Argo CD 1.8.2 Argo Project Argo CD 2.3.13 Argo Project Argo CD...
Siretta QUARTZ-GOLD buffer overflow | CVE-2022-41991
NAME__________Siretta QUARTZ-GOLD buffer overflowPlatforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Siretta QUARTZ-GOLD is vulnerable to a heap-based buffer overflow, caused by improper bounds...
Discourse cross-site scripting | CVE-2023-22468
NAME__________Discourse cross-site scriptingPlatforms Affected:Discourse Discourse 3.0.0 Discourse Discourse 3.1.0.beta1Risk Level:8.3Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Discourse is vulnerable to cross-site scripting, caused by improper...
Siretta QUARTZ-GOLD command execution | CVE-2022-42493
NAME__________Siretta QUARTZ-GOLD command executionPlatforms Affected:Risk Level:9.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Siretta QUARTZ-GOLD could allow a remote attacker to execute arbitrary commands...
Siretta QUARTZ-GOLD command execution | CVE-2022-40222
NAME__________Siretta QUARTZ-GOLD command executionPlatforms Affected:Risk Level:9.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Siretta QUARTZ-GOLD could allow a remote attacker to execute arbitrary commands...
BreachForums Database Leak Alert: TSA NoFly List
BreachForums - Databreach discussion & leaks forum. NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
BreachForums Database Leak Alert: demo[.]zeeroq[.]com
BreachForums - Databreach discussion & leaks forum. NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
Daily Vulnerability Trends: Sun Jan 29 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2020-28362Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.CVE-2022-34718Windows TCP/IP...
Vice Society Ransomware Victim: Seguros Equinoccial
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
