Cobalt Stike Beacon Detected – 125[.]124[.]182[.]109:9000
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 149[.]28[.]76[.]119:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 109[.]94[.]208[.]57:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – ransomware – 176c0e35328b032619dc485652148f6c
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 176c0e35328b032619dc485652148f6cSHA1: 00772f0f4bc58c23b4e1d338ba9ee3a1abd0aebdANALYSIS DATE: 2022-10-06T09:12:30ZTTPS: T1082, T1012, T1120, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – 4d9cd2ec3ce1522427e4654d3d7744da
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 4d9cd2ec3ce1522427e4654d3d7744daSHA1: ac29cd9beb1754cab94c3f650b22006b6374ec0aANALYSIS DATE: 2022-10-06T09:32:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 0c482b05f3edc8267e37d9b8029645d2
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 0c482b05f3edc8267e37d9b8029645d2SHA1: b2d323a620f78d2fd48b045ae278b4e3dfd85a9fANALYSIS DATE: 2022-10-06T09:21:11ZTTPS: T1222, T1060, T1112, T1005,...
Malware Analysis – djvu – 214b2b6f63bd33938ed47b85e3a24df6
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 214b2b6f63bd33938ed47b85e3a24df6SHA1: 9227ab94107e5ac3f1943d743951c8843d325e47ANALYSIS DATE: 2022-10-06T09:20:32ZTTPS: T1222, T1012, T1082, T1053,...
Malware Analysis – djvu – 4d9cd2ec3ce1522427e4654d3d7744da
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 4d9cd2ec3ce1522427e4654d3d7744daSHA1: ac29cd9beb1754cab94c3f650b22006b6374ec0aANALYSIS DATE: 2022-10-06T09:41:34ZTTPS:...
Malware Analysis – smokeloader – 62742157fee62a67ee78cdd0997619f6
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 62742157fee62a67ee78cdd0997619f6SHA1: d405d18c2ff9210e14a37f97e6ffbd27b77bc2c3ANALYSIS DATE: 2022-10-06T10:31:23ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – 62742157fee62a67ee78cdd0997619f6
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 62742157fee62a67ee78cdd0997619f6SHA1: d405d18c2ff9210e14a37f97e6ffbd27b77bc2c3ANALYSIS DATE: 2022-10-06T10:31:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – 22e1ceeaf71330b7265275efee371cee
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 22e1ceeaf71330b7265275efee371ceeSHA1: bc1e7c1e5baa5894ab3536623376d11e4f43ea83ANALYSIS DATE: 2022-10-06T10:15:51ZTTPS: T1222, T1012, T1082, T1005,...
“Egypt Leaks” – Hacktivists are Leaking Financial Data
Researchers at cybersecurity firm Resecurity spotted a new group of hacktivists targeting financial institutions in Egypt, Resecurity, a California-based cybersecurity...
Node.js xuxexptest module code execution |
NAME Node.js xuxexptest module code execution Platforms Affected:Node.js xuxexptestRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js xuxexptest module could allow a remote attacker...
Node.js namatnawbyteweb4 module code execution |
NAME Node.js namatnawbyteweb4 module code execution Platforms Affected:Node.js namatnawbyteweb4Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js namatnawbyteweb4 module could allow a remote attacker...
Node.js npmtest-v1nd module code execution |
NAME Node.js npmtest-v1nd module code execution Platforms Affected:Node.js npmtest-v1ndRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js npmtest-v1nd module could allow a remote attacker...
Node.js trading-tips module code execution |
NAME Node.js trading-tips module code execution Platforms Affected:Node.js trading-tipsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js trading-tips module could allow a remote attacker...
Node.js yyzreverseshell2 module code execution |
NAME Node.js yyzreverseshell2 module code execution Platforms Affected:Node.js yyzreverseshell2Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js yyzreverseshell2 module could allow a remote attacker...
Buffalo devices security bypass | CVE-2022-40966
NAME Buffalo devices security bypass Platforms Affected:BUFFALO WXR-1900DHP2 firmware 2.48 BUFFALO WZR-1750DHP2 2.30 Buffalo BHR-4GRV 2.00 Buffalo WHR-HP-G300N 2.00 Buffalo...
Node.js namatnawbyteweb1 module code execution |
NAME Node.js namatnawbyteweb1 module code execution Platforms Affected:Node.js namatnawbyteweb1Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js namatnawbyteweb1 module could allow a remote attacker...
Node.js logoiconic module code execution |
NAME Node.js logoiconic module code execution Platforms Affected:Node.js logoiconicRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js logoiconic module could allow a remote attacker...
Node.js test-mlw2-years-ogams-feign-feral module code execution |
NAME Node.js test-mlw2-years-ogams-feign-feral module code execution Platforms Affected:Node.js test-mlw2-years-ogams-feign-feralRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js test-mlw2-years-ogams-feign-feral module could allow a remote attacker...
Node.js tn-moment module code execution |
NAME Node.js tn-moment module code execution Platforms Affected:Node.js tn-momentRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js tn-moment module could allow a remote attacker...
Node.js namatnawbyteweb3 module code execution |
NAME Node.js namatnawbyteweb3 module code execution Platforms Affected:Node.js namatnawbyteweb3Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js namatnawbyteweb3 module could allow a remote attacker...
Node.js namatnawbyteweb2 module code execution |
NAME Node.js namatnawbyteweb2 module code execution Platforms Affected:Node.js namatnawbyteweb2Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js namatnawbyteweb2 module could allow a remote attacker...
