Cobalt Stike Beacon Detected – 84[.]32[.]188[.]186:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 0d85d75c326a7674becf2389ac735489
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 0d85d75c326a7674becf2389ac735489SHA1: 569f4be4645b5b8782ab4643af40deca1af25f01ANALYSIS DATE: 2023-01-27T10:10:16ZTTPS: T1005, T1081, T1012, T1222,...
Malware Analysis – globeimposter – 7791c18c9d4a94d80a7928644937c070
Score: 10 MALWARE FAMILY: globeimposterTAGS:family:globeimposter, persistence, ransomware, spyware, stealerMD5: 7791c18c9d4a94d80a7928644937c070SHA1: 41fca79af1747a862864d2c9114648d6f5404bedANALYSIS DATE: 2023-01-27T10:00:24ZTTPS: T1005, T1081, T1082, T1060, T1112 ScoreMeaningExample10Known badA...
Malware Analysis – djvu – 6e7944069833788ca9724acd32b28001
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: 6e7944069833788ca9724acd32b28001SHA1: 1d4c409bcfab7071775bbe6f9d202ffe412876f9ANALYSIS DATE: 2023-01-27T10:14:39ZTTPS:...
Malware Analysis – smokeloader – 72ce916457cd12dc4109d2c87e81328f
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 72ce916457cd12dc4109d2c87e81328fSHA1: 1b8e70394824f2494481b84a1b355b5a29cf8ae2ANALYSIS DATE: 2023-01-27T10:43:08ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Posh C2 Detected – 135[.]181[.]253[.]65:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
Nodejs simple-git module code execution | CVE-2022-25860
NAME__________Nodejs simple-git module code executionPlatforms Affected:Node.js simple-git 3.15.1Risk Level:8.1Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Nodejs simple-git module could allow a remote attacker...
Tenable.sc cross-site scripting | CVE-2023-24494
NAME__________Tenable.sc cross-site scriptingPlatforms Affected:Tenable Tenable.sc 5.23.1Risk Level:8.3Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Tenable.sc is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Book Store Management System cross-site scripting | CVE-2023-23024
NAME__________Book Store Management System cross-site scriptingPlatforms Affected:Risk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Book Store Management System is vulnerable to cross-site scripting, caused by...
Broadcom Symantec Identity Manager response splitting | CVE-2023-23950
NAME__________Broadcom Symantec Identity Manager response splittingPlatforms Affected:Broadcom Symantec Identity Manager 14.3 Broadcom Symantec Identity Manager 14.4Risk Level:8.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Broadcom Symantec...
Sengled Zigbee Smart Bulb denial of service | CVE-2022-47100
NAME__________Sengled Zigbee Smart Bulb denial of servicePlatforms Affected:Risk Level:8.1Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Sengled Zigbee Smart Bulb is vulnerable to a denial...
Jenkins Keycloak Authentication Plugin security bypass | CVE-2023-24456
NAME__________Jenkins Keycloak Authentication Plugin security bypassPlatforms Affected:Jenkins Keycloak Authentication Plugin 2.3.0Risk Level:8.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Jenkins Keycloak Authentication Plugin could allow a...
Sierra Wireless AirLink Router command execution | CVE-2022-46649
NAME__________Sierra Wireless AirLink Router command executionPlatforms Affected:Risk Level:8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Sierra Wireless AirLink Router could allow a remote authenticated attacker to...
Delta Electronics InfraSuite Device Master privilege escalation | CVE-2023-0444
NAME__________Delta Electronics InfraSuite Device Master privilege escalationPlatforms Affected:Delta Electronics InfraSuite Device Master 00.00.01aRisk Level:8.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Delta Electronics InfraSuite Device Master...
Econolite EOS brute force | CVE-2023-0452
NAME__________Econolite EOS brute forcePlatforms Affected:Risk Level:9.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Econolite EOS is vulnerable to a brute force attack, caused by the use...
Broadcom Symantec Identity Manager cross-site scripting | CVE-2023-23949
NAME__________Broadcom Symantec Identity Manager cross-site scriptingPlatforms Affected:Broadcom Symantec Identity Manager 14.3 Broadcom Symantec Identity Manager 14.4Risk Level:8.1Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Broadcom Symantec...
Daily Vulnerability Trends: Fri Jan 27 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-21225Improper neutralization in the Intel(R) Data Center Manager software before version 4.1...
Vice Society Ransomware Victim: Bristol Community College
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Malware Analysis – djvu – 7a16c7dc54ff82bafb8ff194789f2cf2
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 7a16c7dc54ff82bafb8ff194789f2cf2SHA1: 542345446ad059bbc82f554de67df8be1e6a070dANALYSIS DATE: 2023-01-27T04:22:36ZTTPS: T1060, T1112, T1082, T1005,...
Malware Analysis – smokeloader – 79f867b1b9a9b5b64b7fd471c63ccdd6
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 79f867b1b9a9b5b64b7fd471c63ccdd6SHA1: 83c1c343245518432ba561f72d65d52e9f607fbfANALYSIS DATE: 2023-01-27T03:16:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – discovery – 03845022a6a113f6c4de407b644e8c5a
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 03845022a6a113f6c4de407b644e8c5aSHA1: 3497d9894fc9b629e53c57cd2310f9c619dfe007ANALYSIS DATE: 2023-01-27T04:50:32ZTTPS: T1012, T1082, T1112, T1042, T1060 ScoreMeaningExample10Known badA malware family...
Malware Analysis – smokeloader – cff2799137f6dbfa54d7e8d6c45ab395
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: cff2799137f6dbfa54d7e8d6c45ab395SHA1: ee58b60a36e5152de027bb5d00e85c5b8b613a8bANALYSIS DATE: 2023-01-27T04:29:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – lockbit – 0ee7386109b1f3596ae62735cf53f6b3
Score: 10 MALWARE FAMILY: lockbitTAGS:family:lockbit, discovery, evasion, persistence, ransomwareMD5: 0ee7386109b1f3596ae62735cf53f6b3SHA1: 0a67f0154a003fd06597a28dd2fd3e2f63b333b7ANALYSIS DATE: 2023-01-27T05:13:45ZTTPS: T1490, T1046, T1082, T1018, T1491, T1112, T1060,...
Malware Analysis – lockbit – ebd239b8b8fe486b2a13a5896a96d044
Score: 10 MALWARE FAMILY: lockbitTAGS:family:lockbit, discovery, evasion, persistence, ransomwareMD5: ebd239b8b8fe486b2a13a5896a96d044SHA1: 60821226d8d934d488d4f8e8081c32c6a73f8929ANALYSIS DATE: 2023-01-27T05:22:03ZTTPS: T1490, T1046, T1060, T1112, T1082, T1107 ScoreMeaningExample10Known...
