Threatest – Threatest Is A Go Framework For End-To-End Testing Threat Detection Rules
Threatest is a Go framework for testing threat detection end-to-end. Threatest allows you to detonate an attack technique, and verify...
LockBit 3.0 Ransomware Victim: greenstamp[.]co[.]jp
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Cobalt Stike Beacon Detected – 8[.]129[.]79[.]245:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 41[.]216[.]183[.]180:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]222[.]151[.]30:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]172[.]206[.]242:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 163[.]123[.]142[.]173:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]138[.]27[.]134:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 89[.]147[.]108[.]116:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 35[.]202[.]0[.]124:6000
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 103[.]114[.]161[.]16:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 39[.]106[.]45[.]206:9091
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 106[.]12[.]127[.]241:8099
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 103[.]135[.]101[.]185:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
cURL libcurl security bypass | CVE-2022-32221
NAME cURL libcurl security bypass Platforms Affected:cURL libcurl 7.7 cURL libcurl 7.85.0Risk Level:8.2Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION cURL libcurl could allow a...
Google Chrome V8 code execution | CVE-2022-3723
NAME Google Chrome V8 code execution Platforms Affected:Google Chrome 107.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote attacker...
Apache Linkis code execution | CVE-2022-39944
NAME Apache Linkis code execution Platforms Affected:Apache Linkis 1.0.0 Apache Linkis 1.1.0 Apache Linkis 1.2.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apache Linkis...
GnuPG Libksba buffer overflow | CVE-2022-3515
NAME GnuPG Libksba buffer overflow Platforms Affected:GnuPG Libksba 1.6.1Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION GnuPG Libksba could allow a remote attacker to...
Apache Flume code execution | CVE-2022-42468
NAME Apache Flume code execution Platforms Affected:Apache Flume 1.4.0 Apache Flume 1.5.0 Apache Flume 1.6.0 Apache Flume 1.7.0 Apache Flume...
Daily Vulnerability Trends: Sat Oct 29 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-39144A vulnerability has been identified in Parasolid V33.1 (All versions < V33.1.262),...
Malware Analysis – discovery – 0b069e6bee51dc6325e33d484a4b9a80
Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploitMD5: 0b069e6bee51dc6325e33d484a4b9a80SHA1: 1ceaf2a7ea247149bc1dc3cdac7d50bc38ce52f7ANALYSIS DATE: 2022-10-28T23:17:19ZTTPS: T1222, T1012 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – – 0e8a8fa96a1418741c15af44cb690750
Score: 1 MALWARE FAMILY: TAGS:MD5: 0e8a8fa96a1418741c15af44cb690750SHA1: 717adca2fba6c964724c54841c6921e50d393138ANALYSIS DATE: 2022-10-28T23:17:13ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – discovery – 0c1270c9281c8a540925b0c0853b9a50
Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploitMD5: 0c1270c9281c8a540925b0c0853b9a50SHA1: e62beb73aa010fba90d3ecd73d404871c63c2326ANALYSIS DATE: 2022-10-28T23:17:16ZTTPS: T1012, T1222 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – – 00fcdb991966bbd97c9b00ee31359b20
Score: 7 MALWARE FAMILY: TAGS:MD5: 00fcdb991966bbd97c9b00ee31359b20SHA1: 439d96c31a7f99d0fe558908650140001047cfbfANALYSIS DATE: 2022-10-28T23:17:21ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
