XLL_Phishing – XLL Phishing Tradecraft
With Microsoft's recent announcement regarding the blocking of macros in documents originating from the internet (email AND web download), attackers...
Cobalt Stike Beacon Detected – 45[.]32[.]104[.]184:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]142[.]117[.]98:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 114[.]55[.]173[.]68:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 114[.]115[.]178[.]24:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 141[.]98[.]215[.]183:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 137[.]220[.]133[.]49:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]223[.]204[.]198:5555
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 171[.]22[.]30[.]237:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]29[.]115[.]137:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 120[.]48[.]98[.]49:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 213[.]202[.]216[.]230:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]136[.]14[.]131:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 42[.]193[.]219[.]229:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]142[.]138[.]251:8090
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
D-Link DIR-2150 command execution | CVE-2022-40719
NAME D-Link DIR-2150 command execution Platforms Affected:D-Link DIR-2150Risk Level:8.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION D-Link DIR-2150 could allow a remote attacker...
D-Link DIR-2150 buffer overflow | CVE-2022-40718
NAME D-Link DIR-2150 buffer overflow Platforms Affected:D-Link DIR-2150Risk Level:8.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION D-Link DIR-2150 is vulnerable to a stack-based...
Bento4 code execution | CVE-2022-40737
NAME Bento4 code execution Platforms Affected:Bento4 Bento4 1.6.0-639Risk Level:7.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Bento4 could allow a remote attacker to...
Node.js ember-cli-htmlbars-3 module code execution |
NAME Node.js ember-cli-htmlbars-3 module code execution Platforms Affected:Node.js ember-cli-htmlbars-3Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js ember-cli-htmlbars-3 module could allow a remote attacker...
WPGateway plugin for WordPress privilege escalation | CVE-2022-3180
NAME WPGateway plugin for WordPress privilege escalation Platforms Affected:WordPress WPGateway plugin for WordPress 3.5 WordPress WPGateway plugin for WordPress 3.4Risk...
D-Link DIR-2150 buffer overflow | CVE-2022-40717
NAME D-Link DIR-2150 buffer overflow Platforms Affected:D-Link DIR-2150Risk Level:8.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION D-Link DIR-2150 is vulnerable to a stack-based...
steal code execution | CVE-2022-37266
NAME steal code execution Platforms Affected:stealjs steal 2.2.4Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION steal could allow a remote attacker to execute arbitrary...
Node.js pages-plugins-example module code execution |
NAME Node.js pages-plugins-example module code execution Platforms Affected:Node.js pages-plugins-exampleRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js pages-plugins-example module could allow a remote attacker...
Node.js vscode-regexp-languagedetection module code execution |
NAME Node.js vscode-regexp-languagedetection module code execution Platforms Affected:Node.js vscode-regexp-languagedetectionRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js vscode-regexp-languagedetection module could allow a remote attacker...
