Cobalt Stike Beacon Detected – 51[.]178[.]11[.]176:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 167[.]99[.]217[.]14:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 121[.]4[.]132[.]216:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – ransomware – b4fa7b82c6a344a23b4a520b58241f8c
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: b4fa7b82c6a344a23b4a520b58241f8cSHA1: fb940e05a70f7c47c1756ada2ce6bbf4fbd175e1ANALYSIS DATE: 2022-10-27T10:40:32ZTTPS: T1082, T1107, T1490, T1091, T1005, T1081 ScoreMeaningExample10Known badA malware...
Malware Analysis – ransomware – 4f3c30245d9e71db55a8d59eb4a3f0b9
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 4f3c30245d9e71db55a8d59eb4a3f0b9SHA1: 19e45a85adac1bd5eee04e683f8ea8e02dae42b8ANALYSIS DATE: 2022-10-27T10:40:28ZTTPS: T1107, T1490, T1091, T1005, T1081, T1082 ScoreMeaningExample10Known badA malware...
Malware Analysis – ransomware – 3aee6dfb793b90415046c55728e03fcb
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 3aee6dfb793b90415046c55728e03fcbSHA1: 0e0c59a7f835aa33fdd56f4500b3a8d732e13bc3ANALYSIS DATE: 2022-10-27T10:40:19ZTTPS: T1005, T1081, T1082, T1107, T1490, T1091 ScoreMeaningExample10Known badA malware...
Malware Analysis – ransomware – c1d45de8eedca095a1b4bbc87ca30edf
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: c1d45de8eedca095a1b4bbc87ca30edfSHA1: 6c298fa8d903836b42114423131a63834af9252fANALYSIS DATE: 2022-10-27T10:40:23ZTTPS: T1082, T1107, T1490, T1091, T1005, T1081 ScoreMeaningExample10Known badA malware...
Malware Analysis – ransomware – 013636f2335ee89b25cd923f75d5e38d
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 013636f2335ee89b25cd923f75d5e38dSHA1: 466abfaaeb5eea578588160e4cba408e401e77c9ANALYSIS DATE: 2022-10-27T10:40:45ZTTPS: T1082, T1107, T1490, T1091, T1005, T1081 ScoreMeaningExample10Known badA malware...
Malware Analysis – ransomware – e5482be8c4cf530f0b801fc7beeaa5c7
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: e5482be8c4cf530f0b801fc7beeaa5c7SHA1: 2e705f86fc0a7acc3bdd1518dd403650f2ab40abANALYSIS DATE: 2022-10-27T10:40:36ZTTPS: T1005, T1081, T1082, T1107, T1490, T1091 ScoreMeaningExample10Known badA malware...
Malware Analysis – evasion – 1be5c06e51392d4039230172194537af
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealerMD5: 1be5c06e51392d4039230172194537afSHA1: 7aca4262621e563e207e8cb2a6bbfd8ab48b0b12ANALYSIS DATE: 2022-10-27T10:55:30ZTTPS: T1060, T1112, T1070, T1005, T1081, T1012, T1082...
Malware Analysis – ransomware – cc81f0cdefab1bd25dc1e2ddfe316440
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: cc81f0cdefab1bd25dc1e2ddfe316440SHA1: 4dae9abc021c7011fa364d4749fac76fa9fd38eaANALYSIS DATE: 2022-10-27T10:40:40ZTTPS: T1082, T1107, T1490, T1091, T1005, T1081 ScoreMeaningExample10Known badA malware...
Using secure messaging, voice and collaboration apps
Using secure messaging, voice and collaboration apps With 'hybrid working' (a combination of working from home and the office) now...
Why vulnerabilities are like buses
Why vulnerabilities are like buses There's an old saying that you wait ages for a bus, and then several come...
Log4j vulnerability: what should boards be asking?
Log4j vulnerability: what should boards be asking? The Log4Shell critical vulnerability in the widely used logging tool Log4j has caused concern...
Cyber Security in the Built Environment – considering security throughout a buildings lifecycle
Cyber Security in the Built Environment - considering security throughout a buildings lifecycle A building being designed today is, as...
‘Transaction monitoring’ & ‘Building and operating a secure online service’ guidance published
'Transaction monitoring' & 'Building and operating a secure online service' guidance published If you're responsible for the designing and running...
The Technology Assurance principles
The Technology Assurance principles In this blog post I want to introduce a new family of principles, the Technology Assurance...
Zero Trust migration: where do I start?
Zero Trust migration: where do I start? Following our ‘Zero Trust: is it right for me?' blog, this second installment...
The Cyber Assessment Framework 3.1
The Cyber Assessment Framework 3.1 This latest version of the Cyber Assessment Framework (CAF), 3.1, supports the CAF's core users -...
ACD the 5th Year: report now available to download
ACD the 5th Year: report now available to download The aim of the NCSC's Active Cyber Defence (ACD) programme is...
Mythbusting cloud key management services
Mythbusting cloud key management services The NCSC’s recently-updated cloud security guidance includes a new section on how to configure and...
Avoiding crisis mismanagement
Avoiding crisis mismanagement Every day, an eclectic range of cyber attacks take place across the UK. No two attacks are...
Relaunching the NCSC’s Cloud security guidance collection
Relaunching the NCSC's Cloud security guidance collection This week we have launched the updated NCSC’s cloud security guidance. It’s more...
New SOC guidance 101
New SOC guidance 101 Security operations centres (or SOCs) are notoriously difficult to design, build and operate. But they're also...
