LockBit 2.0 Ransomware Victim: bernheim[.]org
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
LockBit 2.0 Ransomware Victim: northsideplumbing[.]com
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
LockBit 2.0 Ransomware Victim: amerplumb[.]com
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
Abcbot and Xanthe botnets have the same origin, experts discovered
Experts linked the C2 infrastructure behind an the Abcbot botnet to a cryptocurrency-mining botnet attack that was uncovered in December...
CVE-2021-33017
Summary: The standard access path of the IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) requires authentication, but the...
CVE-2021-45647
Summary: Certain NETGEAR devices are affected by disclosure of sensitive information. This affects EAX80 before 1.0.1.62, EX7000 before 1.0.1.104, R6120...
CVE-2021-32993
Summary: IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) contains hard-coded credentials, such as a password or a cryptographic...
CVE-2021-44161
Summary: Changing MOTP (Mobile One Time Password) system’s specific function parameter has insufficient validation for user input. A attacker in...
CVE-2021-44160
Summary: Carinal Tien Hospital Health Report System’s login page has improper authentication, a remote attacker can acquire another general user’s...
Cuba Ransomware Victim: Cle
Cuba Ransomware NOTE: The information on this page is automated and scraped directly from the Cuba Onion Dark Web Tor...
Cuba Ransomware Victim: Regulvar
Cuba Ransomware NOTE: The information on this page is automated and scraped directly from the Cuba Onion Dark Web Tor...
Cuba Ransomware Victim: Strongwell
Cuba Ransomware NOTE: The information on this page is automated and scraped directly from the Cuba Onion Dark Web Tor...
Cuba Ransomware Victim: Delinebox
Cuba Ransomware NOTE: The information on this page is automated and scraped directly from the Cuba Onion Dark Web Tor...
Indian-linked Patchwork APT infected its own system revealing its ops
The India-linked threat actor Patchwork infected one of their own computers with its RAT revealing its operations to researchers. An...
LockBit 2.0 Ransomware Victim: securiteassurance[.]com
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
LockBit 2.0 Ransomware Victim: torann-france[.]fr
LockBit 2.0 Ransomware NOTE: The information on this page is automated and scraped directly from the LockBit 2.0 Onion Dark...
A week in security (January 3 – 9)
Last week on Malwarebytes Labs: Ransomware attacks Finalsite, renders 8,000 school sites unreachable for daysPatchwork APT caught in its own...
LACheck – Multithreaded C# .NET Assembly Local Administrative Privilege Enumeration
Multithreaded C# .NET Assembly Local Administrative Privilege Enumeration Arguments domain controller to query (if not ran on a domain-joined host)...
Cobalt Stike Beacon Detected – 150[.]158[.]10[.]102:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]116[.]56[.]86:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 81[.]70[.]77[.]79:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 121[.]5[.]76[.]27:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 159[.]75[.]122[.]205:2052
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]76[.]196[.]185:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
