Cobalt Stike Beacon Detected – 147[.]182[.]240[.]197:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 128[.]199[.]223[.]60:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 185[.]70[.]184[.]91:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 193[.]201[.]9[.]197:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 202[.]79[.]170[.]119:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 81[.]69[.]26[.]240:8099
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 120[.]27[.]213[.]221:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
A flaw in Rust Programming language could allow to delete files and directories
The maintainers of the Rust programming language fixed a high-severity flaw that could allow attackers to delete files and directories...
Investigating APT36 or Earth Karkaddan’s Attack Chain and Malware Arsenal
We investigated the most recent activities of APT36, also known as Earth Karkaddan, a politically motivated advanced persistent threat (APT)...
Analysis and Impact of LockBit Ransomware’s First Linux and VMware ESXi Variant
LockBit ransomware's operators announced the release of its first Linux and ESXi variant in October. With samples also spotted in...
US-CERT Bulletin (SB22-024):Vulnerability Summary for the Week of January 17, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Tens of AccessPress WordPress themes compromised as part of a supply chain attack
Threat actors planted a backdoor into multiple WordPress themes and plugins after compromising the website of their developer. In a...
Http2Smugl – Tool to detect and exploit HTTP request smuggling in cases it can be achieved via HTTP/2 -> HTTP/1.1 conversion
This tool helps to detect and exploit HTTP request smuggling in cases it can be achieved via HTTP/2 -> HTTP/1.1...
Microsoft is now disabling Excel 4.0 macros by default
Back in October 2021, Microsoft announced in an email sent to customers that it planned to disable Excel 4.0 macros...
Warning issued over tampered QR codes
Avid readers of the Malwarebytes Labs blog are quite aware of QR code shenanigans—both within and outside of the United...
Dark Souls servers taken offline over hacking fears
There’s been trouble brewing over the weekend for players of the smash-hit Dark Souls series. PvP servers (player vs player)...
CVE-2021-44701
Summary: Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by a use-after-free...
CVE-2022-23094
Summary: Libreswan 4.2 through 4.5 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash)...
CVE-2021-44049
Summary: CyberArk Endpoint Privilege Manager (EPM) through 11.5.3.328 before 2021-12-20 allows a local user to gain elevated privileges via a...
CVE-2022-0240
Summary: mruby is vulnerable to NULL Pointer Dereference Reference Links(if available): https://huntr.dev/bounties/5857eced-aad9-417d-864e-0bdf17226cbb https://github.com/mruby/mruby/commit/31fa3304049fc406a201a72293cce140f0557dca CVSS Score (if available) v2: / MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P...
CVE-2021-25036
Summary: The All in One SEO WordPress plugin before 4.1.5.3 is affected by a Privilege Escalation issue, which was discovered...
Russian authorities arrested the kingpin of cybercrime Infraud Organization
Russian authorities arrested four alleged members of the international cyber theft ring tracked as ‘Infraud Organization.’ In February 2008, the...
Emotet spam uses unconventional IP address formats to evade detection
Experts warn Emotet malware campaign using “unconventional” IP address formats in an attempt to evade detection. Threat actors behind a...
VulnLab – A Web Vulnerability Lab Project
Contact Website Linkedln Twitter Instagram Download VulnLab If you like the site, please consider joining the telegram channel or supporting...
