OSINT

Ransomware Review December 2023

December 20, 2023

This article is based on research by Marcelo Rivero, Malwarebytes’ ransomware specialist, who monitors information published by ransomware gangs on...

BianLian Ransomware Victim: Air Sino-Euro Associates Travel Pte[.] Ltd

December 20, 2023

BianLian Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...

47b97a3436a99ec886eb2c5c50ac1551e3c8b782701834fccd0e843119b5699e

Xfinity Discloses Data Breach Affecting Over 35 Million People

December 20, 2023

Comcast Cable Communications, doing business as Xfinity, disclosed on Monday that attackers who breached one of its Citrix servers in...

Terrapin Attacks Can Downgrade Security Of Openssh Connections

December 20, 2023

Academic researchers developed a new attack called Terrapin that manipulates sequence numbers during the handshake process to breaks the SSH...

de830df54b80a40e6ae0489c4aa6688832ef380ef4f81cdfaa89a8b14c9551df

Interpol Operation Arrests 3 500 Cybercriminals Seizes 300 Million

December 20, 2023

An international law enforcement operation codenamed 'Operation HAECHI IV' has led to the arrest of 3,500 suspects of various lower-tier...

64dfb665a6d757dd68ca0ecd51f6afcdf0fbed336f36f731be189da17a2bec33

New Web Injections Campaign Steals Banking Data From 50 000 People

December 20, 2023

A new malware campaign that emerged in March 2023 used JavaScript web injections to try to steal the banking data...

0752e5ab042c34b2b8abfb14b35a4626191edeec8bb42b917dacf8a998a4dad3

Fbi Disrupts Blackcat Ransomware Operation Creates Decryption Tool

December 20, 2023

Update added below about the unseizing of the data leak site and a message from the ransomware gang. The Department...

69e6df8c7e3645fe6688ad5431ea5e6c5c0598979c81a0157ab383f6810f8146

How The Fbi Seized Blackcat Alphv Ransomwares Servers

December 20, 2023

An unsealed FBI search warrant revealed how law enforcement hijacked the ALPHV/BlackCat ransomware operations websites and seized the associated URLs....

67d29292698041cf493649c6d20d83844f96d61eb06637ffa180024b3137790d

Fbi Alphv Ransomware Raked In 300 Million From Over 1 000 Victims

December 20, 2023

The ALPHV/BlackCat ransomware gang has made over $300 million in ransom payments from more than 1,000 victims worldwide as of September 2023,...

CISA: Fortinet Releases Security Updates for Multiple Products

December 20, 2023

Fortinet Releases Security Updates for Multiple Products Fortinet has released security updates to address vulnerabilities in multiple Fortinet products. A...

CISA: CISA Releases Seventeen Industrial Control Systems Advisories

December 20, 2023

CISA Releases Seventeen Industrial Control Systems Advisories CISA released seventeen Industrial Control Systems (ICS) advisories on December 14, 2023. These...

CISA: CISA Releases Two Industrial Control Systems Advisories

December 20, 2023

CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on December 12, 2023. These...

CISA: CISA and Partners Release Advisory on Russian SVR-affiliated Cyber Actors Exploiting CVE-2023-42793

December 20, 2023

CISA and Partners Release Advisory on Russian SVR-affiliated Cyber Actors Exploiting CVE-2023-42793 Today, CISA—along with the U.S. Federal Bureau of...

CISA: The Apache Software Foundation Updates Struts 2

December 20, 2023

The Apache Software Foundation Updates Struts 2 The Apache Software Foundation has released security updates to address a vulnerability (CVE-2023-50164)...

CISA: CISA Releases Seven Industrial Control Systems Advisories

December 20, 2023

CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on December 19, 2023. These...

CISA: CISA and FBI Release Advisory on ALPHV Blackcat Affiliates

December 20, 2023

CISA and FBI Release Advisory on ALPHV Blackcat Affiliates Today, CISA and the Federal Bureau of Investigation (FBI) released a...

CISA: CISA Secure by Design Alert Urges Manufacturers to Eliminate Default Passwords

December 20, 2023

CISA Secure by Design Alert Urges Manufacturers to Eliminate Default Passwords Today, CISA published guidance on How Manufacturers Can Protect...

CISA: FBI, CISA, and ASD’s ACSC Release Advisory on Play Ransomware

December 20, 2023

FBI, CISA, and ASD’s ACSC Release Advisory on Play Ransomware Today, the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure...

CISA: CISA Releases Advisory on Cyber Resilience for the HPH Sector

December 20, 2023

CISA Releases Advisory on Cyber Resilience for the HPH Sector Today, CISA released a Cybersecurity Advisory, Enhancing Cyber Resilience: Insights...

a0cda1a994826148d86ea60a5690b21194dd37a9d164ccb304410629ffaafee6

PySQLRecon – Offensive MSSQL Toolkit Written In Python, Based Off SQLRecon

December 19, 2023

PySQLRecon is a Python port of the awesome SQLRecon project by @sanjivkawa. See the commands section for a list of...

CISA: CISA and FBI Release Advisory on ALPHV Blackcat Affiliates

December 19, 2023

CISA and FBI Release Advisory on ALPHV Blackcat Affiliates Today, CISA and the Federal Bureau of Investigation (FBI) released a...

CISA: CISA Releases Seven Industrial Control Systems Advisories

December 19, 2023

CISA Releases Seven Industrial Control Systems Advisories CISA released seven Industrial Control Systems (ICS) advisories on December 19, 2023. These...

PikaBot C2 Detected – 216[.]238[.]79[.]12:2221

December 19, 2023

PikaBot C2 The Information provided at the time of posting was detected as "PikaBot C2". Depending on when you are...

PikaBot C2 Detected – 172[.]232[.]54[.]192:2224

December 19, 2023

PikaBot C2 The Information provided at the time of posting was detected as "PikaBot C2". Depending on when you are...

OSINT

Ransomware Review December 2023

BianLian Ransomware Victim: Air Sino-Euro Associates Travel Pte[.] Ltd

Xfinity Discloses Data Breach Affecting Over 35 Million People

Terrapin Attacks Can Downgrade Security Of Openssh Connections

Interpol Operation Arrests 3 500 Cybercriminals Seizes 300 Million

New Web Injections Campaign Steals Banking Data From 50 000 People

Fbi Disrupts Blackcat Ransomware Operation Creates Decryption Tool

How The Fbi Seized Blackcat Alphv Ransomwares Servers

Fbi Alphv Ransomware Raked In 300 Million From Over 1 000 Victims

CISA: Fortinet Releases Security Updates for Multiple Products

CISA: CISA Releases Seventeen Industrial Control Systems Advisories

CISA: CISA Releases Two Industrial Control Systems Advisories

CISA: CISA and Partners Release Advisory on Russian SVR-affiliated Cyber Actors Exploiting CVE-2023-42793

CISA: The Apache Software Foundation Updates Struts 2

CISA: CISA Releases Seven Industrial Control Systems Advisories

CISA: CISA and FBI Release Advisory on ALPHV Blackcat Affiliates

CISA: CISA Secure by Design Alert Urges Manufacturers to Eliminate Default Passwords

CISA: FBI, CISA, and ASD’s ACSC Release Advisory on Play Ransomware

CISA: CISA Releases Advisory on Cyber Resilience for the HPH Sector

PySQLRecon – Offensive MSSQL Toolkit Written In Python, Based Off SQLRecon

CISA: CISA and FBI Release Advisory on ALPHV Blackcat Affiliates

CISA: CISA Releases Seven Industrial Control Systems Advisories

PikaBot C2 Detected – 216[.]238[.]79[.]12:2221

PikaBot C2 Detected – 172[.]232[.]54[.]192:2224

Google Pushes Emergency Patch For Chrome 0 Day – Check Your Browser Version Now

The Notepad That Knew Too Much: Humble Text Editor Gets Unnecessary Ai Infusion

Two Scattered Spider Teens Charged Over Attack On London’s Transport Network

Cobalt Strike Beacon Detected – 1[.]92[.]138[.]71:8080

Cobalt Strike Beacon Detected – 118[.]25[.]91[.]151:80

You may have missed