OSINT

CISA: CISA Releases Two SBOM Documents

April 30, 2023

CISA Releases Two SBOM Documents Today, CISA released two community-drafted documents around Software Bill of Materials (SBOM): Types of SBOM...

CISA: Drupal Releases Security Advisory to Address Vulnerability in Drupal Core

April 30, 2023

Drupal Releases Security Advisory to Address Vulnerability in Drupal Core Drupal has released a security advisory to address an access...

CISA: Abuse of the Service Location Protocol May Lead to DoS Attacks

April 30, 2023

Abuse of the Service Location Protocol May Lead to DoS Attacks The Service Location Protocol (SLP, RFC 2608(link is external))...

CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog

April 30, 2023

CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...

CISA: CISA Releases Two Industrial Control Systems Advisories

April 30, 2023

CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on April 25, 2023. These...

CISA: CISA Releases One Industrial Control Systems Medical Advisory

April 30, 2023

CISA Releases One Industrial Control Systems Medical Advisory CISA released one Industrial Control Systems Medical (ICS) medical advisory on April...

CISA: CISA Requests for Comment on Secure Software Self-Attestation Form

April 30, 2023

CISA Requests for Comment on Secure Software Self-Attestation Form CISA has issued requests for comment on the Secure Software Self-Attestation...

Bearer – Code Security Scanning Tool (SAST) That Discover, Filter And Prioritize Security Risks And Vulnerabilities Leading To Sensitive Data Exposures (PII, PHI, PD)

April 29, 2023

Discover, filter, and prioritize security risks and vulnerabilities impacting your code. Bearer is a static application security testing (SAST) tool...

9a6d23b1b8322752c865399b654d25a3e5d256b0b5bb17a22f85ae58df38d60d

FirebaseExploiter – Vulnerability Discovery Tool That Discovers Firebase Database Which Are Open And Can Be Exploitable

April 29, 2023

FirebaseExploiter is a vulnerability discovery tool that discovers Firebase Database which are open and can be exploitable. Primarily built for...

Malware Analysis – persistence – 09250d8b8323c62fb59941b458fa70d1

April 29, 2023

Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 09250d8b8323c62fb59941b458fa70d1SHA1: da5f6347207257139ac82b50bc8276de9c1afd9eANALYSIS DATE: 2023-04-29T15:39:47ZTTPS: T1112, T1060, T1012, T1120, T1082, T1107, T1490 ScoreMeaningExample10Known badA malware...

Malware Analysis – djvu – cabb11a8e237ff7233e19b9cb6cc829d

April 29, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, spyware, stealerMD5: cabb11a8e237ff7233e19b9cb6cc829dSHA1: ffe487aba123018573a275adfe98c44d1cee9c77ANALYSIS DATE: 2023-04-29T15:35:17ZTTPS: T1060, T1112, T1222, T1053,...

Malware Analysis – djvu – 1420395c269bb059c6f60d8faee97088

April 29, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, spyware, stealerMD5: 1420395c269bb059c6f60d8faee97088SHA1: 1c3662586dcf5451f479d7c1812a22cc9db25dbdANALYSIS DATE: 2023-04-29T16:22:32ZTTPS: T1012, T1082, T1005, T1081,...

Malware Analysis – ransomware – b55fca9a67bd38321a51a8724b61ee12

April 29, 2023

Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: b55fca9a67bd38321a51a8724b61ee12SHA1: 99e8e1961755df056c605ca052e92da3ddb0a3d3ANALYSIS DATE: 2023-04-29T15:56:53ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – amadey – cea30f806e644cebe48399eefa345e51

April 29, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:icedid, family:redline, family:smokeloader, family:vidar, botnet:1616034f091df9fd0229bc38dd17597f, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:potok 2, botnet:pub1, campaign:252847557, backdoor, banker, discovery, evasion,...

Malware Analysis – amadey – 845774441d6a856cfb4529fdef819fda

April 29, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:1616034f091df9fd0229bc38dd17597f, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:potok 2, botnet:pub1, backdoor, discovery, evasion, infostealer, persistence, ransomware,...

OSINT

CISA: CISA Releases Two SBOM Documents

CISA: Drupal Releases Security Advisory to Address Vulnerability in Drupal Core

CISA: Abuse of the Service Location Protocol May Lead to DoS Attacks

CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA: CISA Releases Two Industrial Control Systems Advisories

CISA: CISA Releases One Industrial Control Systems Medical Advisory

CISA: CISA Requests for Comment on Secure Software Self-Attestation Form

Bearer – Code Security Scanning Tool (SAST) That Discover, Filter And Prioritize Security Risks And Vulnerabilities Leading To Sensitive Data Exposures (PII, PHI, PD)

FirebaseExploiter – Vulnerability Discovery Tool That Discovers Firebase Database Which Are Open And Can Be Exploitable

Malware Analysis – persistence – 09250d8b8323c62fb59941b458fa70d1

Malware Analysis – djvu – cabb11a8e237ff7233e19b9cb6cc829d

Malware Analysis – djvu – 1420395c269bb059c6f60d8faee97088

Malware Analysis – ransomware – b55fca9a67bd38321a51a8724b61ee12

Malware Analysis – amadey – cea30f806e644cebe48399eefa345e51

Malware Analysis – amadey – 845774441d6a856cfb4529fdef819fda

LockBit 3.0 Ransomware Victim: baughmanco[.]com

ChatGPT is Back in Italy After Addressing Data Privacy Concerns

CISA Warns of Critical Flaws in Illumina’s DNA Sequencing Instruments

RansomHouse Ransomware Victim: Albany ENT & Allergy Services

Mandiant’s mWISE Event is Where Security’s Best Get Better

CISA warns of critical bugs in Illumina DNA sequencing systems

Hackers swap stealth for realistic checkout forms to steal credit cards

ViperSoftX info-stealing malware now targets password managers

The Week in Ransomware – April 28th 2023 – Clop at it again

CVE Alert: CVE-2025-49876

CVE Alert: CVE-2025-49884

CVE Alert: CVE-2025-50028

CVE Alert: CVE-2025-49888

CVE Alert: CVE-2025-52714

You may have missed