Google disrupts the CryptBot info-stealing malware operation
Google is taking down malware infrastructure linked to the Cryptbot info stealer after suing those using it to infect Google Chrome users...
OSINT
Thousands of Apache Superset servers exposed to RCE attacks
Apache Superset is vulnerable to authentication bypass and remote code execution at default configurations, allowing attackers to potentially access and...
PrestaShop fixes bug that lets any backend user delete databases
The open-source e-commerce platform PrestaShop has released a new version that addresses a critical-severity vulnerability allowing any back-office user to...
Cisco discloses XSS zero-day flaw in server management tool
Cisco disclosed today a zero-day vulnerability in the company's Prime Collaboration Deployment (PCD) software that can be exploited for cross-site...
Tencent QQ users hacked in mysterious malware attack, says ESET
A Chinese APT hacking group known as 'Evasive Panda' is linked to a mysterious attack that distributed the MsgBot malware as...
Clop, LockBit ransomware gangs behind PaperCut server attacks
Microsoft has attributed recent attacks on PaperCut servers to the Clop and LockBit ransomware operations, which used the vulnerabilities to...
Ukrainian arrested for selling data of 300M people to Russians
The Ukrainian cyber police have arrested a 36-year-old man from the city of Netishyn for selling the personal data and...
CISA: Drupal Releases Security Advisory to Address Vulnerability in Drupal Core
Drupal Releases Security Advisory to Address Vulnerability in Drupal Core Drupal has released a security advisory to address an access...
CISA: CISA to Continue and Enhance U.K.’s Logging Made Easy Tool
CISA to Continue and Enhance U.K.’s Logging Made Easy Tool CISA has announced plans to continue and enhance the Logging...
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco has released security updates for vulnerabilities affecting Industrial Network Director (IND), Modeling...
CISA: Oracle Releases Security Updates
Oracle Releases Security Updates Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on April 20, 2023. These...
RansomHouse Ransomware Victim: OMT Officine Meccaniche Torino S[.]p[.]A[.]
RansomHouse Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
CISA: CISA Releases Two SBOM Documents
CISA Releases Two SBOM Documents Today, CISA released two community-drafted documents around Software Bill of Materials (SBOM): Types of SBOM...
CISA: Abuse of the Service Location Protocol May Lead to DoS Attacks
Abuse of the Service Location Protocol May Lead to DoS Attacks The Service Location Protocol (SLP, RFC 2608(link is external))...
CISA: VMware Releases Security Update for Aria Operations for Logs
VMware Releases Security Update for Aria Operations for Logs VMware has released a security update to address multiple vulnerabilities in...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on April 25, 2023. These...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
Brute Ratel C4 Detected – 2600:9000:201b:aa00:16:f834:8940:93a1:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
PortEx – Java Library To Analyse Portable Executable Files With A Special Focus On Malware Analysis And PE Malformation Robustness
PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness,...
Malware Analysis – amadey – 2e2d214abd61d6b40e8ad5e9e437df45
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:smokeloader, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:pub1, botnet:sprg, backdoor, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 2e2d214abd61d6b40e8ad5e9e437df45SHA1:...
Malware Analysis – amadey – 05cd8d500f128d1c1ab6844e5b98eb4e
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:smokeloader, botnet:pub1, botnet:sprg, backdoor, discovery, ransomware, stealer, trojanMD5: 05cd8d500f128d1c1ab6844e5b98eb4eSHA1: 76211cea5ed0667e98e9b99312d6a40cd6ffb1faANALYSIS DATE: 2023-04-26T15:37:31ZTTPS: T1012,...
Malware Analysis – – 33868397a64763f16d88e37d4289697a
Score: 1 MALWARE FAMILY: TAGS:MD5: 33868397a64763f16d88e37d4289697aSHA1: 2bd06371967738d0101dc73ed3fa321cbeac4db6ANALYSIS DATE: 2023-04-26T16:00:59ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – amadey – fd68d6d16b3b5a68311907694d3c5967
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:redline, family:smokeloader, family:vidar, botnet:1379752987, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:sprg, backdoor, discovery, evasion, infostealer, persistence, ransomware, spyware,...
