CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
OSINT
Malware Analysis – ransomware – e0c0eb3003d60d0f9b138b99386f3ac5
Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: e0c0eb3003d60d0f9b138b99386f3ac5SHA1: 490055d08a5e685a9273ccdc21562d6e61f085ceANALYSIS DATE: 2023-04-23T15:53:28ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – d40e6770732b567015fd74c4ad7ab22b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:bf58e1879f88b222ba2391682babf9d8, discovery, persistence, ransomware, spyware, stealerMD5: d40e6770732b567015fd74c4ad7ab22bSHA1: 112d0a3a264ccb52d809cb8c3359733221fc1d1bANALYSIS DATE: 2023-04-23T16:11:01ZTTPS: T1005, T1081, T1060, T1112,...
Malware Analysis – amadey – 385f0863a2078a48cc981c21ca894af4
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, botnet:pub1, backdoor, discovery, ransomware, trojanMD5: 385f0863a2078a48cc981c21ca894af4SHA1: 1efec0751c7e72261acd3885bb1909ea1bfbf790ANALYSIS DATE: 2023-04-23T16:33:20ZTTPS: T1082, T1222, T1012, T1120,...
Malware Analysis – infinitylock – b805db8f6a84475ef76b795b0d1ed6ae
Score: 10 MALWARE FAMILY: infinitylockTAGS:family:infinitylock, ransomwareMD5: b805db8f6a84475ef76b795b0d1ed6aeSHA1: 7711cb4873e58b7adcf2a2b047b090e78d10c75bANALYSIS DATE: 2023-04-23T16:45:30ZTTPS: T1012, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – persistence – c9c341eaf04c89933ed28cbc2739d325
Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: c9c341eaf04c89933ed28cbc2739d325SHA1: c5b7d47aef3bd33a24293138fcba3a5ff286c2a8ANALYSIS DATE: 2023-04-23T16:55:28ZTTPS: T1107, T1490, T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – a138167f24490e16fc61019313b21fe9
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:bf58e1879f88b222ba2391682babf9d8, discovery, persistence, ransomware, spyware, stealerMD5: a138167f24490e16fc61019313b21fe9SHA1: 09083bb5f45cc3e4109d48980b01eb8ce97aad85ANALYSIS DATE: 2023-04-23T16:50:27ZTTPS: T1222, T1012, T1082, T1053,...
Brute Ratel C4 Detected – 52[.]68[.]31[.]77:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
GitHub now allows enabling private vulnerability reporting at scale
GitHub announced that private vulnerability reporting is now generally available and can be enabled at scale, on all repositories belonging...
Google ads push BumbleBee malware used by ransomware gangs
The enterprise-targeting Bumblebee malware is distributed through Google Ads and SEO poisoning that promote popular software like Zoom, Cisco AnyConnect,...
EvilExtractor malware activity spikes in Europe and the U.S.
Researchers are seeing a rise in attacks spreading the EvilExtractor data theft tool, used to steal users' sensitive data in...
BlackByte Ransomware Victim: Easy Automation
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
CISA: CISA and Partners Release Cybersecurity Best Practices for Smart Cities
CISA and Partners Release Cybersecurity Best Practices for Smart Cities Today, CISA, NSA, FBI, NCSC-UK(link is external), ACSC(link is external),...
CISA: CISA Releases Malware Analysis Report on ICONICSTEALER
CISA Releases Malware Analysis Report on ICONICSTEALER CISA has released a new Malware Analysis Report (MAR) on an infostealer known...
CISA: Oracle Releases Security Updates
Oracle Releases Security Updates Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for...
CISA: CISA to Continue and Enhance U.K.’s Logging Made Easy Tool
CISA to Continue and Enhance U.K.’s Logging Made Easy Tool CISA has announced plans to continue and enhance the Logging...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on April 20, 2023. These...
CISA: Drupal Releases Security Advisory to Address Vulnerability in Drupal Core
Drupal Releases Security Advisory to Address Vulnerability in Drupal Core Drupal has released a security advisory to address an access...
CISA: VMware Releases Security Update for Aria Operations for Logs
VMware Releases Security Update for Aria Operations for Logs VMware has released a security update to address multiple vulnerabilities in...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco has released security updates for vulnerabilities affecting Industrial Network Director (IND), Modeling...
CISA: CISA Releases Two SBOM Documents
CISA Releases Two SBOM Documents Today, CISA released two community-drafted documents around Software Bill of Materials (SBOM): Types of SBOM...
PowerMeUp – A Small Library Of Powershell Scripts For Post Exploitation That You May Need Or Use!
This is a powershell reverse shell that executes the commands and or scripts that you add to the powerreverse.ps1 file...
Malware Analysis – djvu – 58bed43c59725777ba297b624a20aa9b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:bf58e1879f88b222ba2391682babf9d8, discovery, persistence, ransomware, spyware, stealerMD5: 58bed43c59725777ba297b624a20aa9bSHA1: bf9175aa263d1430e14ba0d82c4b22dd8bce8fc2ANALYSIS DATE: 2023-04-22T15:30:39ZTTPS: T1005, T1081, T1222, T1082,...
