CISA: CISA and CESER Releases Software Bill of Materials (SBOM) Sharing Lifecycle Report
CISA and CESER Releases Software Bill of Materials (SBOM) Sharing Lifecycle Report CISA and the U.S. Department of Energy (DOE)...
OSINT
Wa-Tunnel – Tunneling Internet Traffic Over Whatsapp
This is a Baileys based piece of code that lets you tunnel TCP data through two Whatsapp accounts. This can...
Royal Ransomware Victim: Stanley Electric U[.]S[.]
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Royal Ransomware Victim: City of Ballwin
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Royal Ransomware Victim: Mainstream Engineering
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Royal Ransomware Victim: 5Design
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Goldoson Android Malware Infects Over 100 Million Google Play Store Downloads
A new Android malware strain named Goldoson has been detected in the official Google Play Store spanning more than 60...
What’s the Difference Between CSPM & SSPM?
Cloud Security Posture Management (CSPM) and SaaS Security Posture Management (SSPM) are frequently confused. The similarity of the acronyms notwithstanding,...
YouTube Videos Distributing Aurora Stealer Malware via Highly Evasive Loader
Cybersecurity researchers have detailed the inner workings of a highly evasive loader named "in2al5d p3in4er" (read: invalid printer) that's used...
Malware Analysis – amadey – db51558dc4bf55de672371a810bf65fa
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:smokeloader, botnet:pub1, botnet:sprg, backdoor, discovery, ransomware, stealer, trojanMD5: db51558dc4bf55de672371a810bf65faSHA1: 65d70c827c402634a893d5d105f4e0dc177b6667ANALYSIS DATE: 2023-04-18T15:32:53ZTTPS: T1012,...
Malware Analysis – evasion – 96894e955b774d4732688adf11ba5851
Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 96894e955b774d4732688adf11ba5851SHA1: bc860e84f99b833570fd71c560b4881f506043e7ANALYSIS DATE: 2023-04-18T17:05:55ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – globeimposter – 612974dcb49adef982d9ad8d9cbdde36
Score: 10 MALWARE FAMILY: globeimposterTAGS:family:globeimposter, persistence, ransomware, spyware, stealerMD5: 612974dcb49adef982d9ad8d9cbdde36SHA1: b817e361bd0cc1819d7f6a1189f0f5d56ed48721ANALYSIS DATE: 2023-04-18T15:49:36ZTTPS: T1005, T1081, T1060, T1112 ScoreMeaningExample10Known badA malware...
Malware Analysis – xworm – 2342a4200ef17e6fbc11a8a3fe7ba814
Score: 10 MALWARE FAMILY: xwormTAGS:family:xworm, persistence, rat, trojanMD5: 2342a4200ef17e6fbc11a8a3fe7ba814SHA1: 44589e5234f5f87c9aa05688ea985f952480995fANALYSIS DATE: 2023-04-18T17:11:38ZTTPS: T1082, T1053, T1012, T1060, T1112 ScoreMeaningExample10Known badA malware...
Malware Analysis – amadey – 32396ee1814d8c60327863cc195f5dd3
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:lumma, family:smokeloader, botnet:pub1, botnet:sprg, backdoor, discovery, evasion, infostealer, persistence, ransomware, rat, spyware, stealer,...
Malware Analysis – ransomware – 229bf5daa2409fefac35dd91352a66d3
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 229bf5daa2409fefac35dd91352a66d3SHA1: 42d62c3c4b718afd6e479c370d10c0dea9d6bed7ANALYSIS DATE: 2023-04-18T17:31:35ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – chaos – c73392a1cc47f1f48e10efe0534d5169
Score: 10 MALWARE FAMILY: chaosTAGS:family:chaos, bootkit, evasion, persistence, ransomware, spyware, stealer, trojan, upxMD5: c73392a1cc47f1f48e10efe0534d5169SHA1: a180aab6d9bacf4a2353490681ac0061b5ea9448ANALYSIS DATE: 2023-04-18T17:41:55ZTTPS: T1490, T1059, T1107,...
Malware Analysis – ransomware – 003031ca225b277654d0ab190e689657
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 003031ca225b277654d0ab190e689657SHA1: 1ae8d950533be741d2a32852b730aea3fe822b8fANALYSIS DATE: 2023-04-18T17:48:02ZTTPS: T1005, T1081, T1491, T1112, T1082 ScoreMeaningExample10Known badA malware family...
Malware Analysis – aspackv2 – 8e12c4232322e22c2300c404ab435f6d
Score: 10 MALWARE FAMILY: aspackv2TAGS:aspackv2, evasion, ransomware, trojan, upxMD5: 8e12c4232322e22c2300c404ab435f6dSHA1: 1d98e7dc8219a55c17d61b6bf79c4fb0bbfec477ANALYSIS DATE: 2023-04-18T17:17:31ZTTPS: T1082, T1112, T1088, T1089, T1102, T1012, T1491...
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on April 18, 2023. These...
CISA: APT28 Exploits Known Vulnerability To Carry Out Reconnaissance and Deploy Malware on Cisco Routers
APT28 Exploits Known Vulnerability To Carry Out Reconnaissance and Deploy Malware on Cisco Routers NCSC(link is external), NSA, CISA, and...
DFIR via XDR: How to expedite your investigations with a DFIRent approach
Rapid technological evolution requires security that is resilient, up to date and adaptable. In this article, we will cover the...
Iranian Hackers Using SimpleHelp Remote Support Software for Persistent Access
The Iranian threat actor known as MuddyWater is continuing its time-tested tradition of relying on legitimate remote administration tools to...
What’s the Difference Between CSPM & SSPM?
Cloud Security Posture Management (CSPM) and SaaS Security Posture Management (SSPM) are frequently confused. The similarity of the acronyms notwithstanding,...
LockBit 3.0 Ransomware Victim: joriszorg[.]nl
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
