Does Your Help Desk Know Who’s Calling?
Phishing, the theft of users' credentials or sensitive data using social engineering, has been a significant threat since the early...
OSINT
Iranian Hackers Target Women Involved in Human Rights and Middle East Politics
Iranian state-sponsored actors are continuing to engage in social engineering campaigns targeting researchers by impersonating a U.S. think tank. "Notably...
Cobalt Stike Beacon Detected – 179[.]43[.]162[.]6:10443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 216[.]83[.]38[.]235:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 119[.]91[.]141[.]173:8001
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 39[.]98[.]167[.]247:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 5239b4963a8dd2bddc6dcbd203851e31
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 5239b4963a8dd2bddc6dcbd203851e31SHA1: d770c3b7d73c5fb50adbc31e0479c79ab6747167ANALYSIS DATE: 2023-03-09T10:29:04ZTTPS: T1082, T1053, T1012, T1005, T1081,...
Malware Analysis – amadey – d6b9b6638f6427d82d83c5b08bde7ef7
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, backdoor, discovery, evasion, persistence, ransomware, stealer, trojanMD5: d6b9b6638f6427d82d83c5b08bde7ef7SHA1: 9b9caf7c62a21bedf100ab496dd4959a7d7ef7b8ANALYSIS DATE: 2023-03-09T09:34:31ZTTPS: T1012,...
Malware Analysis – bootkit – 8212c56b81cf868f127f5cb87e86ae44
Score: 8 MALWARE FAMILY: bootkitTAGS:bootkit, discovery, persistence, ransomwareMD5: 8212c56b81cf868f127f5cb87e86ae44SHA1: bc90de21627fd7bba718af8587ae68ef15cdd4adANALYSIS DATE: 2023-03-09T10:02:41ZTTPS: T1012, T1082, T1060, T1112, T1491, T1067, T1130 ScoreMeaningExample10Known...
Malware Analysis – djvu – 5bb17f0bd59304af2640fa2beb074d16
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 5bb17f0bd59304af2640fa2beb074d16SHA1: 64a300c6079fdcbb48f15d7ff8f801d6be160100ANALYSIS DATE: 2023-03-09T10:13:18ZTTPS: T1082, T1005, T1081, T1060, T1112,...
Cobalt Stike Beacon Detected – 116[.]205[.]129[.]254:5555
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 157[.]245[.]153[.]146:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 159[.]65[.]198[.]205:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 34[.]162[.]188[.]150:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – djvu – 185b3efe7ae7908a5d7767832f79fc20
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 185b3efe7ae7908a5d7767832f79fc20SHA1: 0eda0497474c4cf23809be14dd46f06c2f4f102dANALYSIS DATE: 2023-03-09T10:42:24ZTTPS: T1012, T1082, T1005, T1081, T1060,...
Malware Analysis – amadey – b89600a981edebb261b4076e2b05b528
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, backdoor, discovery, evasion, persistence, ransomware, stealer, trojanMD5: b89600a981edebb261b4076e2b05b528SHA1: 7dfb72a1401e3f230b43414cff60c43f3c927ce5ANALYSIS DATE: 2023-03-09T10:53:22ZTTPS: T1222,...
Malware Analysis – persistence – afa9d7c88c28e9b8cca140413cfb32e4
Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, spyware, stealerMD5: afa9d7c88c28e9b8cca140413cfb32e4SHA1: 6936af81c974d6c9e2e6eaedd4026a37135369bcANALYSIS DATE: 2023-03-09T10:50:58ZTTPS: T1491, T1112, T1082, T1060, T1005, T1081 ScoreMeaningExample10Known badA...
Malware Analysis – djvu – 7cd226630786c2dde981731544463b23
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, discovery, persistence, ransomware, spyware, stealerMD5: 7cd226630786c2dde981731544463b23SHA1: fbb8cb23aa804fda321bc9079cdcaf0d61095b96ANALYSIS DATE: 2023-03-09T10:34:30ZTTPS: T1005, T1081, T1222, T1082, T1053,...
Cobalt Stike Beacon Detected – 52[.]128[.]237[.]35:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]142[.]117[.]98:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 54[.]147[.]79[.]98:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 210[.]29[.]38[.]52:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
New ScrubCrypt Crypter Used in Cryptojacking Attacks Targeting Oracle WebLogic
The infamous cryptocurrency miner group called 8220 Gang has been observed using a new crypter called ScrubCrypt to carry out...
New Critical Flaw in FortiOS and FortiProxy Could Give Hackers Remote Access
Fortinet has released fixes to address 15 security flaws, including one critical vulnerability impacting FortiOS and FortiProxy that could enable...
