Cobalt Stike Beacon Detected – 193[.]233[.]175[.]106:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
OSINT
Shein’s Android App Caught Transmitting Clipboard Data to Remote Servers
An older version of Shein's Android application suffered from a bug that periodically captured and transmitted clipboard contents to a...
LastPass Hack: Engineer’s Failure to Update Plex Software Led to Massive Data Breach
The massive breach at LastPass was the result of one of its engineers failing to update Plex on their home...
Malware Analysis – djvu – 6c46bd1e98cea276b9cf7da8dcfc7bbf
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: 6c46bd1e98cea276b9cf7da8dcfc7bbfSHA1: 665996a9cf1bb412fa9a144e1e986e225938fca4ANALYSIS DATE: 2023-03-07T04:32:01ZTTPS: T1053, T1060, T1112, T1222, T1082, T1012 ScoreMeaningExample10Known badA...
Malware Analysis – djvu – 5455cf36a15f21a0f31769c4c4d6655c
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: 5455cf36a15f21a0f31769c4c4d6655cSHA1: c7023a3139820e0c7e9bb995349c6ea09da2861dANALYSIS DATE: 2023-03-07T03:17:03ZTTPS: T1222, T1060, T1112, T1082, T1012, T1053 ScoreMeaningExample10Known badA...
Malware Analysis – lockbit – 4b122da82c589d68d15a98ba73997910
Score: 10 MALWARE FAMILY: lockbitTAGS:family:lockbit, ransomwareMD5: 4b122da82c589d68d15a98ba73997910SHA1: 3e4e31479d739e49af21f381a2be11a4e93d2d22ANALYSIS DATE: 2023-03-07T04:54:03ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – dharma – 6ed029b9794717d305103e9eb20a8d1f
Score: 10 MALWARE FAMILY: dharmaTAGS:family:dharma, persistence, ransomware, spyware, stealerMD5: 6ed029b9794717d305103e9eb20a8d1fSHA1: 956ebe054b5f286a1584b365dde59c130dd494eeANALYSIS DATE: 2023-03-07T04:44:09ZTTPS: T1082, T1112, T1107, T1490, T1005, T1081, T1060...
Malware Analysis – ransomware – 2706ddf9c7abaa877389ae566acf1fe8
Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 2706ddf9c7abaa877389ae566acf1fe8SHA1: 7f3fb8d2a67f73f26e0b57fa6d5bed9c461c2b8fANALYSIS DATE: 2023-03-07T04:50:20ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – babadeda – aaa058858261d7c0e73fa1b8264a9a3d
Score: 10 MALWARE FAMILY: babadedaTAGS:family:babadeda, crypter, evasion, loader, trojanMD5: aaa058858261d7c0e73fa1b8264a9a3dSHA1: 1233af8c8377567b2b8ebf7642f0036c9797596bANALYSIS DATE: 2023-03-07T04:48:05ZTTPS: T1082, T1012 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – lockbit – a7637dfb6b9408fe020d9333d0ade6dc
Score: 10 MALWARE FAMILY: lockbitTAGS:family:lockbit, evasion, persistence, ransomwareMD5: a7637dfb6b9408fe020d9333d0ade6dcSHA1: 930c34743ab12c80512723db0aa7b8b4762fcc84ANALYSIS DATE: 2023-03-07T05:03:03ZTTPS: T1490, T1059, T1107, T1491, T1112, T1018, T1082, T1012,...
Malware Analysis – djvu – 8a5c81cb9f1cec2468a596a6cf81cd01
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: 8a5c81cb9f1cec2468a596a6cf81cd01SHA1: 912dee147a557b5e3be75f53e608c02d66e2498cANALYSIS DATE: 2023-03-07T05:26:07ZTTPS: T1222, T1060, T1112, T1082, T1012, T1053 ScoreMeaningExample10Known badA...
Malware Analysis – – 7c5cba9d017262c75c329d88203499d8
Score: 7 MALWARE FAMILY: TAGS:MD5: 7c5cba9d017262c75c329d88203499d8SHA1: 4e2b80cf9d2ec3ba458110456037e53f2b86bacdANALYSIS DATE: 2023-03-07T05:13:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – ransomware – d27a6fca4044aa663fee95587670ad30
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: d27a6fca4044aa663fee95587670ad30SHA1: affc479462c7756ee00c4cdf3e12459116223a1bANALYSIS DATE: 2023-03-07T05:08:34ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – djvu – e227030d652d0435eca5602104fff392
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: e227030d652d0435eca5602104fff392SHA1: ec128acb345e8b29e8c80b3526aa01660c282478ANALYSIS DATE: 2023-03-07T05:33:22ZTTPS: T1060, T1112, T1222, T1082, T1053 ScoreMeaningExample10Known badA malware...
Malware Analysis – bootkit – 0c303ae1347c0395a96f3eb38d26d7ed
Score: 8 MALWARE FAMILY: bootkitTAGS:bootkit, evasion, persistence, ransomware, upxMD5: 0c303ae1347c0395a96f3eb38d26d7edSHA1: c8cf473a22fc86ddad00ec286e94422f4b7d5c59ANALYSIS DATE: 2023-03-07T05:58:42ZTTPS: T1112, T1082, T1067, T1491 ScoreMeaningExample10Known badA malware...
Malware Analysis – djvu – e8ed2bad8460aeba1c043cc6dba5965a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: e8ed2bad8460aeba1c043cc6dba5965aSHA1: c4f496d9855bc57fbd8a1ae5ca1693750e710e21ANALYSIS DATE: 2023-03-07T05:51:46ZTTPS: T1222, T1082, T1012, T1053, T1060, T1112 ScoreMeaningExample10Known badA...
Malware Analysis – djvu – e80ec3dc9b00399680eb7396815489ba
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomwareMD5: e80ec3dc9b00399680eb7396815489baSHA1: d6b23f8f2a225a45bfa3089d48116a801419bd96ANALYSIS DATE: 2023-03-07T05:30:09ZTTPS: T1082, T1012, T1053, T1222, T1060, T1112 ScoreMeaningExample10Known badA...
Eye4Fraud – 16,000,591 breached accounts
HIBP In February 2023, data alleged to have been taken from the fraud protection service Eye4Fraud was listed for sale...
iD Tech – 415,121 breached accounts
HIBP In February 2023, the tech camps for kids service iD Tech had almost 1M records posted to a popular...
Core DoppelPaymer ransomware gang members targeted in Europol operation
Europol has announced that law enforcement in Germany and Ukraine targeted two individuals believed to be core members of the...
FTC to ban BetterHelp from sharing mental health data with advertisers
The Federal Trade Commission (FTC) has proposed to ban the online counseling service BetterHelp from sharing its customers’ sensitive mental...
How to prevent Microsoft OneNote files from infecting Windows with malware
The seemingly innocuous Microsoft OneNote file has become a popular file format used by hackers to spread malware and breach...
Sandbox blockchain game breached to send emails linking to malware
The Sandbox blockchain game is warnings its community that a security incident caused some users to receive fraudulent emails impersonating...
New malware infects business routers for data theft, surveillance
An ongoing hacking campaign called 'Hiatus' targets DrayTek Vigor router models 2960 and 3900 to steal data from victims and...
