CISA: Apple Releases Security Updates for Multiple Products
Apple Releases Security Updates for Multiple Products Apple has released security updates to address vulnerabilities in multiple products. An attacker...
OSINT
Cobalt Stike Beacon Detected – 47[.]108[.]52[.]84:5555
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 67[.]205[.]138[.]197:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]223[.]91[.]53:88
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 103[.]211[.]124[.]126:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 122[.]152[.]234[.]71:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 119[.]45[.]188[.]91:2087
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 150[.]158[.]100[.]126:88
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 192[.]3[.]76[.]38:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
APT37 hackers deploy new FadeStealer eavesdropping malware
The North Korean APT37 hacking group uses a new 'FadeStealer' information-stealing malware containing a 'wiretapping' feature, allowing the threat actor...
DuckDuckGo browser for Windows available for everyone as public beta
DuckDuckGo has released its privacy-centric browser for Windows to the general public. It is a beta version available for download...
VMware fixes vCenter Server bugs allowing code execution, auth bypass
VMware has addressed multiple high-severity security flaws in vCenter Server, which can let attackers gain code execution and bypass authentication...
Millions of GitHub repos likely vulnerable to RepoJacking, researchers say
Millions of GitHub repositories may be vulnerable to dependency repository hijacking, also known as "RepoJacking," which could help attackers deploy...
CISA orders govt agencies to patch bugs exploited by Russian hackers
On Thursday, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added six more security flaws to its known exploited vulnerabilities...
Microsoft: Hackers hijack Linux systems using trojanized OpenSSH version
Microsoft says Internet-exposed Linux and Internet of Things (IoT) devices are being hijacked in brute-force attacks as part of a...
Mirai botnet targets 22 flaws in D-Link, Zyxel, Netgear devices
A variant of the Mirai botnet is targeting almost two dozen vulnerabilities aiming to take control of D-Link, Arris, Zyxel,...
CISA: ISC Releases Security Advisories for Multiple Versions of BIND 9
ISC Releases Security Advisories for Multiple Versions of BIND 9 The Internet Systems Consortium (ISC) has released security advisories that...
CISA: Apple Releases Security Updates for Multiple Products
Apple Releases Security Updates for Multiple Products Apple has released security updates to address vulnerabilities in multiple products. An attacker...
MULTI#STORM Campaign Targets India and U.S. with Remote Access Trojans
A new phishing campaign codenamed MULTI#STORM has set its sights on India and the U.S. by leveraging JavaScript files to...
Malware Analysis – djvu – e0227bb951b0bd76d3a21ba42abd3574
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:153ce668f1e21829c936c2b11fa4d869, discovery, persistence, ransomware, spyware, stealerMD5: e0227bb951b0bd76d3a21ba42abd3574SHA1: d2c4f9ccaf0b92ebb9a6aba4179092f5df187da9ANALYSIS DATE: 2023-06-22T17:59:39ZTTPS: T1222, T1082, T1005, T1081,...
Malware Analysis – amadey – 14aa4c4bfae7b8b397572cd88870000e
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:fabookie, family:smokeloader, family:vidar, botnet:153ce668f1e21829c936c2b11fa4d869, botnet:pub1, backdoor, discovery, evasion, persistence, ransomware, spyware, stealer, trojanMD5: 14aa4c4bfae7b8b397572cd88870000eSHA1:...
Malware Analysis – evasion – 1b4e39e65dcc093252b4ddcf6951f258
Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 1b4e39e65dcc093252b4ddcf6951f258SHA1: 36153e151d49ce560049a4e17d9118eac1bba135ANALYSIS DATE: 2023-06-22T19:18:20ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – djvu – 45841d5084e8b6dcb2cae5f631abf9d0
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:153ce668f1e21829c936c2b11fa4d869, discovery, persistence, ransomware, spyware, stealerMD5: 45841d5084e8b6dcb2cae5f631abf9d0SHA1: c9be8e5c7559dd9d623f94247cead30f3efaf231ANALYSIS DATE: 2023-06-22T18:16:28ZTTPS: T1082, T1012, T1053, T1005,...
Malware Analysis – discovery – ce900ddf20b2554e60cb17de79ddfa27
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomware, trojanMD5: ce900ddf20b2554e60cb17de79ddfa27SHA1: 07b5f2d9e9683ca4bdf983f53b9726270094ffaaANALYSIS DATE: 2023-06-22T18:52:16ZTTPS: T1012, T1120, T1082, T1088, T1089, T1112, T1102,...
