Exploit released for PaperCut flaw abused to hijack servers, patch now
Attackers are exploiting severe vulnerabilities in the widely-used PaperCut MF/NG print management software to install Atera remote management software to...
OSINT
APC warns of critical unauthenticated RCE flaws in UPS software
APC's Easy UPS Online Monitoring Software is vulnerable to unauthenticated arbitrary remote code execution, allowing hackers to take over devices...
KuCoin’s Twitter account hacked to promote crypto scam
KuCoin's Twitter account was hacked, allowing attackers to promote a fake giveaway scam that led to the theft of over...
Intel CPUs vulnerable to new transient execution side-channel attack
A new side-channel attack impacting multiple generations of Intel CPUs has been discovered, allowing data to be leaked through the...
MEO – 8,227 breached accounts
HIBP In early 2023, a corpus of data sourced from the New Zealand based face mask company MEO was discovered....
CISA: Oracle Releases Security Updates
Oracle Releases Security Updates Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on April 20, 2023. These...
CISA: CISA Releases Malware Analysis Report on ICONICSTEALER
CISA Releases Malware Analysis Report on ICONICSTEALER CISA has released a new Malware Analysis Report (MAR) on an infostealer known...
CISA: CISA to Continue and Enhance U.K.’s Logging Made Easy Tool
CISA to Continue and Enhance U.K.’s Logging Made Easy Tool CISA has announced plans to continue and enhance the Logging...
CISA: CISA and Partners Release Cybersecurity Best Practices for Smart Cities
CISA and Partners Release Cybersecurity Best Practices for Smart Cities Today, CISA, NSA, FBI, NCSC-UK(link is external), ACSC(link is external),...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
CISA: Drupal Releases Security Advisory to Address Vulnerability in Drupal Core
Drupal Releases Security Advisory to Address Vulnerability in Drupal Core Drupal has released a security advisory to address an access...
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco has released security updates for vulnerabilities affecting Industrial Network Director (IND), Modeling...
CISA: VMware Releases Security Update for Aria Operations for Logs
VMware Releases Security Update for Aria Operations for Logs VMware has released a security update to address multiple vulnerabilities in...
CISA: CISA Releases Two SBOM Documents
CISA Releases Two SBOM Documents Today, CISA released two community-drafted documents around Software Bill of Materials (SBOM): Types of SBOM...
KubeStalk – Discovers Kubernetes And Related Infrastructure Based Attack Surface From A Black-Box Perspective
KubeStalk is a tool to discover Kubernetes and related infrastructure based attack surface from a black-box perspective. This tool...
Nuclearpond – A Utility Leveraging Nuclei To Perform Internet Wide Scans For The Cost Of A Cup Of Coffee
Nuclear Pond is used to leverage Nuclei in the cloud with unremarkable speed, flexibility, and perform internet wide scans for...
Royal Ransomware Victim: MW Components
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Royal Ransomware Victim: Lake Dallas Independent School District
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Malware Analysis – djvu – 18d171bc6fea9f638c4d76698b2b7d7f
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, spyware, stealerMD5: 18d171bc6fea9f638c4d76698b2b7d7fSHA1: ab1aa609f0395ab1a410a8aeef94d9fc6f9b0fb6ANALYSIS DATE: 2023-04-24T15:22:21ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – evasion – 8effcc3b16c124f3ba46fe8e86947105
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: 8effcc3b16c124f3ba46fe8e86947105SHA1: d6b4f76d9bfbaae0fc944adb8cb9dd8f487050efANALYSIS DATE: 2023-04-24T14:32:46ZTTPS: T1012, T1082, T1112, T1060, T1158, T1491, T1120 ScoreMeaningExample10Known badA...
Malware Analysis – amadey – 0e5768e5106ad5956530ada9cbd08647
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:raccoon, family:rhadamanthys, family:smokeloader, family:vidar, botnet:5c24dc0e9726fcc756a18038ae4e0e67, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:fc8427198f843d72c1aa8a66db1a98f3, botnet:pub1, backdoor, collection, discovery, evasion, persistence, ransomware,...
Malware Analysis – amadey – ca89840f1259ebfe7a0e945c15ed79e5
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:raccoon, family:rhadamanthys, family:smokeloader, family:vidar, botnet:5c24dc0e9726fcc756a18038ae4e0e67, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:fc8427198f843d72c1aa8a66db1a98f3, botnet:pub1, backdoor, collection, discovery, evasion, persistence, ransomware,...
Malware Analysis – djvu – 9d416753c2a076fa65105a7d34fbe1cb
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, spyware, stealerMD5: 9d416753c2a076fa65105a7d34fbe1cbSHA1: 52e01796a7c5f0492d832f86708d4bfab0f2b690ANALYSIS DATE: 2023-04-24T15:43:58ZTTPS: T1005, T1081, T1012, T1060,...
