US, UK warn of govt hackers using custom malware on Cisco routers
The US, UK, and Cisco are warning of Russian state-sponsored APT28 hackers deploying a custom malware named 'Jaguar Tooth' on...
OSINT
New sandbox escape PoC exploit available for VM2 library, patch now
A security researcher has released, yet another sandbox escape proof of concept (PoC) exploit that makes it possible to execute...
Microsoft: Iranian hackers behind retaliatory cyberattacks on US orgs
Microsoft has discovered that an Iranian hacking group known as 'Mint Sandstorm' is conducting cyberattacks on US critical infrastructure in...
The Attacks that can Target your Windows Active Directory
Active Directory is at the center of many attacks as it is still the predominant source of identity and access...
CISA: Fortinet Releases April 2023 Vulnerability Advisories
Fortinet Releases April 2023 Vulnerability Advisories Fortinet has released its April 2023 Vulnerability Advisories(link is external) to address vulnerabilities affecting multiple...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
CISA: Shifting the Balance of Cybersecurity Risk: Security-by-Design and Default Principles
Shifting the Balance of Cybersecurity Risk: Security-by-Design and Default Principles Shifting the Balance of Cybersecurity Risk: Security-by-Design and Default Principles...
CISA: CISA Releases Sixteen Industrial Control Systems Advisories
CISA Releases Sixteen Industrial Control Systems Advisories CISA released sixteen Industrial Control Systems (ICS) advisories on April 13, 2023. These...
CISA: Juniper Networks Releases Security Updates
Juniper Networks Releases Security Updates Juniper Networks has released security updates to address vulnerabilities affecting Junos OS(link is external), Paragon...
CISA: APT28 Exploits Known Vulnerability To Carry Out Reconnaissance and Deploy Malware on Cisco Routers
APT28 Exploits Known Vulnerability To Carry Out Reconnaissance and Deploy Malware on Cisco Routers NCSC(link is external), NSA, CISA, and...
CISA: IRS Warns of New Tax Scams
IRS Warns of New Tax Scams The Internal Revenue Service (IRS) has issued a reminder urging taxpayers to be vigilant...
CISA: CISA Releases Four Industrial Control Systems Advisories
CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on April 18, 2023. These...
CISA: CISA and CESER Releases Software Bill of Materials (SBOM) Sharing Lifecycle Report
CISA and CESER Releases Software Bill of Materials (SBOM) Sharing Lifecycle Report CISA and the U.S. Department of Energy (DOE)...
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
Wa-Tunnel – Tunneling Internet Traffic Over Whatsapp
This is a Baileys based piece of code that lets you tunnel TCP data through two Whatsapp accounts. This can...
Royal Ransomware Victim: Stanley Electric U[.]S[.]
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Royal Ransomware Victim: City of Ballwin
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Royal Ransomware Victim: Mainstream Engineering
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Royal Ransomware Victim: 5Design
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Goldoson Android Malware Infects Over 100 Million Google Play Store Downloads
A new Android malware strain named Goldoson has been detected in the official Google Play Store spanning more than 60...
What’s the Difference Between CSPM & SSPM?
Cloud Security Posture Management (CSPM) and SaaS Security Posture Management (SSPM) are frequently confused. The similarity of the acronyms notwithstanding,...
YouTube Videos Distributing Aurora Stealer Malware via Highly Evasive Loader
Cybersecurity researchers have detailed the inner workings of a highly evasive loader named "in2al5d p3in4er" (read: invalid printer) that's used...
Malware Analysis – amadey – db51558dc4bf55de672371a810bf65fa
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:smokeloader, botnet:pub1, botnet:sprg, backdoor, discovery, ransomware, stealer, trojanMD5: db51558dc4bf55de672371a810bf65faSHA1: 65d70c827c402634a893d5d105f4e0dc177b6667ANALYSIS DATE: 2023-04-18T15:32:53ZTTPS: T1012,...
Malware Analysis – evasion – 96894e955b774d4732688adf11ba5851
Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 96894e955b774d4732688adf11ba5851SHA1: bc860e84f99b833570fd71c560b4881f506043e7ANALYSIS DATE: 2023-04-18T17:05:55ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
