Google finds more Android, iOS zero-days used to install spyware
Google's Threat Analysis Group (TAG) discovered several exploit chains using Android, iOS, and Chrome zero-day and n-day vulnerabilities to install...
OSINT
QNAP warns customers to patch Linux Sudo flaw in NAS devices
Taiwanese hardware vendor QNAP warns customers to secure their Linux-powered network-attached storage (NAS) devices against a high-severity Sudo privilege escalation...
Hackers compromise 3CX desktop app in a supply chain attack
A digitally signed and trojanized version of the 3CX Voice Over Internet Protocol (VOIP) desktop client is reportedly being used...
Malware Analysis – djvu – a2813d8a07a0bfe6ab8d8f5f3e486bd6
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: a2813d8a07a0bfe6ab8d8f5f3e486bd6SHA1: 2f490cd0ac83ae8455dcc087946334b79f95c5a7ANALYSIS DATE: 2023-03-29T15:24:46ZTTPS: T1012, T1082, T1222, T1005,...
Malware Analysis – djvu – 7f7af90a656514364fc769f4ba85ebf1
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: 7f7af90a656514364fc769f4ba85ebf1SHA1: 740c283a238c669008b6bf50c2e97edb209c631bANALYSIS DATE: 2023-03-29T14:59:29ZTTPS: T1082, T1005, T1081, T1053,...
Malware Analysis – djvu – 8b52be4221750ba22b73867d77f514a8
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, botnet:pub1, backdoor, discovery, persistence, ransomware, trojanMD5: 8b52be4221750ba22b73867d77f514a8SHA1: 45b9ed5aa5947e7d7c761a7ee0f9ca04f3d6a425ANALYSIS DATE: 2023-03-29T15:38:27ZTTPS: T1012, T1120, T1082, T1222,...
Malware Analysis – djvu – bb6f35a6a6a07b124686f9abdd64205b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: bb6f35a6a6a07b124686f9abdd64205bSHA1: ccc9af1cf9221571e6619ad0aa04e294a1efe033ANALYSIS DATE: 2023-03-29T15:53:38ZTTPS: T1222, T1012, T1082, T1053,...
Malware Analysis – djvu – 94c00dfd7eb99d7de68c95f27a3d5854
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: 94c00dfd7eb99d7de68c95f27a3d5854SHA1: 02dc1e168b8e9df3cefc60e3f5d4d0bd850b69c5ANALYSIS DATE: 2023-03-29T15:44:27ZTTPS: T1222, T1060, T1112, T1053,...
Malware Analysis – amadey – bb827f6d5b1d086843fa951b69b8e702
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, botnet:frtrack, botnet:pub1, botnet:rober, backdoor, discovery, evasion, infostealer, persistence, ransomware, spyware,...
Malware Analysis – djvu – 41c2e6a9aedab7b3015ada13c70a5673
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: 41c2e6a9aedab7b3015ada13c70a5673SHA1: 62a1c491c10e64d730ad4f589855d8478f017251ANALYSIS DATE: 2023-03-29T16:25:15ZTTPS: T1005, T1081, T1053, T1082,...
Malware Analysis – djvu – afd8945316aedd2fb57dd654431c26ba
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: afd8945316aedd2fb57dd654431c26baSHA1: f49694b571523786df36ab5d711dc5ea91ef878fANALYSIS DATE: 2023-03-29T17:52:09ZTTPS: T1005, T1081, T1060, T1112,...
Malware Analysis – djvu – 15a5bb819748cdec8893209495776408
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: 15a5bb819748cdec8893209495776408SHA1: da3561824dbab0b96c63a5cfd2f364364216ea0aANALYSIS DATE: 2023-03-29T16:31:20ZTTPS: T1060, T1112, T1082, T1053,...
Malware Analysis – amadey – 941ebdb94364e7958adc8638cb5dd933
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, botnet:pub1, botnet:rober, backdoor, discovery, evasion, infostealer, persistence, ransomware, spyware, stealer,...
Mélofée: Researchers Uncover New Linux Malware Linked to Chinese APT Groups
An unknown Chinese state-sponsored hacking group has been linked to a novel piece of malware aimed at Linux servers. French...
Spyware Vendors Caught Exploiting Zero-Day Vulnerabilities on Android and iOS Devices
A number of zero-day vulnerabilities that were addressed last year were exploited by commercial spyware vendors to target Android and...
Trojanized TOR Browser Installers Spreading Crypto-Stealing Clipper Malware
Trojanized installers for the TOR anonymity browser are being used to target users in Russia and Eastern Europe with clipper...
How to Build a Research Lab for Reverse Engineering — 4 Ways
Malware analysis is an essential part of security researcher's work. But working with malicious samples can be dangerous — it...
Smart Mobility has a Blindspot When it Comes to API Security
The emergence of smart mobility services and applications has led to a sharp increase in the use of APIs in...
LockBit 3.0 Ransomware Victim: nts[.]go[.]kr
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Brute Ratel C4 Detected – 54[.]65[.]93[.]113:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
North Korean APT43 Group Uses Cybercrime to Fund Espionage Operations
A new North Korean nation-state cyber operator has been attributed to a series of campaigns orchestrated to gather strategic intelligence...
Daily Vulnerability Trends: Wed Mar 29 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-20963In WorkSource, there is a possible parcel mismatch. This could lead to...
Karakurt Ransomware Victim: MICROFINANCE INSTITUTION
KARAKURT RANSOMWARE NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Latitude Financial data breach now impacts 14 million customers
Australian loan giant Latitude Financial Services (Latitude) is warning customers that its data breach is much more significant than initially...
