OSINT

osint

MuddyWater APT group is back with updated TTPs

December 11, 2022

The Iran-linked MuddyWater APT is targeting countries in the Middle East as well as Central and West Asia in a new campaign....

Read More

trend-9

Daily Vulnerability Trends: Sun Dec 11 2022

December 11, 2022

Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2021-44228Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1)...

Read More

abstract-malware-990x400-1

Malware Analysis – upx – 7e3f8869d34b959d0b4381edae96e70a

December 11, 2022

Score: 8 MALWARE FAMILY: upxTAGS:upxMD5: 7e3f8869d34b959d0b4381edae96e70aSHA1: cd3c93170a853fb61324c4a7aba76f9fe61f472cANALYSIS DATE: 2022-12-06T15:12:41ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Read More

abstract-malware-990x400-1

Malware Analysis – evasion – b750a814e27003acd2de430638e637a5

December 11, 2022

Score: 10 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: b750a814e27003acd2de430638e637a5SHA1: b797699ec9e70a05112ece86f5583881a911b56cANALYSIS DATE: 2022-12-06T15:43:34ZTTPS: T1158, T1012, T1120, T1082, T1112, T1060 ScoreMeaningExample10Known badA malware...

Read More

abstract-malware-990x400-1

Malware Analysis – djvu – becd0d98fcc5851e2096d2e17a9a1983

December 11, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, stealerMD5: becd0d98fcc5851e2096d2e17a9a1983SHA1: 5065dd217c08d075a1db7cea02cc159467b8f29fANALYSIS DATE: 2022-12-11T04:48:33ZTTPS: T1060, T1112, T1082, T1012, T1053,...

Read More

abstract-malware-990x400-1

Malware Analysis – ransomware – 8a3450d84f03d9ea8abb543d2ba41288

December 11, 2022

Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 8a3450d84f03d9ea8abb543d2ba41288SHA1: 819576e1d411354fb7102a6e64e0aaeaf29af450ANALYSIS DATE: 2022-12-11T04:30:05ZTTPS: T1491, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Read More

abstract-malware-990x400-1

Malware Analysis – dcrat – 3c10dc9df5b42968e8bbe67387bc30a2

December 11, 2022

Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:mario23_10, backdoor, bootkit, collection, discovery, infostealer, persistence, ransomware, rat, spyware,...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 91[.]245[.]254[.]116:443

December 11, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 91[.]242[.]217[.]59:4433

December 11, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 154[.]209[.]82[.]138:80

December 11, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 8[.]130[.]38[.]49:80

December 11, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 125[.]124[.]127[.]206:8001

December 11, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 121[.]41[.]108[.]155:800

December 11, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 39[.]98[.]50[.]48:8099

December 11, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 154[.]209[.]82[.]138:443

December 11, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 84[.]32[.]190[.]139:443

December 11, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 54[.]251[.]86[.]24:80

December 11, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 81[.]71[.]8[.]186:6666

December 11, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 84[.]32[.]128[.]237:443

December 11, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 1[.]13[.]14[.]225:443

December 11, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

Cobalt-Strike

Cobalt Stike Beacon Detected – 154[.]211[.]4[.]155:8082

December 11, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Read More

abstract-malware-990x400-1

Malware Analysis – ransomware – 7fd2e6479af433d6a531e420df24ea79

December 11, 2022

Score: 5 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 7fd2e6479af433d6a531e420df24ea79SHA1: e2f3e894d475b6e3d8ced40ad7dccc7036fc4132ANALYSIS DATE: 2022-12-06T12:02:15ZTTPS: T1112, T1491 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Read More

abstract-malware-990x400-1

Malware Analysis – djvu – c637e6b956a3968199a842f7fcfd85d4

December 11, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:redline, family:smokeloader, botnet:mario23_10, backdoor, bootkit, collection, discovery, infostealer, persistence, ransomware, trojanMD5: c637e6b956a3968199a842f7fcfd85d4SHA1: b71d01eb630a3e192d954712e09d61dbfd576a3dANALYSIS DATE: 2022-12-10T22:43:03ZTTPS:...

Read More

abstract-malware-990x400-1

Malware Analysis – djvu – 692bfb53296c9843c95a447db91aa075

December 11, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 692bfb53296c9843c95a447db91aa075SHA1: 0837bd52360bbbd1f7ce0a1d8c7407637dc3b25bANALYSIS DATE: 2022-12-10T22:16:06ZTTPS: T1222, T1082, T1012, T1005,...

Read More

hkcert

Citrix Products Denial of Service Vulnerability

June 26, 2025

hkcert

Fortinet Products Multiple Vulnerabilities

June 26, 2025

CVE Alert: CVE-2025-6656

June 26, 2025

CVE Alert: CVE-2025-6655

June 26, 2025

CVE Alert: CVE-2025-6658

June 26, 2025