Cyber Police of Ukraine Busted Phishing Gang Responsible for $4.33 Million Scam
The Cyber Police of Ukraine, in collaboration with law enforcement officials from Czechia, has arrested several members of a cybercriminal...
OSINT
Winter Vivern APT Targets European Government Entities with Zimbra Vulnerability
The advanced persistent threat (APT) actor known as Winter Vivern is now targeting officials in Europe and the U.S. as...
3CX Supply Chain Attack — Here’s What We Know So Far
Enterprise communications software maker 3CX on Thursday confirmed that multiple versions of its desktop app for Windows and macOS are...
Deep Dive Into 6 Key Steps to Accelerate Your Incident Response
Organizations rely on Incident response to ensure they are immediately aware of security incidents, allowing for quick action to minimize...
LockBit 3.0 Ransomware Victim: okcu[.]edu
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: theus-industries[.]fr
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: hacla[.]org [part 2]
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: statravel[.]de
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: groupe-seche[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Vice Society Ransomware Victim: Lewis & Clark College
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Refreshed ‘cyber security toolkit’ helps board members to govern online risk
Refreshed 'cyber security toolkit' helps board members to govern online risk I am delighted to announce the launch of the...
New AlienFox toolkit steals credentials for 18 cloud services
A new modular toolkit called ‘AlienFox’ allows threat actors to scan for misconfigured servers to steal authentication secrets and credentials...
Bing search results hijacked via misconfigured Microsoft app
A misconfigured Microsoft application allowed anyone to log in and modify Bing.com search results in real-time, as well as inject XSS...
Winter Vivern hackers exploit Zimbra flaw to steal NATO emails
A Russian hacking group tracked as TA473, aka 'Winter Vivern,' has been actively exploiting vulnerabilities in unpatched Zimbra endpoints since...
Realtek and Cacti flaws now actively exploited by malware botnets
Multiple malware botnets actively target Cacti and Realtek vulnerabilities in campaigns detected between January and March 2023, spreading ShellBot and Moobot...
CISA orders agencies to patch bugs exploited to drop spyware
The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies today to patch security vulnerabilities exploited as zero-days in...
Ukrainian cyberpolice busts fraud gang that stole $4.3 million
Ukraine's cyberpolice has arrested members of a fraud gang that stole roughly $4,300,000 from over a thousand victims across the...
Microsoft OneNote will block 120 dangerous file extensions
Microsoft has shared more information on what malicious embedded files OneNote will soon block to defend users against ongoing phishing...
Cl0p Ransomware Victim: MULTIPLAN[.]COM
Cl0p Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Researchers Detail Severe “Super FabriXss” Vulnerability in Microsoft Azure SFX
Details have emerged about a now-patched vulnerability in Azure Service Fabric Explorer (SFX) that could lead to unauthenticated remote code...
Malware Analysis – persistence – f755a44bbb97e9ba70bf38f1bdc67722
Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, spyware, stealerMD5: f755a44bbb97e9ba70bf38f1bdc67722SHA1: f70331eb64fd893047f263623ffb1e74e6fe4187ANALYSIS DATE: 2023-03-30T15:05:37ZTTPS: T1491, T1112, T1005, T1081, T1060, T1082, T1107, T1490...
Malware Analysis – djvu – ca4c8c98cbf461f832cbf2764c82a5bd
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: ca4c8c98cbf461f832cbf2764c82a5bdSHA1: 67154ad8db949e4a23eb725f47842ff5d045f02fANALYSIS DATE: 2023-03-30T15:15:00ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – ransomware – 1ace926cf826999d3aa1e63372d009c8
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 1ace926cf826999d3aa1e63372d009c8SHA1: 0ac145c53c1c3bcb14a428f943309c5c5dc7aa62ANALYSIS DATE: 2023-03-30T15:24:49ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – amadey – 32962e720a69b0ea507f89962cdacfac
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, family:socelars, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, botnet:frtrack, botnet:pub1, backdoor, discovery, evasion, infostealer, persistence, ransomware, spyware,...
