Citrix and NSA urge admins to fix actively exploited zero-day in Citrix ADC and Gateway
Citrix urges customers to update their installs to fix actively exploited zero-day (CVE-2022-27518) in Citrix ADC and Gateway. Citrix urges...
OSINT
CISA: Mozilla Releases Security Updates for Thunderbird and Firefox
Mozilla Releases Security Updates for Thunderbird and Firefox Mozilla has released security updates to address vulnerabilities in Thunderbird, Firefox ESR, and...
CISA: NSA, CISA, and ODNI Release Guidance on Potential Threats to 5G Network Slicing
NSA, CISA, and ODNI Release Guidance on Potential Threats to 5G Network Slicing Today, the National Security Agency (NSA), CISA,...
CISA: CISA Updates Advisory on #StopRansomware: Cuba Ransomware
CISA Updates Advisory on #StopRansomware: Cuba Ransomware The Federal Bureau of Investigation (FBI) and CISA have updated joint Cybersecurity Advisory...
Lockbit ransomware gang hacked California Department of Finance
LockBit ransomware gang hacked the California Department of Finance and threatens to leak data stolen from its systems. The LockBit...
Royal Ransomware Victim: Pinnacle Communications
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Malware Analysis – smokeloader – 538bd2135f2955ebfad3522e2a54ddc0
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 538bd2135f2955ebfad3522e2a54ddc0SHA1: e3900fca609cf51f98a60b69745c498db25d9a69ANALYSIS DATE: 2022-12-13T15:21:10ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – 99b30ce88338d76e93f774c3446b266c
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 99b30ce88338d76e93f774c3446b266cSHA1: 5e2a78c5bcbb25eaa7312e21dd4cf2cefe286414ANALYSIS DATE: 2022-12-13T15:42:45ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – smokeloader – 3e469659cd268a9ec6f0c2a8849cb2ef
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 3e469659cd268a9ec6f0c2a8849cb2efSHA1: 42a38f3e8f5e4bdc96465699f17ba50294768074ANALYSIS DATE: 2022-12-13T16:06:44ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – cc8c8aeec869788fd53a469f85964f37
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:raccoon, family:smokeloader, botnet:ec7a54fb6492ff3a52d09504b8ecf082, backdoor, bootkit, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: cc8c8aeec869788fd53a469f85964f37SHA1: 43728baf80a83ddd6b4714a65e80c25e25b03b95ANALYSIS DATE:...
Malware Analysis – smokeloader – e69068207da80898e29bc323d48bb525
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: e69068207da80898e29bc323d48bb525SHA1: d4833c819665612335ef0da2b27a3ac6162e5275ANALYSIS DATE: 2022-12-13T16:34:37ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – ea2bdaaa07f55f051854169dd7935030
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: ea2bdaaa07f55f051854169dd7935030SHA1: e3394bb238bdeaada0e336599252e32845a2c24cANALYSIS DATE: 2022-12-13T16:55:24ZTTPS: T1222, T1082, T1012, T1005, T1081, T1060,...
Malware Analysis – smokeloader – 26bf0c1ccea1c8d9ee1c58a38ff11043
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 26bf0c1ccea1c8d9ee1c58a38ff11043SHA1: 1b17db6ed46ac1070ff83ab97249a8653f99b2d7ANALYSIS DATE: 2022-12-13T17:00:26ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – amadey – 40a81f8f9222d7a3ecee4f41dd5af21e
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:raccoon, family:redline, family:smokeloader, botnet:amddriveer1.2.3, botnet:ec7a54fb6492ff3a52d09504b8ecf082, botnet:sila, backdoor, bootkit, collection, discovery, infostealer, persistence, ransomware, spyware,...
Malware Analysis – smokeloader – 136bcc886a63253f4436f314c6c34fd1
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 136bcc886a63253f4436f314c6c34fd1SHA1: 4f549c93d6ca139e3210f8f2895303f4bf7e41d4ANALYSIS DATE: 2022-12-13T17:47:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – persistence – bfa097160d430d91d7d0cdd4497a215b
Score: 8 MALWARE FAMILY: persistenceTAGS:persistenceMD5: bfa097160d430d91d7d0cdd4497a215bSHA1: 6f30e19647a3043af7fc34dc68a46d62060c0388ANALYSIS DATE: 2022-12-13T17:58:03ZTTPS: T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
CISA: Citrix Releases Security Updates for Citrix ADC, Citrix Gateway
Citrix Releases Security Updates for Citrix ADC, Citrix Gateway Citrix has released security updates to address a critical vulnerability (CVE-2022-27518)...
Experts detailed a previously undetected VMware ESXi backdoor
A new Python backdoor is targeting VMware ESXi servers, allowing attackers to take over compromised systems. Juniper Networks researchers spotted...
Codecepticon – .NET Application That Allows You To Obfuscate C#, VBA/VB6 (Macros), And PowerShell Source Code
Codecepticon is a .NET application that allows you to obfuscate C#, VBA/VB6 (macros), and The command generator's output format can...
Cobalt Stike Beacon Detected – 120[.]232[.]254[.]134:7788
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 114[.]116[.]99[.]27:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 84[.]32[.]190[.]139:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 82[.]157[.]125[.]21:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 121[.]5[.]220[.]7:8866
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
