Cobalt Stike Beacon Detected – 154[.]204[.]43[.]31:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
OSINT
Cobalt Stike Beacon Detected – 118[.]31[.]8[.]234:9955
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 3[.]90[.]213[.]150:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Brute Ratel C4 Detected – 35[.]72[.]0[.]113:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
Brute Ratel C4 Detected – 149[.]28[.]251[.]203:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
CISA: CISA, NSA, and MS-ISAC Release Advisory on the Malicious Use of RMM Software
CISA, NSA, and MS-ISAC Release Advisory on the Malicious Use of RMM Software Today, the Cybersecurity and Infrastructure Security Agency...
CISA: VMware Releases Security Updates for VMware vRealize Log Insight
VMware Releases Security Updates for VMware vRealize Log Insight VMware released security updates to address multiple vulnerabilities in VMware vRealize...
DC-Sonar – Analyzing AD Domains For Security Risks Related To User Accounts
DC Sonar Community Repositories The project consists of repositories: dc-sonar-frontend dc-sonar-user-layer dc-sonar-workers-layer ntlm-scrutinizer Disclaimer It's only for education purposes. Avoid...
Cobalt Stike Beacon Detected – 39[.]101[.]1[.]65:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 81[.]161[.]229[.]168:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 18[.]197[.]201[.]242:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]223[.]215[.]12:8091
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
LockBit 3.0 Ransomware Victim: flatironssolutions[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Daily Vulnerability Trends: Wed Jan 25 2023
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-22809In Sudo before 1.9.12p2, the sudoedit (aka -e) feature mishandles extra arguments...
Malware Analysis – darkcomet – 0370e5464c8f4718128f18548ca236aa
Score: 10 MALWARE FAMILY: darkcometTAGS:family:darkcomet, ransomware, rat, trojanMD5: 0370e5464c8f4718128f18548ca236aaSHA1: a7dc7c6526971d70b887b937bd6965ee82e5fdd0ANALYSIS DATE: 2023-01-25T03:51:31ZTTPS: T1012, T1082, T1491, T1112 ScoreMeaningExample10Known badA malware family...
Malware Analysis – djvu – c82d642d03203afc33ec1bf6c736b5c5
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: c82d642d03203afc33ec1bf6c736b5c5SHA1: 45385bbb8d54c5adc84e49450c7ec1f69b60906bANALYSIS DATE: 2023-01-25T03:43:41ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – djvu – f297068017e333ac96d70756a87babf6
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, stealerMD5: f297068017e333ac96d70756a87babf6SHA1: 6dbfc207b81246788e0cab826b3dd96a31dfb276ANALYSIS DATE: 2023-01-25T04:11:03ZTTPS: T1130, T1112, T1060, T1222, T1082...
Malware Analysis – djvu – 333bcc4a842670afc9f50160d7e3055c
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 333bcc4a842670afc9f50160d7e3055cSHA1: b72cdacbb3e38a705344cdaab0454996563e98fdANALYSIS DATE: 2023-01-25T05:09:28ZTTPS: T1082, T1012, T1005, T1081,...
Malware Analysis – wannacry – bc5ee0bcefce9d21f9a17c60a19c2b18
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, persistence, ransomware, spyware, stealer, wormMD5: bc5ee0bcefce9d21f9a17c60a19c2b18SHA1: 6b207ad03911865694e5f4c3059c2a5f0242c6daANALYSIS DATE: 2023-01-25T05:04:09ZTTPS: T1491, T1112, T1060, T1107, T1490,...
Malware Analysis – wannacry – e8340564caba7a2635af2c79cb7103eb
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, bootkit, discovery, persistence, ransomware, spyware, stealer, wormMD5: e8340564caba7a2635af2c79cb7103ebSHA1: 8c62c79508abe5ffa36608d1846dcb20b2a27137ANALYSIS DATE: 2023-01-25T05:05:54ZTTPS: T1112, T1060, T1222, T1012,...
Hackers use Golang source code interpreter to evade detection
A Chinese-speaking hacking group tracked as ‘DragonSpark’ was observed employing Golang source code interpretation to evade detection while launching espionage...
GoTo says hackers stole customers’ backups and encryption key
GoTo (formerly LogMeIn) is warning customers that threat actors who breached its development environment in November 2022 stole encrypted backups...
U.S. sues Google for abusing dominance over online ad market
The U.S. Justice Department has filed a federal lawsuit today against Google for abusing its dominant position in the online...
Riot Games receives ransom demand from hackers, refuses to pay
Riot Games says it will not pay a $10 million ransom demanded by attackers who stole League of Legends source code...
