Russia’s largest ISP says 2022 broke all DDoS attack records
Russia's largest internet service provider Rostelecom says 2022 was a record year for Distributed denial of service attacks (DDoS) targeting...
OSINT
75k WordPress sites impacted by critical online course plugin flaws
The WordPress online course plugin 'LearnPress' was vulnerable to multiple critical-severity flaws, including pre-auth SQL injection and local file inclusion....
VMware fixes critical security bugs in vRealize log analysis tool
VMware released security patches on Tuesday to address vRealize Log Insight vulnerabilities that could enable attackers to gain remote execution...
Microsoft shares workaround for unresponsive Windows Start Menu
Microsoft has confirmed an issue causing the Windows Start menu to become unresponsive and some applications to no longer launch....
Hackers use Golang source code interpreter to evade detection
A Chinese-speaking hacking group tracked as ‘DragonSpark’ was observed employing Golang source code interpretation to evade detection while launching espionage...
GoTo says hackers stole customers’ backups and encryption key
GoTo (formerly LogMeIn) is warning customers that threat actors who breached its development environment in November 2022 stole encrypted backups...
Cobalt Stike Beacon Detected – 198[.]154[.]94[.]36:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 179[.]43[.]162[.]31:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]138[.]21[.]132:8808
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 91[.]213[.]50[.]35:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 120[.]48[.]99[.]90:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 3[.]73[.]0[.]134:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Brute Ratel C4 Detected – 54[.]249[.]216[.]44:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
LockBit 3.0 Ransomware Victim: elsan[.]care
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
CISA: CISA Releases Protecting Our Future: Partnering to Safeguard K–12 organizations from Cybersecurity Threats
CISA Releases Protecting Our Future: Partnering to Safeguard K–12 organizations from Cybersecurity Threats Today, CISA released Protecting Our Future: Partnering...
LockBit 3.0 Ransomware Victim: xlntinc[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Get-AppLockerEventlog – Script For Fetching Applocker Event Log By Parsing The Win-Event Log
This script will parse all the channels of events from the win-event log to extract all the log relatives to...
Malware Analysis – djvu – 6735e0d9fc3b11c7cbdd071d3829162b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 6735e0d9fc3b11c7cbdd071d3829162bSHA1: 1ebc132342713c73f1020c8012b0b5063c28b2aaANALYSIS DATE: 2023-01-24T09:04:30ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – evasion – c7a9226978be7b4ead9febb8ac854e7c
Score: 6 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: c7a9226978be7b4ead9febb8ac854e7cSHA1: cb7e60b4c4c4f4737c4cfe74addde018515918dfANALYSIS DATE: 2023-01-24T09:00:06ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – dharma – be47139183c40fceb264c6946627b93f
Score: 10 MALWARE FAMILY: dharmaTAGS:family:dharma, persistence, ransomware, spyware, stealerMD5: be47139183c40fceb264c6946627b93fSHA1: 06f645d6afc2f909dbdf61c0982dcd74126bc5f5ANALYSIS DATE: 2023-01-24T09:17:14ZTTPS: T1005, T1081, T1112, T1060, T1107, T1490, T1082...
Malware Analysis – djvu – c249a253e8f6bab49a07078d3b07bdf4
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: c249a253e8f6bab49a07078d3b07bdf4SHA1: 0bca272f816478d880ab6b1e29d3239c587726ffANALYSIS DATE: 2023-01-24T10:51:50ZTTPS: T1060, T1112, T1012, T1082,...
Malware Analysis – upx – 5f586940f6b6ae2f8cbdeaec316b62ef
Score: 9 MALWARE FAMILY: upxTAGS:upxMD5: 5f586940f6b6ae2f8cbdeaec316b62efSHA1: 97197beb2de16b0b38c20b4846f4325283f28356ANALYSIS DATE: 2023-01-24T09:57:48ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – dharma – e096b294d0ed5f42ca68bc41c47ac27a
Score: 10 MALWARE FAMILY: dharmaTAGS:family:dharma, persistence, ransomware, spyware, stealerMD5: e096b294d0ed5f42ca68bc41c47ac27aSHA1: 1d5601986887ead48d036f1401330b8c9fd59eebANALYSIS DATE: 2023-01-24T09:17:03ZTTPS: T1005, T1081, T1082, T1112, T1060, T1107, T1490...
Malware Analysis – dharma – ee524170a7ffc7ad48afc3a1e7377943
Score: 10 MALWARE FAMILY: dharmaTAGS:family:dharma, persistence, ransomware, spyware, stealerMD5: ee524170a7ffc7ad48afc3a1e7377943SHA1: c9c8725012fbf7e9651b2e1519eaf17e86a65658ANALYSIS DATE: 2023-01-24T09:17:03ZTTPS: T1082, T1060, T1112, T1107, T1490, T1005, T1081...
