Hackers use Golang source code interpreter to evade detection
A Chinese-speaking hacking group tracked as ‘DragonSpark’ was observed employing Golang source code interpretation to evade detection while launching espionage...
OSINT
GoTo says hackers stole customers’ backups and encryption key
GoTo (formerly LogMeIn) is warning customers that threat actors who breached its development environment in November 2022 stole encrypted backups...
U.S. sues Google for abusing dominance over online ad market
The U.S. Justice Department has filed a federal lawsuit today against Google for abusing its dominant position in the online...
Riot Games receives ransom demand from hackers, refuses to pay
Riot Games says it will not pay a $10 million ransom demanded by attackers who stole League of Legends source code...
Ransomware access brokers use Google ads to breach your network
A threat actor tracked as DEV-0569 uses Google Ads in widespread, ongoing advertising campaigns to distribute malware, steal victims' passwords,...
FBI: North Korean hackers stole $100 million in Harmony crypto hack
The FBI has confirmed that the North Korean state-sponsored 'Lazarus' and APT38 hacking groups were behind the theft of $100...
Cobalt Stike Beacon Detected – 198[.]154[.]94[.]36:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 179[.]43[.]162[.]31:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]138[.]21[.]132:8808
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 91[.]213[.]50[.]35:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 120[.]48[.]99[.]90:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 3[.]73[.]0[.]134:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Brute Ratel C4 Detected – 54[.]249[.]216[.]44:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
LockBit 3.0 Ransomware Victim: elsan[.]care
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
CISA: CISA Releases Protecting Our Future: Partnering to Safeguard K–12 organizations from Cybersecurity Threats
CISA Releases Protecting Our Future: Partnering to Safeguard K–12 organizations from Cybersecurity Threats Today, CISA released Protecting Our Future: Partnering...
LockBit 3.0 Ransomware Victim: xlntinc[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Get-AppLockerEventlog – Script For Fetching Applocker Event Log By Parsing The Win-Event Log
This script will parse all the channels of events from the win-event log to extract all the log relatives to...
Malware Analysis – evasion – c7a9226978be7b4ead9febb8ac854e7c
Score: 6 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: c7a9226978be7b4ead9febb8ac854e7cSHA1: cb7e60b4c4c4f4737c4cfe74addde018515918dfANALYSIS DATE: 2023-01-24T09:00:06ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – djvu – 6735e0d9fc3b11c7cbdd071d3829162b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 6735e0d9fc3b11c7cbdd071d3829162bSHA1: 1ebc132342713c73f1020c8012b0b5063c28b2aaANALYSIS DATE: 2023-01-24T09:04:30ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – dharma – be47139183c40fceb264c6946627b93f
Score: 10 MALWARE FAMILY: dharmaTAGS:family:dharma, persistence, ransomware, spyware, stealerMD5: be47139183c40fceb264c6946627b93fSHA1: 06f645d6afc2f909dbdf61c0982dcd74126bc5f5ANALYSIS DATE: 2023-01-24T09:17:14ZTTPS: T1005, T1081, T1112, T1060, T1107, T1490, T1082...
Malware Analysis – djvu – c249a253e8f6bab49a07078d3b07bdf4
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: c249a253e8f6bab49a07078d3b07bdf4SHA1: 0bca272f816478d880ab6b1e29d3239c587726ffANALYSIS DATE: 2023-01-24T10:51:50ZTTPS: T1060, T1112, T1012, T1082,...
Malware Analysis – upx – 5f586940f6b6ae2f8cbdeaec316b62ef
Score: 9 MALWARE FAMILY: upxTAGS:upxMD5: 5f586940f6b6ae2f8cbdeaec316b62efSHA1: 97197beb2de16b0b38c20b4846f4325283f28356ANALYSIS DATE: 2023-01-24T09:57:48ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – dharma – e096b294d0ed5f42ca68bc41c47ac27a
Score: 10 MALWARE FAMILY: dharmaTAGS:family:dharma, persistence, ransomware, spyware, stealerMD5: e096b294d0ed5f42ca68bc41c47ac27aSHA1: 1d5601986887ead48d036f1401330b8c9fd59eebANALYSIS DATE: 2023-01-24T09:17:03ZTTPS: T1005, T1081, T1082, T1112, T1060, T1107, T1490...
Malware Analysis – dharma – ee524170a7ffc7ad48afc3a1e7377943
Score: 10 MALWARE FAMILY: dharmaTAGS:family:dharma, persistence, ransomware, spyware, stealerMD5: ee524170a7ffc7ad48afc3a1e7377943SHA1: c9c8725012fbf7e9651b2e1519eaf17e86a65658ANALYSIS DATE: 2023-01-24T09:17:03ZTTPS: T1082, T1060, T1112, T1107, T1490, T1005, T1081...
