Rail giant Wabtec discloses data breach after Lockbit ransomware attack
U.S. rail and locomotive company Wabtec Corporation has disclosed a data breach that exposed personal and sensitive information. Wabtec is...
OSINT
BitRAT malware campaign uses stolen bank data for phishing
Threat actors behind a recent malware campaign have been using the stolen information of bank customers in Colombia as lures...
BleepingComputer’s most popular cybersecurity stories of 2022
It was a big year for cybersecurity in 2022 with massive cyberattacks and data breaches, innovative phishing attacks, privacy concerns,...
Poland warns of attacks by Russia-linked Ghostwriter hacking group
The Polish government is warning of a spike in cyberattacks from Russia-linked hackers, including the state-sponsored hacking group known as...
Ongoing Flipper Zero phishing attacks target infosec community
A new phishing campaign is exploiting the increasing interest of security community members towards Flipper Zero to steal their personal...
PXEThief – Set Of Tooling That Can Extract Passwords From The Operating System Deployment Functionality In Microsoft Endpoint Configuration Manager
PXEThief is a set of tooling that implements attack paths discussed at the DEF CON 30 talk Pulling Passwords out...
Malware Analysis – ransomware – a41afe748aed818ab6ac94e81bdde610
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: a41afe748aed818ab6ac94e81bdde610SHA1: 9468012acf6df7a0e593f41e0da8123f541277dfANALYSIS DATE: 2023-01-03T15:28:36ZTTPS: T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – evasion – f714964febf0482d0781116faf95c797
Score: 8 MALWARE FAMILY: evasionTAGS:evasion, ransomware, upxMD5: f714964febf0482d0781116faf95c797SHA1: 41a1ab64d4ac85618a2241581b8c5c9b98691577ANALYSIS DATE: 2023-01-03T15:07:20ZTTPS: T1082, T1012, T1120, T1158 ScoreMeaningExample10Known badA malware family was...
Malware Analysis – discovery – f3257310b37b572a371c05dd0bb419ef
Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploit, persistenceMD5: f3257310b37b572a371c05dd0bb419efSHA1: 6c9354a3bb7246af254f00b4adb01b556adc1e8eANALYSIS DATE: 2023-01-03T15:00:01ZTTPS: T1050, T1012, T1060, T1222, T1082 ScoreMeaningExample10Known badA malware family...
Malware Analysis – djvu – ca36f7252b0fc1f54c7d1f4c554f4e83
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: ca36f7252b0fc1f54c7d1f4c554f4e83SHA1: d42db97d04c519fac40d4a641eea0f868375d32bANALYSIS DATE: 2023-01-03T17:04:47ZTTPS: T1053, T1012, T1060, T1112,...
Malware Analysis – djvu – 42cd30f9e9cb1715d3b9e2f38617f9de
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 42cd30f9e9cb1715d3b9e2f38617f9deSHA1: a765a8172e191f1a6d243a1a4b6dfdedc2e179f7ANALYSIS DATE: 2023-01-03T16:32:51ZTTPS: T1005, T1081, T1060, T1112,...
Malware Analysis – djvu – 6f589d70ab9654b5266ad9fe1eed2e3e
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 6f589d70ab9654b5266ad9fe1eed2e3eSHA1: b4da2aadd70c7787dd6d09e185173da9790ae43fANALYSIS DATE: 2023-01-03T15:54:07ZTTPS: T1082, T1012, T1005, T1081,...
Malware Analysis – evasion – cd8762aee748f0147c99d59c397f0116
Score: 7 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: cd8762aee748f0147c99d59c397f0116SHA1: b79ae2bcf1409cf560ece2d14f4102c013aea248ANALYSIS DATE: 2023-01-03T15:42:44ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Cobalt Stike Beacon Detected – 43[.]140[.]200[.]42:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 193[.]201[.]9[.]189:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]138[.]138[.]159:8887
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 185[.]225[.]73[.]244:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 154[.]26[.]192[.]35:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]93[.]235[.]240:8989
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – amadey – e7d749dbfe2e17f6ea16091b533d6dac
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:19, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojan, vmprotectMD5: e7d749dbfe2e17f6ea16091b533d6dacSHA1: ba371eee10e094cf22edf271666774c9cfe81752ANALYSIS...
Malware Analysis – lockbit – 38745539b71cf201bb502437f891d799
Score: 10 MALWARE FAMILY: lockbitTAGS:family:lockbit, ransomwareMD5: 38745539b71cf201bb502437f891d799SHA1: f2a72bee623659d3ba16b365024020868246d901ANALYSIS DATE: 2023-01-03T09:33:37ZTTPS: T1491, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...
Malware Analysis – ransomware – 42e201d426895fc33fd4a940e63cc157
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 42e201d426895fc33fd4a940e63cc157SHA1: 6b401d175e45b8c7069172530ec4fc29bf9d9f0bANALYSIS DATE: 2023-01-03T09:13:57ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – ransomware – e231d644f5b878acd617f35994acd50d
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: e231d644f5b878acd617f35994acd50dSHA1: 45bc0cded34342459efa7312a7a68d8788daff20ANALYSIS DATE: 2023-01-03T09:21:12ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – 73b0edba2950305182437e022ac81eb6
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 73b0edba2950305182437e022ac81eb6SHA1: 7a22d5919da5d0f07fbc50d100b2b10a1c0b7398ANALYSIS DATE: 2023-01-03T10:55:15ZTTPS: T1005, T1081, T1082, T1012,...
