Cobalt Stike Beacon Detected – 45[.]142[.]214[.]167:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
OSINT
Cobalt Stike Beacon Detected – 139[.]155[.]39[.]230:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 175[.]178[.]36[.]137:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 39[.]103[.]189[.]229:5555
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]227[.]198[.]195:4443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 116[.]63[.]252[.]248:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 27[.]102[.]118[.]76:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Mysterious threat actor TAC-040 used previously undetected Ljl Backdoor
A threat actor, tracked as TAC-040, exploited Atlassian Confluence flaw CVE-2022-26134 to deploy previously undetected Ljl Backdoor. Cybersecurity firm Deepwatch...
New Linux botnet RapperBot brute-forces SSH servers
RapperBot is a new botnet employed in attacks since mid-June 2022 that targets Linux SSH servers with brute-force attacks. Researchers...
Daily Vulnerability Trends: Fri Aug 05 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-33891The Apache Spark UI offers the possibility to enable ACLs via the...
Cobalt Stike Beacon Detected – 42[.]192[.]54[.]106:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]42[.]149[.]140:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 20[.]91[.]192[.]253:5986
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 54[.]150[.]98[.]223:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 116[.]63[.]252[.]248:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]138[.]10[.]116:2087
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
HIVE Ransomware Victim: ENN Group
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Cobalt Stike Beacon Detected – 95[.]85[.]76[.]54:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]43[.]41[.]152:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 116[.]62[.]166[.]244:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 8[.]136[.]80[.]103:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]34[.]84[.]206:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
New Woody RAT used in attacks aimed at Russian entities
An unknown threat actor is targeting Russian organizations with a new remote access trojan called Woody RAT. Malwarebytes researchers observed an...
Unauthenticated RCE can allow hacking DrayTek Vigor routers without user interaction
A critical flaw in multiple models of DrayTek Vigor routers can allow unauthenticated, remote attackers to fully compromise affected devices....
