VMware fixed critical authentication bypass vulnerability
VMware patched a critical authentication bypass security flaw, tracked as CVE-2022-31656, impacting local domain users in multiple products. VMware has...
OSINT
LockBit 3.0 affiliate sideloads Cobalt Strike through Windows Defender
An affiliate of the LockBit 3.0 RaaS operation has been abusing the Windows Defender command-line tool to deploy Cobalt Strike payloads. During...
Mecho Download – 437,928 breached accounts
In October 2013, the (now defunct) downloads website "Mecho Download" suffered a data breach that exposed 438k records. Data from...
Cobalt Stike Beacon Detected – 110[.]40[.]182[.]173:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 194[.]33[.]40[.]200:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 159[.]75[.]235[.]53:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 147[.]182[.]246[.]104:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 210[.]16[.]100[.]2:9443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Brute Ratel C4 Detected – 3[.]99[.]59[.]202:443
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
Brute Ratel C4 Detected – 178[.]33[.]38[.]76:8443
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
Cobalt Stike Beacon Detected – 185[.]130[.]45[.]182:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]223[.]177[.]9:8087
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]14[.]201[.]250:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 121[.]36[.]26[.]24:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 154[.]92[.]14[.]128:88
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 106[.]14[.]137[.]208:9443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]117[.]93[.]65:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]221[.]95[.]136:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Millions of Arris routers are vulnerable to path traversal attacks
Security researcher Derek Abdine has published an advisory about vulnerabilities that exist in the MIT-licensed muhttpd web server. This web...
Gootkit AaaS malware is still active and uses updated tactics
Gootkit access-as-a-service (AaaS) malware is back with tactics and fileless delivery of Cobalt Strike beacons. Gootkit runs on an access-a-as-a-service model, it...
Austria investigates DSIRF firm for allegedly developing Subzero spyware
Austria is investigating a report that an Austrian firm DSIRF developed spyware targeting law firms, banks and consultancies. At the...
Daily Vulnerability Trends: Tue Aug 02 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-22047Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from...
Cobalt Stike Beacon Detected – 114[.]55[.]58[.]137:8045
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 154[.]86[.]19[.]237:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
