Cobalt Stike Beacon Detected – 79[.]110[.]62[.]172:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
OSINT
Cobalt Stike Beacon Detected – 47[.]103[.]56[.]27:53
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 64[.]227[.]106[.]164:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 5[.]199[.]162[.]174:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]227[.]198[.]195:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 84[.]32[.]190[.]52:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 18[.]252[.]217[.]117:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Brute Ratel C4 Detected – 176[.]34[.]152[.]127:443
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
Brute Ratel C4 Detected – 54[.]93[.]134[.]133:443
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
Daily Vulnerability Trends: Sat Jul 23 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-42069 No description provided CVE-2022-32832 No description provided CVE-2022-23088 No description provided...
SonicWall fixed critical SQLi in Analytics and GMS products
Security company SonicWall released updates to address a critical SQL injection (SQLi) flaw in Analytics On-Prem and Global Management System...
Brute Ratel C4 Detected – 18[.]198[.]216[.]248:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
Account lockout policy in Windows 11 is enabled by default to block block brute force attacks
Starting with Windows 11 Microsoft introduce by default an account lockout policy that can block brute force attacks. Starting with...
CISA: Atlassian Releases Security Advisory for Questions for Confluence App, CVE-2022-26138
Atlassian Releases Security Advisory for Questions for Confluence App, CVE-2022-26138 Atlassian has released a security advisory to address a vulnerability...
LiveTargetsFinder – Generates Lists Of Live Hosts And URLs For Targeting, Automating The Usage Of MassDNS, Masscan And Nmap To Filter Out Unreachable Hosts And Gather Service Information
Generates lists of live hosts and URLs for targeting, automating the usage of Massdns, Masscan and nmap to filter out...
Hackers breached Ukrainian radio station to spread fake news about Zelensky ‘s health
Threat actors hacked the Ukrainian radio station TAVR Media and broadcasted fake news on the critical health condition of President...
Cobalt Stike Beacon Detected – 124[.]222[.]30[.]145:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 104[.]171[.]114[.]156:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 192[.]144[.]215[.]54:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Candiru surveillance spyware DevilsTongue exploited Chrome Zero-Day to target journalists
The spyware developed by Israeli surveillance firm Candiru exploited recently fixed CVE-2022-2294 Chrome zero-day in attacks on journalists. Researchers from...
Daily Vulnerability Trends: Fri Jul 22 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-26706An access issue was addressed with additional sandbox restrictions on third-party applications....
TA4563 group leverages EvilNum malware to target European financial and investment entities
A threat actor tracked as TA4563 is using EvilNum malware to target European financial and investment entities. A threat actor,...
Cobalt Stike Beacon Detected – 40[.]121[.]241[.]79:50050
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Alibaba OSS Buckets Compromised to Distribute Malicious Shell Scripts via Steganography
In this blog entry, we discuss a malicious campaign that targets Alibaba Cloud’s OSS buckets with leaked credentials for malware...
