Daily Vulnerability Trends: Fri Jul 29 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-20186In kbase_mem_alias of mali_kbase_mem_linux.c, there is a possible arbitrary code execution due...
OSINT
LofyLife: malicious npm packages steal Discord tokens and bank card data
On July 26, using the internal automated system for monitoring open-source repositories, we identified four suspicious packages in the Node...
APT trends report Q2 2022
For five years, the Global Research and Analysis Team (GReAT) at Kaspersky has been publishing quarterly summaries of advanced persistent...
Cobalt Stike Beacon Detected – 120[.]25[.]159[.]191:8090
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 42[.]192[.]51[.]29:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 180[.]76[.]231[.]1:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 34[.]92[.]19[.]181:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]42[.]167[.]41:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 121[.]43[.]231[.]58:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 123[.]57[.]155[.]161:2121
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Brute Ratel C4 Detected – 20[.]101[.]129[.]239:443
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
Cobalt Stike Beacon Detected – 2[.]58[.]64[.]159:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 81[.]68[.]122[.]239:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 116[.]62[.]24[.]245:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 154[.]204[.]57[.]111:4443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Akamai blocked the largest DDoS attack ever on its European customers
This month Akamai blocked the largest distributed denial-of-service (DDoS) attack that hit an organization in Europe. On July 21, 2022,...
LibreOffice fixed 3 flaws, including a code execution issue
LibreOffice maintainers addressed three security flaws in their productivity software, including an arbitrary code execution issue. LibreOffice is an open-source office...
Threat actors use new attack techniques after Microsoft blocked macros by default
Threat actors are devising new attack tactics in response to Microsoft’s decision to block Macros by default. In response to...
CISA: Samba Releases Security Updates
Samba Releases Security Updates The Samba Team has released security updates to address vulnerabilities in multiple versions of Samba. An...
CISA: CISA Releases Log4Shell-Related MAR
CISA Releases Log4Shell-Related MAR From May through June 2022, CISA responded to an organization that was compromised by an exploitation...
ENISA provides data related to major telecom security incidents in 2021
ENISA published a report that includes anonymised and aggregated information about major telecom security incidents in 2021. ENISA published a...
TerraformGoat – “Vulnerable By Design” Multi Cloud Deployment Tool
TerraformGoat is selefra research lab's "Vulnerable by Design" multi cloud deployment tool. Currently supported cloud vendors include Alibaba Cloud, Tencent...
European firm DSIRF behind the attacks with Subzero surveillance malware
Microsoft linked a private-sector offensive actor (PSOA) to attacks using multiple zero-day exploits for its Subzero malware. The Microsoft Threat...
HIVE Ransomware Victim: Weidmueller
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
