OSINT

modDetective – Tool That Chronologizes Files Based On Modification Time In Order To Investigate Recent System Activity

July 23, 2022

To see the tool in its most useful form, try running the command as follows: python3 modDetective.py -i /usr/share,/usr/lib,/lib. This...

Cobalt Stike Beacon Detected – 162[.]244[.]82[.]15:443

July 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 114[.]132[.]198[.]197:6443

July 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 101[.]35[.]51[.]91:9000

July 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 185[.]145[.]128[.]90:2087

July 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 43[.]129[.]89[.]99:443

July 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 124[.]222[.]125[.]194:4433

July 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 79[.]110[.]62[.]172:80

July 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 47[.]103[.]56[.]27:53

July 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 64[.]227[.]106[.]164:443

July 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 159[.]223[.]166[.]232:80

July 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 5[.]199[.]162[.]174:80

July 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 23[.]227[.]198[.]195:8080

July 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 84[.]32[.]190[.]52:443

July 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 18[.]252[.]217[.]117:443

July 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Brute Ratel C4 Detected – 176[.]34[.]152[.]127:443

July 23, 2022

The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...

Brute Ratel C4 Detected – 54[.]93[.]134[.]133:443

July 23, 2022

The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...

Daily Vulnerability Trends: Sat Jul 23 2022

July 23, 2022

Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-42069 No description provided CVE-2022-32832 No description provided CVE-2022-23088 No description provided...

SonicWall fixed critical SQLi in Analytics and GMS products

July 23, 2022

Security company SonicWall released updates to address a critical SQL injection (SQLi) flaw in Analytics On-Prem and Global Management System...

Brute Ratel C4 Detected – 18[.]198[.]216[.]248:80

July 23, 2022

The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...

Account lockout policy in Windows 11 is enabled by default to block block brute force attacks

July 22, 2022

Starting with Windows 11 Microsoft introduce by default an account lockout policy that can block brute force attacks. Starting with...

CISA: Atlassian Releases Security Advisory for Questions for Confluence App, CVE-2022-26138

July 22, 2022

Atlassian Releases Security Advisory for Questions for Confluence App, CVE-2022-26138 Atlassian has released a security advisory to address a vulnerability...

LiveTargetsFinder – Generates Lists Of Live Hosts And URLs For Targeting, Automating The Usage Of MassDNS, Masscan And Nmap To Filter Out Unreachable Hosts And Gather Service Information

July 22, 2022

Generates lists of live hosts and URLs for targeting, automating the usage of Massdns, Masscan and nmap to filter out...

Hackers breached Ukrainian radio station to spread fake news about Zelensky ‘s health

July 22, 2022

Threat actors hacked the Ukrainian radio station TAVR Media and broadcasted fake news on the critical health condition of President...

OSINT

modDetective – Tool That Chronologizes Files Based On Modification Time In Order To Investigate Recent System Activity

Cobalt Stike Beacon Detected – 162[.]244[.]82[.]15:443

Cobalt Stike Beacon Detected – 114[.]132[.]198[.]197:6443

Cobalt Stike Beacon Detected – 101[.]35[.]51[.]91:9000

Cobalt Stike Beacon Detected – 185[.]145[.]128[.]90:2087

Cobalt Stike Beacon Detected – 43[.]129[.]89[.]99:443

Cobalt Stike Beacon Detected – 124[.]222[.]125[.]194:4433

Cobalt Stike Beacon Detected – 79[.]110[.]62[.]172:80

Cobalt Stike Beacon Detected – 47[.]103[.]56[.]27:53

Cobalt Stike Beacon Detected – 64[.]227[.]106[.]164:443

Cobalt Stike Beacon Detected – 159[.]223[.]166[.]232:80

Cobalt Stike Beacon Detected – 5[.]199[.]162[.]174:80

Cobalt Stike Beacon Detected – 23[.]227[.]198[.]195:8080

Cobalt Stike Beacon Detected – 84[.]32[.]190[.]52:443

Cobalt Stike Beacon Detected – 18[.]252[.]217[.]117:443

Brute Ratel C4 Detected – 176[.]34[.]152[.]127:443

Brute Ratel C4 Detected – 54[.]93[.]134[.]133:443

Daily Vulnerability Trends: Sat Jul 23 2022

SonicWall fixed critical SQLi in Analytics and GMS products

Brute Ratel C4 Detected – 18[.]198[.]216[.]248:80

Account lockout policy in Windows 11 is enabled by default to block block brute force attacks

CISA: Atlassian Releases Security Advisory for Questions for Confluence App, CVE-2022-26138

LiveTargetsFinder – Generates Lists Of Live Hosts And URLs For Targeting, Automating The Usage Of MassDNS, Masscan And Nmap To Filter Out Unreachable Hosts And Gather Service Information

Hackers breached Ukrainian radio station to spread fake news about Zelensky ‘s health

[INCRANSOM] – Ransomware Victim: sensationalteeth[.]com

[RHYSIDA] – Ransomware Victim: KISS FM

[INTERLOCK] – Ransomware Victim: Shelbyville Police Department

[AKIRA] – Ransomware Victim: Nobu Restaurants

[AKIRA] – Ransomware Victim: The Fence People

You may have missed