Security

Cobalt Stike Beacon Detected – 171[.]22[.]30[.]82:2222

November 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 198[.]44[.]132[.]52:80

November 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 81[.]68[.]142[.]187:4443

November 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 43[.]138[.]107[.]32:6001

November 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – ransomware – 1bf5fa42b3a45b4f401938c26ee81666

November 23, 2022

Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 1bf5fa42b3a45b4f401938c26ee81666SHA1: bf1613f6ecaa579715b03f440d97e4d88fbc67feANALYSIS DATE: 2022-11-22T23:12:23ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – ransomware – 9a8c8b6a41d7f2d819e46aae993a27a4

November 23, 2022

Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 9a8c8b6a41d7f2d819e46aae993a27a4SHA1: 92ca8283f87813b4b0894873776bc8d66320f180ANALYSIS DATE: 2022-11-22T23:10:02ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – ramnit – 7d623ac9e2b9b62a6102ab7404ca1103

November 23, 2022

Score: 10 MALWARE FAMILY: ramnitTAGS:family:ramnit, banker, persistence, ransomware, spyware, stealer, trojan, upx, wormMD5: 7d623ac9e2b9b62a6102ab7404ca1103SHA1: a578804fef2a1e77ca9ce493f1f3a14a58608c3fANALYSIS DATE: 2022-11-22T21:41:13ZTTPS: T1060, T1112, T1082,...

Cobalt Stike Beacon Detected – 121[.]36[.]0[.]239:443

November 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 190[.]123[.]44[.]151:443

November 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 52[.]90[.]239[.]14:443

November 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Stike Beacon Detected – 216[.]240[.]130[.]72:80

November 23, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – infostealer – c10fc0154426cabce557f0d33b90068a

November 23, 2022

Score: 8 MALWARE FAMILY: infostealerTAGS:infostealer, ransomwareMD5: c10fc0154426cabce557f0d33b90068aSHA1: 48a6507e50608c52df8033e79f44e4068a5f2ef5ANALYSIS DATE: 2022-11-22T23:32:33ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – infostealer – a07fbf2819d3e0803e8b980a7d1123db

November 23, 2022

Score: 8 MALWARE FAMILY: infostealerTAGS:infostealer, ransomwareMD5: a07fbf2819d3e0803e8b980a7d1123dbSHA1: 737fd5d3b6dd5bc0ece1fa77bfbea02fc5087e80ANALYSIS DATE: 2022-11-22T23:18:29ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Malware Analysis – ransomware – 6dfd521922e106cc4b2d058eb617c3bf

November 23, 2022

Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 6dfd521922e106cc4b2d058eb617c3bfSHA1: 6996184d3026cf8e791843fb572270bc176ba5adANALYSIS DATE: 2022-11-22T23:26:57ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – ransomware – 0e3576ad845efb5c6a94115e4cf7fde5

November 23, 2022

Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 0e3576ad845efb5c6a94115e4cf7fde5SHA1: e1536419d219ae85e6a4624f77219362e1dcf995ANALYSIS DATE: 2022-11-22T23:24:48ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Researcher warns that Cisco Secure Email Gateways can easily be circumvented

November 22, 2022

A researcher revealed how to bypass some of the filters in Cisco Secure Email Gateway appliance and deliver malware using...

Malware Analysis – amadey – 9a5af4928a4f33ef78c8fd81fce3c32e

November 22, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 9a5af4928a4f33ef78c8fd81fce3c32eSHA1: 87e9a81f0b1511448a63fb85b33178abcf1eda94ANALYSIS DATE:...

Malware Analysis – amadey – 3576bb82ff373abea71ab629615ea0dd

November 22, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 3576bb82ff373abea71ab629615ea0ddSHA1: 0abff39efc0bedc3b9f14e7c19458a1d7e2edb7fANALYSIS DATE:...

Malware Analysis – djvu – b6accd3374b36d1de13f8b6356ce76b3

November 22, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: b6accd3374b36d1de13f8b6356ce76b3SHA1: e323bed9a9b20bfe994020986f847118dbef2954ANALYSIS DATE: 2022-11-22T16:20:54ZTTPS: T1012, T1053, T1005, T1081,...

Malware Analysis – djvu – 2fa9ba0a3450613283ede851f4fc435f

November 22, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 2fa9ba0a3450613283ede851f4fc435fSHA1: f5c0694ff42e8f3ab4e6ffe065463a89b9e90a8dANALYSIS DATE: 2022-11-22T15:28:00ZTTPS: T1060, T1112, T1082, T1053,...

Malware Analysis – amadey – aa6cc702008759077d3c1822fd115671

November 22, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: aa6cc702008759077d3c1822fd115671SHA1: f2f8a60909161ed4d7c3f8aeb1e8e0da6c98dcecANALYSIS DATE:...

Malware Analysis – evasion – 1ee52d16fa78a820fc177cd84e58e984

November 22, 2022

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: 1ee52d16fa78a820fc177cd84e58e984SHA1: db6a84a4fcf2fd01c42b4f3058e741bdde05094dANALYSIS DATE: 2022-11-22T17:50:49ZTTPS: T1490, T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – 2f86489c9f5566ec7bd0d3cad8483f29

November 22, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 2f86489c9f5566ec7bd0d3cad8483f29SHA1: 60feeb5a3cfbafd6c6923f71b90a5806acc22d46ANALYSIS DATE: 2022-11-22T17:21:32ZTTPS: T1222, T1082, T1012, T1005,...

Malware Analysis – evasion – 13ffce8662080c941703c4cf419d6344

November 22, 2022

Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomwareMD5: 13ffce8662080c941703c4cf419d6344SHA1: 61fc1a13276febbdfe8ec708ebcd25aea28d5a9fANALYSIS DATE: 2022-11-22T17:55:21ZTTPS: T1490, T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Security

Cobalt Stike Beacon Detected – 171[.]22[.]30[.]82:2222

Cobalt Stike Beacon Detected – 198[.]44[.]132[.]52:80

Cobalt Stike Beacon Detected – 81[.]68[.]142[.]187:4443

Cobalt Stike Beacon Detected – 43[.]138[.]107[.]32:6001

Malware Analysis – ransomware – 1bf5fa42b3a45b4f401938c26ee81666

Malware Analysis – ransomware – 9a8c8b6a41d7f2d819e46aae993a27a4

Malware Analysis – ramnit – 7d623ac9e2b9b62a6102ab7404ca1103

Cobalt Stike Beacon Detected – 121[.]36[.]0[.]239:443

Cobalt Stike Beacon Detected – 190[.]123[.]44[.]151:443

Cobalt Stike Beacon Detected – 52[.]90[.]239[.]14:443

Cobalt Stike Beacon Detected – 216[.]240[.]130[.]72:80

Malware Analysis – infostealer – c10fc0154426cabce557f0d33b90068a

Malware Analysis – infostealer – a07fbf2819d3e0803e8b980a7d1123db

Malware Analysis – ransomware – 6dfd521922e106cc4b2d058eb617c3bf

Malware Analysis – ransomware – 0e3576ad845efb5c6a94115e4cf7fde5

Researcher warns that Cisco Secure Email Gateways can easily be circumvented

Malware Analysis – amadey – 9a5af4928a4f33ef78c8fd81fce3c32e

Malware Analysis – amadey – 3576bb82ff373abea71ab629615ea0dd

Malware Analysis – djvu – b6accd3374b36d1de13f8b6356ce76b3

Malware Analysis – djvu – 2fa9ba0a3450613283ede851f4fc435f

Malware Analysis – amadey – aa6cc702008759077d3c1822fd115671

Malware Analysis – evasion – 1ee52d16fa78a820fc177cd84e58e984

Malware Analysis – djvu – 2f86489c9f5566ec7bd0d3cad8483f29

Malware Analysis – evasion – 13ffce8662080c941703c4cf419d6344

CVE Alert: CVE-2025-12384 – bplugins – Document Embedder – Embed PDFs, Word, Excel, and Other Files

CVE Alert: CVE-2025-12139 – princeahmed – File Manager for Google Drive – Integrate Google Drive

CVE Alert: CVE-2025-10622 – Red Hat – Red Hat Satellite 6.18 for RHEL 9

CVE Alert: CVE-2025-12197 – stellarwp – The Events Calendar

[NIGHTSPIRE] – Ransomware Victim: Enem Nostrum Remedies Pvt[.] Ltd

You may have missed