How to recover files encrypted by Yanlouwang
Yanluowang is a type of targeted ransomware discovered by the Symantec Threat Hunter team as they were investigating an incident...
Security
Cobalt Stike Beacon Detected – 79[.]110[.]52[.]18:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 213[.]109[.]192[.]206:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]221[.]119[.]57:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 172[.]96[.]189[.]16:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 23[.]94[.]40[.]221:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 154[.]83[.]12[.]160:8088
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 139[.]60[.]160[.]51:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 150[.]158[.]75[.]242:3333
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 3[.]86[.]2[.]74:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 121[.]36[.]249[.]146:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 13[.]69[.]25[.]214:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 164[.]92[.]146[.]31:8081
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cyber Risk Index (2H’ 2021): An Assessment for Security Leaders
We take a look at our latest Cyber Risk Index (CRI) findings across North America, Europe, Asia-Pacific, and Latin/South America,...
Cyber Risk Index (2H’ 2021): An Assessment for Security Leaders
We take a look at our latest Cyber Risk Index (CRI) findings across North America, Europe, Asia-Pacific, and Latin/South America,...
An Investigation of the BlackCat Ransomware via Trend Micro Vision One
We recently investigated a case related to the BlackCat ransomware group using the Trend Micro Vision One™ platform, which comes...
KrbRelay – Framework For Kerberos Relaying
Relaying 3-headed dogs. More details at https://googleprojectzero.blogspot.com/2021/10/windows-exploitation-tricks-relaying.html and https://googleprojectzero.blogspot.com/2021/10/using-kerberos-for-authentication-relay.html This should be working on most fully patched Windows systems. There...
Experts spotted Industrial Spy, a new stolen data marketplace
A new marketplace named Industrial Spy that focuses on the sale of stolen data appeared in the threat landscape. Malware...
Why you shouldn’t automate your VirusTotal uploads
It is important to realize that uploading certain files to VirusTotal may result in leaking confidential data, which could result...
Zircolite – A Standalone SIGMA-based Detection Tool For EVTX, Auditd And Sysmon For Linux Logs
Standalone SIGMA-based detection tool for EVTX, Auditd, Sysmon for linux or JSONL/NDJSON Logs Zircolite is a standalone tool written in...
A week in security (April 11 – 17)
Last week on Malwarebytes Labs: Credential-stealing malware disguises itself as Telegram, targets social media usersOld Play Store apps served notice...
Cobalt Stike Beacon Detected – 8[.]212[.]183[.]33:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 137[.]175[.]50[.]233:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 46[.]29[.]160[.]203:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
