Persistence by writing/reading shellcode from Event Log. Usage The SharpEventPersist tool takes 4 case-sensitive parameters: -file "C:pathtoshellcode.bin" -instanceid 1337 -source...

Russia-linked APT targets Ukraine by exploiting the Follina RCE vulnerability

June 13, 2022

Ukraine’s Computer Emergency Response Team (CERT) warns that the Russia-linked Sandworm APT group may exploit the Follina RCE vulnerability. Ukraine’s...

Security

SeaFlower campaign distributes backdoored versions of Web3 wallets to steal seed phrases

Experts spotted Syslogk, a Linux rootkit under development

Cobalt Stike Beacon Detected – 139[.]180[.]199[.]8:2083

Cobalt Stike Beacon Detected – 217[.]79[.]243[.]147:8080

Cobalt Stike Beacon Detected – 121[.]36[.]3[.]92:80

Cobalt Stike Beacon Detected – 82[.]157[.]153[.]129:8888

Cobalt Stike Beacon Detected – 121[.]5[.]195[.]89:8443

Cobalt Stike Beacon Detected – 54[.]75[.]240[.]93:443

Cobalt Stike Beacon Detected – 209[.]222[.]101[.]8:80

Cobalt Stike Beacon Detected – 5[.]42[.]199[.]46:8080

Cobalt Stike Beacon Detected – 193[.]38[.]51[.]104:80

Cobalt Stike Beacon Detected – 43[.]142[.]109[.]110:8098

Cobalt Stike Beacon Detected – 173[.]82[.]121[.]42:8666

Cobalt Stike Beacon Detected – 39[.]106[.]208[.]161:80

Cobalt Stike Beacon Detected – 114[.]132[.]214[.]17:80

Cobalt Stike Beacon Detected – 118[.]89[.]22[.]1:81

Cobalt Stike Beacon Detected – 101[.]42[.]175[.]119:80

Cobalt Stike Beacon Detected – 159[.]75[.]252[.]102:443

Cobalt Stike Beacon Detected – 81[.]68[.]196[.]206:443

Cobalt Stike Beacon Detected – 5[.]61[.]39[.]72:88

Cobalt Stike Beacon Detected – 209[.]141[.]33[.]44:4433

Cobalt Stike Beacon Detected – 194[.]36[.]188[.]12:443

SharpEventPersist – Persistence By Writing/Reading Shellcode From Event Log

Russia-linked APT targets Ukraine by exploiting the Follina RCE vulnerability

HackerOne Bug Bounty Disclosure: microsoft-x-apikey-exposed-in-mozilla-ci-public-logs-xhacking-z

HackerOne Bug Bounty Disclosure: hackerone-hackerpllim

HackerOne Bug Bounty Disclosure: hi-hacker-hackerpllim

[AKIRA] – Ransomware Victim: Mecanex USA

[RANSOMHOUSE] – Ransomware Victim: UnitedLayer

You may have missed