CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on April 25, 2023. These...
Security
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
PortEx – Java Library To Analyse Portable Executable Files With A Special Focus On Malware Analysis And PE Malformation Robustness
PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness,...
Malware Analysis – amadey – 2e2d214abd61d6b40e8ad5e9e437df45
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:smokeloader, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:pub1, botnet:sprg, backdoor, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 2e2d214abd61d6b40e8ad5e9e437df45SHA1:...
Malware Analysis – amadey – 05cd8d500f128d1c1ab6844e5b98eb4e
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:smokeloader, botnet:pub1, botnet:sprg, backdoor, discovery, ransomware, stealer, trojanMD5: 05cd8d500f128d1c1ab6844e5b98eb4eSHA1: 76211cea5ed0667e98e9b99312d6a40cd6ffb1faANALYSIS DATE: 2023-04-26T15:37:31ZTTPS: T1012,...
Malware Analysis – – 33868397a64763f16d88e37d4289697a
Score: 1 MALWARE FAMILY: TAGS:MD5: 33868397a64763f16d88e37d4289697aSHA1: 2bd06371967738d0101dc73ed3fa321cbeac4db6ANALYSIS DATE: 2023-04-26T16:00:59ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – amadey – fd68d6d16b3b5a68311907694d3c5967
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:redline, family:smokeloader, family:vidar, botnet:1379752987, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:sprg, backdoor, discovery, evasion, infostealer, persistence, ransomware, spyware,...
Malware Analysis – djvu – 51a4106e8f56ecb11ff22995f4cfd3e1
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, spyware, stealerMD5: 51a4106e8f56ecb11ff22995f4cfd3e1SHA1: 2781e07822cf8b54406d5785e0e71e3158f4666fANALYSIS DATE: 2023-04-26T15:49:43ZTTPS: T1012, T1082, T1005, T1081,...
Posh C2 Detected – 95[.]164[.]87[.]82:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
CISA: Drupal Releases Security Advisory to Address Vulnerability in Drupal Core
Drupal Releases Security Advisory to Address Vulnerability in Drupal Core Drupal has released a security advisory to address an access...
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco has released security updates for vulnerabilities affecting Industrial Network Director (IND), Modeling...
CISA: Oracle Releases Security Updates
Oracle Releases Security Updates Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for...
CISA: CISA to Continue and Enhance U.K.’s Logging Made Easy Tool
CISA to Continue and Enhance U.K.’s Logging Made Easy Tool CISA has announced plans to continue and enhance the Logging...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on April 20, 2023. These...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on April 25, 2023. These...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
CISA: VMware Releases Security Update for Aria Operations for Logs
VMware Releases Security Update for Aria Operations for Logs VMware has released a security update to address multiple vulnerabilities in...
CISA: CISA Releases Two SBOM Documents
CISA Releases Two SBOM Documents Today, CISA released two community-drafted documents around Software Bill of Materials (SBOM): Types of SBOM...
CISA: Abuse of the Service Location Protocol May Lead to DoS Attacks
Abuse of the Service Location Protocol May Lead to DoS Attacks The Service Location Protocol (SLP, RFC 2608(link is external))...
auditpolCIS – CIS Benchmark Testing Of Windows SIEM Configuration
CIS Benchmark testing of Windows SIEM configuration This is an application for testing the configuration of Windows Audit Policy settings...
CISA: Abuse of the Service Location Protocol May Lead to DoS Attacks
Abuse of the Service Location Protocol May Lead to DoS Attacks The Service Location Protocol (SLP, RFC 2608(link is external))...
Malware Analysis – evasion – 495c2a34d4447df001099893059774f6
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealerMD5: 495c2a34d4447df001099893059774f6SHA1: bf7c9c05ae10ffaab5325c434705b33384ddf2b2ANALYSIS DATE: 2023-04-25T15:17:13ZTTPS: T1490, T1060, T1112, T1031, T1562, T1489, T1082,...
Malware Analysis – evasion – c50a968d1c6351e9e087a56b1e5a1acd
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealerMD5: c50a968d1c6351e9e087a56b1e5a1acdSHA1: d9c4742a26bf41c5009f2e56f53ae9fab931a5b1ANALYSIS DATE: 2023-04-25T15:17:13ZTTPS: T1490, T1005, T1081, T1060, T1112, T1031, T1562,...
Malware Analysis – evasion – 469eb4d876c8bd2093e47d2474fbc59b
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealer, upxMD5: 469eb4d876c8bd2093e47d2474fbc59bSHA1: 0ff84a77d24839137002c56e9ff60c7f92080ca8ANALYSIS DATE: 2023-04-25T15:17:13ZTTPS: T1490, T1082, T1005, T1081, T1060, T1112,...
