CISA: Abuse of the Service Location Protocol May Lead to DoS Attacks
Abuse of the Service Location Protocol May Lead to DoS Attacks The Service Location Protocol (SLP, RFC 2608(link is external))...
Security
CISA: VMware Releases Security Update for Aria Operations for Logs
VMware Releases Security Update for Aria Operations for Logs VMware has released a security update to address multiple vulnerabilities in...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on May 2, 2023. These...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on May 4, 2023.This advisory...
CISA: CISA Urges Organizations to Incorporate the FCC Covered List Into Risk Management Plans
CISA Urges Organizations to Incorporate the FCC Covered List Into Risk Management Plans The Federal Communications Commission (FCC) maintains a Covered...
CISA: CISA Requests for Comment on Secure Software Self-Attestation Form
CISA Requests for Comment on Secure Software Self-Attestation Form CISA has issued requests for comment on the Secure Software Self-Attestation...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
Cobalt Stike Beacon Detected – 206[.]119[.]74[.]215:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 20[.]119[.]42[.]48:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 209[.]97[.]135[.]107:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 101[.]43[.]224[.]186:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 8[.]141[.]161[.]11:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Nimbo-C2 – Yet Another (Simple And Lightweight) C2 Framework
About Nimbo-C2 is yet another (simple and lightweight) C2 framework. Nimbo-C2 agent supports x64 Windows & Linux. It's written in...
Malware Analysis – djvu – 3f96efacd3ab4a4b6ecba23fa0b99390
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:31c7719b5ee962fbde376b75e771360d, discovery, persistence, ransomware, spyware, stealerMD5: 3f96efacd3ab4a4b6ecba23fa0b99390SHA1: c73f24a0f81267cac9045dd93d8e0805f6026c35ANALYSIS DATE: 2023-05-08T14:58:54ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – amadey – 727b9c1facb2764ed3b69f34078ec711
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, botnet:pub1, botnet:sprg, backdoor, discovery, ransomware, trojanMD5: 727b9c1facb2764ed3b69f34078ec711SHA1: 965c066af34f939ac544fdf702b6609979f9d79dANALYSIS DATE: 2023-05-08T15:09:16ZTTPS: T1053, T1012, T1120,...
Malware Analysis – djvu – 941dc581a841ce8fc209aab1345fabba
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:31c7719b5ee962fbde376b75e771360d, discovery, persistence, ransomware, spyware, stealerMD5: 941dc581a841ce8fc209aab1345fabbaSHA1: 6473ef23e5f87d642fdb249d2ce01993a5aa30edANALYSIS DATE: 2023-05-08T15:22:13ZTTPS: T1082, T1053, T1005, T1081,...
Malware Analysis – amadey – 32b3fe74b988b12fcb484850f17d1721
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, botnet:pub1, botnet:sprg, backdoor, discovery, ransomware, trojanMD5: 32b3fe74b988b12fcb484850f17d1721SHA1: f6d21919f699f4a903ccc382bbce215642aa1db4ANALYSIS DATE: 2023-05-08T15:30:14ZTTPS: T1012, T1222, T1053,...
Malware Analysis – ransomware – 51064cc8676f45813dec4c5a1c1ce150
Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 51064cc8676f45813dec4c5a1c1ce150SHA1: e9d2c7b278c98f85481176c6089b2a74120c6b56ANALYSIS DATE: 2023-05-08T16:39:39ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – evasion – 727b2d3ec84ce3139998a79342fa324b
Score: 6 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 727b2d3ec84ce3139998a79342fa324bSHA1: 503f4998eb0e88388e82dca578c411a2cfe6455aANALYSIS DATE: 2023-05-08T17:00:12ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – amadey – 0e71e6e602e6cfb38ea3567ac1130343
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, botnet:pub1, botnet:sprg, backdoor, discovery, ransomware, trojanMD5: 0e71e6e602e6cfb38ea3567ac1130343SHA1: 8c50ae1dcfafd674643af4814f7b96ed835ef22aANALYSIS DATE: 2023-05-08T16:02:22ZTTPS: T1012, T1120, T1082,...
Malware Analysis – djvu – bf3a2484532f79b9a300bda711005470
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:31c7719b5ee962fbde376b75e771360d, discovery, persistence, ransomware, spyware, stealerMD5: bf3a2484532f79b9a300bda711005470SHA1: 29e99330b4d07f80ff48a7d7c2c265262b8f1713ANALYSIS DATE: 2023-05-08T16:08:47ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – ransomware – 9634b28186b502eab4ead6119285f4d7
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 9634b28186b502eab4ead6119285f4d7SHA1: 62bcdb03dbd6bf9fc0383582b5108e8b8b0b04a3ANALYSIS DATE: 2023-05-08T17:48:51ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – banker – 14f1074238583c9afde262fb31782ac9
Score: 8 MALWARE FAMILY: bankerTAGS:banker, evasion, ransomwareMD5: 14f1074238583c9afde262fb31782ac9SHA1: b20c3d6ec14d707ae1da754810d63b8e0b8bbee0ANALYSIS DATE: 2023-05-08T17:45:43ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – dharma – 5c36e305d926e55ef98d392176890cd2
Score: 10 MALWARE FAMILY: dharmaTAGS:family:dharma, discovery, evasion, ransomwareMD5: 5c36e305d926e55ef98d392176890cd2SHA1: 64a15cdf89b6c8b85cba355b6944074614d810fdANALYSIS DATE: 2023-05-08T17:48:49ZTTPS: T1490, T1059, T1107, T1082, T1012, T1120, T1070, T1053,...
