Security

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

April 18, 2023

CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...

CISA: IRS Warns of New Tax Scams

April 18, 2023

IRS Warns of New Tax Scams The Internal Revenue Service (IRS) has issued a reminder urging taxpayers to be vigilant...

CISA: Microsoft Releases Guidance for the BlackLotus Campaign

April 18, 2023

Microsoft Releases Guidance for the BlackLotus Campaign Microsoft has released Guidance for investigating attacks using CVE-2022-21894: The BlackLotus Campaign(link is...

CISA: CISA Releases Sixteen Industrial Control Systems Advisories

April 18, 2023

CISA Releases Sixteen Industrial Control Systems Advisories CISA released sixteen Industrial Control Systems (ICS) advisories on April 13, 2023. These...

CISA: Shifting the Balance of Cybersecurity Risk: Security-by-Design and Default Principles

April 18, 2023

Shifting the Balance of Cybersecurity Risk: Security-by-Design and Default Principles Shifting the Balance of Cybersecurity Risk: Security-by-Design and Default Principles...

CISA: Juniper Networks Releases Security Updates

April 18, 2023

Juniper Networks Releases Security Updates Juniper Networks has released security updates to address vulnerabilities affecting Junos OS(link is external), Paragon...

CISA: CISA Releases Software Bill of Materials (SBOM) Sharing Lifecycle Report

April 18, 2023

CISA Releases Software Bill of Materials (SBOM) Sharing Lifecycle Report CISA has released the SBOM Sharing Lifecycle Report to the cybersecurity...

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

April 18, 2023

CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...

Nmap-API – Uses Python3.10, Debian, python-Nmap, And Flask Framework To Create A Nmap API That Can Do Scans With A Good Speed Online And Is Easy To Deploy

April 17, 2023

Uses python3.10, Debian, python-Nmap, and flask framework to create a Nmap API that can do scans with a good speed...

Tools

Scriptkiddi3 – Streamline Your Recon And Vulnerability Detection Process With SCRIPTKIDDI3, A Recon And Initial Vulnerability Detection Tool Built Using Shell Script And Open Source Tools

April 17, 2023

Streamline your recon and vulnerability detection process with SCRIPTKIDDI3, A recon and initial vulnerability detection tool built using shell script...

Malware Analysis – ransomware – 163e651162f292028ca9a8d7f1ed7340

April 17, 2023

Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 163e651162f292028ca9a8d7f1ed7340SHA1: a85ff9091f298ea2d6823a7b0053daa08b237423ANALYSIS DATE: 2023-04-17T15:08:20ZTTPS: T1005, T1081, T1107, T1490, T1082, T1012, T1120 ScoreMeaningExample10Known badA...

Malware Analysis – smokeloader – da7ba70077b15294e39bd92ff7989b99

April 17, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: da7ba70077b15294e39bd92ff7989b99SHA1: 66584515852401e7e4b90fb810d2df7a599f7201ANALYSIS DATE: 2023-04-17T15:41:05ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – ransomware – 9fd40b68825eb9aa79d9f2b106aaf59e

April 17, 2023

Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 9fd40b68825eb9aa79d9f2b106aaf59eSHA1: 9b30c9ed81fea0f414a7cb9f1496616a35339f18ANALYSIS DATE: 2023-04-11T16:19:29ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – djvu – ca6f44d1cc12231f26c34c9dfb262f95

April 17, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:623db25256a5734d1207787d269d05b2, discovery, persistence, ransomware, spyware, stealerMD5: ca6f44d1cc12231f26c34c9dfb262f95SHA1: d1a250eaf85eb482d0e7ee6a13b7938f0fe234f9ANALYSIS DATE: 2023-04-17T15:53:20ZTTPS: T1060, T1112, T1222, T1012,...

Malware Analysis – djvu – 013e7b9f96797555fa6207a31ea66a60

April 17, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:623db25256a5734d1207787d269d05b2, discovery, persistence, ransomware, spyware, stealerMD5: 013e7b9f96797555fa6207a31ea66a60SHA1: 3e2a7079228298bd9f2fb945fdfdb05f8b853660ANALYSIS DATE: 2023-04-17T16:17:06ZTTPS: T1082, T1053, T1012, T1060,...

Malware Analysis – smokeloader – cb64985632f35fa9bdd30b7b348b1522

April 17, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: cb64985632f35fa9bdd30b7b348b1522SHA1: b0caef4db6825c18c024fc4b93e0e7b164cb59c5ANALYSIS DATE: 2023-04-17T16:09:19ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – ransomware – 1a3aa753fbc8877bdebc46ee93512cb4

April 17, 2023

Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 1a3aa753fbc8877bdebc46ee93512cb4SHA1: 1cb7f822d252d75cc490cab2a1c4a280675ceb6fANALYSIS DATE: 2023-04-17T16:18:52ZTTPS: T1082, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...

Malware Analysis – djvu – 7928c50cae4ebd08e65423ff46c4e9b0

April 17, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:623db25256a5734d1207787d269d05b2, discovery, persistence, ransomware, spyware, stealerMD5: 7928c50cae4ebd08e65423ff46c4e9b0SHA1: e8678f10645d7226175c80166a3b76cb9173faffANALYSIS DATE: 2023-04-17T17:01:36ZTTPS: T1082, T1053, T1005, T1081,...

Malware Analysis – persistence – 7f9ac429e16252648618ddcb9b3886a1

April 17, 2023

Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, spyware, stealerMD5: 7f9ac429e16252648618ddcb9b3886a1SHA1: 0f4de1a4b065a5f154a4b843cfc58325bb3b4e0fANALYSIS DATE: 2023-04-17T17:10:56ZTTPS: T1004, T1112, T1107, T1490, T1005, T1081 ScoreMeaningExample10Known badA...

Malware Analysis – persistence – a3ef7f3fab1b3bd5fe855c0d1c271fa8

April 17, 2023

Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: a3ef7f3fab1b3bd5fe855c0d1c271fa8SHA1: 30e840f8c5c8518e095b2f14256d6dbe466d5bfaANALYSIS DATE: 2023-04-17T17:10:28ZTTPS: T1060, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or...

Malware Analysis – smokeloader – 671a5553c82fb95a3c5711707d0b7d39

April 17, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 671a5553c82fb95a3c5711707d0b7d39SHA1: d041d72966e651e8ad0674a179371aec2bd62349ANALYSIS DATE: 2023-04-17T17:17:04ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – wannacry – 0a3b63a9039391a6a5ea3918c7e8a837

April 17, 2023

Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, ransomware, wormMD5: 0a3b63a9039391a6a5ea3918c7e8a837SHA1: 20fd851be1189e6d2e9000bb0a0e4ebf7882310fANALYSIS DATE: 2023-04-17T17:36:52ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...

Malware Analysis – dharma – 650ac8296c53afd1f6adec4c34871c02

April 17, 2023

Score: 10 MALWARE FAMILY: dharmaTAGS:family:dharma, persistence, ransomware, spyware, stealerMD5: 650ac8296c53afd1f6adec4c34871c02SHA1: 29d81be34df4ecd0cee036d6d71bc1144c477bd5ANALYSIS DATE: 2023-04-17T17:42:34ZTTPS: T1005, T1081, T1082, T1112, T1060, T1107, T1490...

Malware Analysis – evasion – bb703f4d9d67f2f777fee75b4f3b5029

April 17, 2023

Score: 6 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: bb703f4d9d67f2f777fee75b4f3b5029SHA1: ec055096e8d8ac62e9d6d5fd419fd4d89a694579ANALYSIS DATE: 2023-04-17T17:57:05ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...

Security

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA: IRS Warns of New Tax Scams

CISA: Microsoft Releases Guidance for the BlackLotus Campaign

CISA: CISA Releases Sixteen Industrial Control Systems Advisories

CISA: Shifting the Balance of Cybersecurity Risk: Security-by-Design and Default Principles

CISA: Juniper Networks Releases Security Updates

CISA: CISA Releases Software Bill of Materials (SBOM) Sharing Lifecycle Report

CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog

Nmap-API – Uses Python3.10, Debian, python-Nmap, And Flask Framework To Create A Nmap API That Can Do Scans With A Good Speed Online And Is Easy To Deploy

Scriptkiddi3 – Streamline Your Recon And Vulnerability Detection Process With SCRIPTKIDDI3, A Recon And Initial Vulnerability Detection Tool Built Using Shell Script And Open Source Tools

Malware Analysis – ransomware – 163e651162f292028ca9a8d7f1ed7340

Malware Analysis – smokeloader – da7ba70077b15294e39bd92ff7989b99

Malware Analysis – ransomware – 9fd40b68825eb9aa79d9f2b106aaf59e

Malware Analysis – djvu – ca6f44d1cc12231f26c34c9dfb262f95

Malware Analysis – djvu – 013e7b9f96797555fa6207a31ea66a60

Malware Analysis – smokeloader – cb64985632f35fa9bdd30b7b348b1522

Malware Analysis – ransomware – 1a3aa753fbc8877bdebc46ee93512cb4

Malware Analysis – djvu – 7928c50cae4ebd08e65423ff46c4e9b0

Malware Analysis – persistence – 7f9ac429e16252648618ddcb9b3886a1

Malware Analysis – persistence – a3ef7f3fab1b3bd5fe855c0d1c271fa8

Malware Analysis – smokeloader – 671a5553c82fb95a3c5711707d0b7d39

Malware Analysis – wannacry – 0a3b63a9039391a6a5ea3918c7e8a837

Malware Analysis – dharma – 650ac8296c53afd1f6adec4c34871c02

Malware Analysis – evasion – bb703f4d9d67f2f777fee75b4f3b5029

Cobalt Strike Beacon Detected – 121[.]43[.]37[.]134:4434

Cobalt Strike Beacon Detected – 119[.]29[.]231[.]118:443

Cobalt Strike Beacon Detected – 39[.]101[.]74[.]162:443

Cobalt Strike Beacon Detected – 8[.]218[.]112[.]112:8880

Cobalt Strike Beacon Detected – 47[.]109[.]48[.]57:443

You may have missed