Security

Cobalt Stike Beacon Detected – 103[.]43[.]12[.]110:443

December 14, 2022

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Malware Analysis – djvu – cc41cc3ea8f8bce6db07297c4495586e

December 14, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: cc41cc3ea8f8bce6db07297c4495586eSHA1: 7ae990b946dcc707b0178d16f7f0616746e8d977ANALYSIS DATE: 2022-12-13T21:22:46ZTTPS: T1082, T1005, T1081, T1060, T1112, T1222,...

Malware Analysis – amadey – fb7b98f3a170ab2947c7a1ad3db3e56e

December 14, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:danabot, family:djvu, family:raccoon, family:smokeloader, botnet:ec7a54fb6492ff3a52d09504b8ecf082, backdoor, banker, bootkit, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5:...

Malware Analysis – smokeloader – 31c1ecb9c752694df1060a8a92ec101b

December 14, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 31c1ecb9c752694df1060a8a92ec101bSHA1: c3d7953eaf8458c80e02d0be0f37181cb9e68cbaANALYSIS DATE: 2022-12-13T21:28:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – discovery – 96951fa4cdb4bbd291c5831d2c25bda5

December 14, 2022

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: 96951fa4cdb4bbd291c5831d2c25bda5SHA1: 4d200586d0cf0e21ff4d10809216d3c71a8f148eANALYSIS DATE: 2022-12-13T22:59:52ZTTPS: T1012, T1120, T1082, T1060, T1112 ScoreMeaningExample10Known badA malware family...

Malware Analysis – amadey – 99a0068281ee5fff38985f6e83bde450

December 14, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:raccoon, family:redline, family:smokeloader, botnet:amddriveer9777, botnet:ec7a54fb6492ff3a52d09504b8ecf082, botnet:sila, backdoor, bootkit, collection, discovery, infostealer, persistence, ransomware,...

Malware Analysis – lockbit – e94fe624f91344209d90a2f1652970b8

December 14, 2022

Score: 10 MALWARE FAMILY: lockbitTAGS:family:lockbit, ransomwareMD5: e94fe624f91344209d90a2f1652970b8SHA1: fe93d8c29f699bcd98ac53334ef9d545655f867dANALYSIS DATE: 2022-12-13T23:12:27ZTTPS: T1491, T1112, T1082, T1012 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – discovery – dab04cbe137129d3eac35bcbe5ee75b0

December 14, 2022

Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, persistence, ransomwareMD5: dab04cbe137129d3eac35bcbe5ee75b0SHA1: 73b92f05f34f444ebc51930bd56d5309b7c13007ANALYSIS DATE: 2022-12-13T23:07:00ZTTPS: T1012, T1120, T1082, T1060, T1112 ScoreMeaningExample10Known badA malware family...

Malware Analysis – amadey – 732af63d97e2c00874e374bfdcfffda1

December 14, 2022

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:raccoon, family:smokeloader, botnet:ec7a54fb6492ff3a52d09504b8ecf082, backdoor, bootkit, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 732af63d97e2c00874e374bfdcfffda1SHA1: e887344857072816286b9d52e52b6d80693f6de4ANALYSIS...

Malware Analysis – djvu – c83d1fbca9486e793a5cdb48e15bab2f

December 14, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, discovery, persistence, ransomware, spyware, stealerMD5: c83d1fbca9486e793a5cdb48e15bab2fSHA1: 7b447694827307f3f84f70542289d42640e6c782ANALYSIS DATE: 2022-12-13T23:30:11ZTTPS: T1005, T1081, T1012, T1060, T1112, T1222,...

CISA: VMware Releases Security Updates for Multiple products

December 14, 2022

VMware Releases Security Updates for Multiple products VVMware has released security updates to address multiple vulnerabilities in multiple products. A...

CISA: Microsoft Releases December 2022 Security Updates

December 14, 2022

Microsoft Releases December 2022 Security Updates Microsoft has released updates to address multiple vulnerabilities in Microsoft software. An attacker can...

Forging Ahead in 2023: Insights From Trend Micro’s 2023 Security Predictions

December 13, 2022

In 2023, cybercriminals and defenders alike will have to move forward with caution in the face of a business landscape...

Intrusion Detection & Prevention Systems Guide

December 13, 2022

IDPS, IDS, IPS… what’s the difference? Discover key differences between intrusion detection and prevention systems as well as 9 technical...

Citrix and NSA urge admins to fix actively exploited zero-day in Citrix ADC and Gateway

December 13, 2022

Citrix urges customers to update their installs to fix actively exploited zero-day (CVE-2022-27518) in Citrix ADC and Gateway. Citrix urges...

CISA: Mozilla Releases Security Updates for Thunderbird and Firefox

December 13, 2022

Mozilla Releases Security Updates for Thunderbird and Firefox Mozilla has released security updates to address vulnerabilities in Thunderbird, Firefox ESR, and...

CISA: NSA, CISA, and ODNI Release Guidance on Potential Threats to 5G Network Slicing

December 13, 2022

NSA, CISA, and ODNI Release Guidance on Potential Threats to 5G Network Slicing Today, the National Security Agency (NSA), CISA,...

CISA: CISA Updates Advisory on #StopRansomware: Cuba Ransomware

December 13, 2022

CISA Updates Advisory on #StopRansomware: Cuba Ransomware The Federal Bureau of Investigation (FBI) and CISA have updated joint Cybersecurity Advisory...

Lockbit ransomware gang hacked California Department of Finance

December 13, 2022

LockBit ransomware gang hacked the California Department of Finance and threatens to leak data stolen from its systems. The LockBit...

Malware Analysis – smokeloader – 538bd2135f2955ebfad3522e2a54ddc0

December 13, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 538bd2135f2955ebfad3522e2a54ddc0SHA1: e3900fca609cf51f98a60b69745c498db25d9a69ANALYSIS DATE: 2022-12-13T15:21:10ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – smokeloader – 99b30ce88338d76e93f774c3446b266c

December 13, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 99b30ce88338d76e93f774c3446b266cSHA1: 5e2a78c5bcbb25eaa7312e21dd4cf2cefe286414ANALYSIS DATE: 2022-12-13T15:42:45ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – smokeloader – 3e469659cd268a9ec6f0c2a8849cb2ef

December 13, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 3e469659cd268a9ec6f0c2a8849cb2efSHA1: 42a38f3e8f5e4bdc96465699f17ba50294768074ANALYSIS DATE: 2022-12-13T16:06:44ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – cc8c8aeec869788fd53a469f85964f37

December 13, 2022

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:raccoon, family:smokeloader, botnet:ec7a54fb6492ff3a52d09504b8ecf082, backdoor, bootkit, collection, discovery, persistence, ransomware, spyware, stealer, trojanMD5: cc8c8aeec869788fd53a469f85964f37SHA1: 43728baf80a83ddd6b4714a65e80c25e25b03b95ANALYSIS DATE:...

Malware Analysis – smokeloader – e69068207da80898e29bc323d48bb525

December 13, 2022

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: e69068207da80898e29bc323d48bb525SHA1: d4833c819665612335ef0da2b27a3ac6162e5275ANALYSIS DATE: 2022-12-13T16:34:37ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Security

Cobalt Stike Beacon Detected – 103[.]43[.]12[.]110:443

Malware Analysis – djvu – cc41cc3ea8f8bce6db07297c4495586e

Malware Analysis – amadey – fb7b98f3a170ab2947c7a1ad3db3e56e

Malware Analysis – smokeloader – 31c1ecb9c752694df1060a8a92ec101b

Malware Analysis – discovery – 96951fa4cdb4bbd291c5831d2c25bda5

Malware Analysis – amadey – 99a0068281ee5fff38985f6e83bde450

Malware Analysis – lockbit – e94fe624f91344209d90a2f1652970b8

Malware Analysis – discovery – dab04cbe137129d3eac35bcbe5ee75b0

Malware Analysis – amadey – 732af63d97e2c00874e374bfdcfffda1

Malware Analysis – djvu – c83d1fbca9486e793a5cdb48e15bab2f

CISA: VMware Releases Security Updates for Multiple products

CISA: Microsoft Releases December 2022 Security Updates

Forging Ahead in 2023: Insights From Trend Micro’s 2023 Security Predictions

Intrusion Detection & Prevention Systems Guide

Citrix and NSA urge admins to fix actively exploited zero-day in Citrix ADC and Gateway

CISA: Mozilla Releases Security Updates for Thunderbird and Firefox

CISA: NSA, CISA, and ODNI Release Guidance on Potential Threats to 5G Network Slicing

CISA: CISA Updates Advisory on #StopRansomware: Cuba Ransomware

Lockbit ransomware gang hacked California Department of Finance

Malware Analysis – smokeloader – 538bd2135f2955ebfad3522e2a54ddc0

Malware Analysis – smokeloader – 99b30ce88338d76e93f774c3446b266c

Malware Analysis – smokeloader – 3e469659cd268a9ec6f0c2a8849cb2ef

Malware Analysis – djvu – cc8c8aeec869788fd53a469f85964f37

Malware Analysis – smokeloader – e69068207da80898e29bc323d48bb525

HackerOne Bug Bounty Disclosure: api-key-exposed-in-javascript-file-on-password-developer-site-sudosu

[QILIN] – Ransomware Victim: Tiger Communications

[QILIN] – Ransomware Victim: Ritenour School District

[CICADA3301] – Ransomware Victim: B&M – Expertise – Audit

[AKIRA] – Ransomware Victim: LeasePLUS

You may have missed