Cobalt Stike Beacon Detected – 1[.]116[.]160[.]60:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
threatintel
Cobalt Stike Beacon Detected – 119[.]3[.]236[.]233:5555
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 179[.]60[.]146[.]13:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
North Korea’s ScarCruft Deploys RokRAT Malware via LNK File Infection Chains
The North Korean threat actor known as ScarCruft began experimenting with oversized LNK files as a delivery route for RokRAT...
LOBSHOT: A Stealthy, Financial Trojan and Info Stealer Delivered through Google Ads
In yet another instance of how threat actors are abusing Google Ads to serve malware, a threat actor has been...
Alert: Active Exploitation of TP-Link, Apache, and Oracle Vulnerabilities Detected
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added three flaws to the Known Exploited Vulnerabilities (KEV) catalog, based...
Vice Society Ransomware Victim: Brighton Hill Community School
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Hackers leak images to taunt Western Digital’s cyberattack response
The ALPHV ransomware operation, aka BlackCat, has published screenshots of internal emails and video conferences stolen from Western Digital, indicating...
New LOBSHOT malware gives hackers hidden VNC access to Windows devices
A new malware known as ‘LOBSHOT’ distributed using Google ads allows threat actors to stealthily take over infected Windows devices...
T-Mobile discloses second data breach since the start of 2023
T-Mobile disclosed the second data breach of 2023 after discovering that attackers had access to the personal information of hundreds...
CISA: VMware Releases Security Update for Aria Operations for Logs
VMware Releases Security Update for Aria Operations for Logs VMware has released a security update to address multiple vulnerabilities in...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
CISA: CISA Releases Two SBOM Documents
CISA Releases Two SBOM Documents Today, CISA released two community-drafted documents around Software Bill of Materials (SBOM): Types of SBOM...
CISA: Oracle Releases Security Updates
Oracle Releases Security Updates Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for...
CISA: Abuse of the Service Location Protocol May Lead to DoS Attacks
Abuse of the Service Location Protocol May Lead to DoS Attacks The Service Location Protocol (SLP, RFC 2608(link is external))...
CISA: CISA Requests for Comment on Secure Software Self-Attestation Form
CISA Requests for Comment on Secure Software Self-Attestation Form CISA has issued requests for comment on the Secure Software Self-Attestation...
CISA: CISA Urges Organizations to Incorporate the FCC Covered List Into Risk Management Plans
CISA Urges Organizations to Incorporate the FCC Covered List Into Risk Management Plans The Federal Communications Commission (FCC) maintains a Covered...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on April 25, 2023. These...
CISA: CISA Releases One Industrial Control Systems Medical Advisory
CISA Releases One Industrial Control Systems Medical Advisory CISA released one Industrial Control Systems Medical (ICS) medical advisory on April...
US-CERT Vulnerability Summary for the Week of April 17, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
CISA: CISA Urges Organizations to Incorporate the FCC Covered List Into Risk Management Plans
CISA Urges Organizations to Incorporate the FCC Covered List Into Risk Management Plans The Federal Communications Commission (FCC) maintains a Covered...
Royal Ransomware Victim: EdisonLearning
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Malware Analysis – djvu – 9d7bdf0d62714ee2eea6aab9d2ee58bd
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, stealerMD5: 9d7bdf0d62714ee2eea6aab9d2ee58bdSHA1: f15e7703b0f867d6a6b6c52f6a7536f6576449ebANALYSIS DATE: 2023-05-01T15:01:17ZTTPS: T1053, T1130, T1112, T1060, T1222,...
