New Decoy Dog Malware Toolkit Uncovered: Targeting Enterprise Networks
An analysis of over 70 billion DNS records has led to the discovery of a new sophisticated malware toolkit dubbed...
threatintel
Wanted Dead or Alive: Real-Time Protection Against Lateral Movement
Just a few short years ago, lateral movement was a tactic confined to top APT cybercrime organizations and nation-state operators....
APT28 Targets Ukrainian Government Entities with Fake “Windows Update” Emails
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks perpetrated by Russian nation-state hackers targeting various...
Vietnamese Threat Actor Infects 500,000 Devices Using ‘Malverposting’ Tactics
A Vietnamese threat actor has been attributed as behind a "malverposting" campaign on social media platforms to infect over 500,000...
Vice Society Ransomware Victim: CMC Group
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Google Blocks 1.43 Million Malicious Apps, Bans 73,000 Bad Accounts in 2022
Google disclosed that its improved security features and app review processes helped it block 1.43 million bad apps from being...
Google starts taking down CryptBot malware infrastructure
A court order has been granted to Google to take down the malware infrastructure associated with Cryptbot info stealer after...
Hackers use fake ‘Windows Update’ guides to target Ukrainian govt
The Computer Emergency Response Team of Ukraine (CERT-UA) says Russian hackers are targeting various government bodies in the country with malicious...
CISA: VMware Releases Security Update for Aria Operations for Logs
VMware Releases Security Update for Aria Operations for Logs VMware has released a security update to address multiple vulnerabilities in...
CISA: CISA Releases Two SBOM Documents
CISA Releases Two SBOM Documents Today, CISA released two community-drafted documents around Software Bill of Materials (SBOM): Types of SBOM...
CISA: Drupal Releases Security Advisory to Address Vulnerability in Drupal Core
Drupal Releases Security Advisory to Address Vulnerability in Drupal Core Drupal has released a security advisory to address an access...
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco has released security updates for vulnerabilities affecting Industrial Network Director (IND), Modeling...
CISA: Oracle Releases Security Updates
Oracle Releases Security Updates Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for...
RansomHouse Ransomware Victim: 100X and ALL Clients
RansomHouse Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
CISA: CISA Releases One Industrial Control Systems Medical Advisory
CISA Releases One Industrial Control Systems Medical Advisory CISA released one Industrial Control Systems Medical (ICS) medical advisory on April...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on April 25, 2023. These...
CISA: Abuse of the Service Location Protocol May Lead to DoS Attacks
Abuse of the Service Location Protocol May Lead to DoS Attacks The Service Location Protocol (SLP, RFC 2608(link is external))...
CISA: CISA Requests for Comment on Secure Software Self-Attestation Form
CISA Requests for Comment on Secure Software Self-Attestation Form CISA has issued requests for comment on the Secure Software Self-Attestation...
US-CERT Vulnerability Summary for the Week of April 17, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Malware Analysis – ransomware – ba619bc7920ba0650482c133ccea5c5c
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: ba619bc7920ba0650482c133ccea5c5cSHA1: cd8fb4ccba1004f8590d0a3560ce55269a5622c1ANALYSIS DATE: 2023-04-30T16:09:52ZTTPS: T1082, T1012, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – djvu – e1c8709a50dea0c5375707bc0f35704f
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, spyware, stealerMD5: e1c8709a50dea0c5375707bc0f35704fSHA1: 8fcc189ac74ec1062c5fded765d14bbac321e42fANALYSIS DATE: 2023-04-30T16:13:45ZTTPS: T1222, T1053, T1012, T1005,...
Malware Analysis – ransomware – f221915cf579c55a805c1a109d079bba
Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomware, upxMD5: f221915cf579c55a805c1a109d079bbaSHA1: 62e631a90d1ad721aa67e1328fb00e446f0be69eANALYSIS DATE: 2023-04-30T15:54:04ZTTPS: T1491, T1112, T1012, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – amadey – edf83adc1b164b2f076bf78ca19524f7
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:icedid, family:smokeloader, family:vidar, family:xmrig, botnet:1616034f091df9fd0229bc38dd17597f, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:pub1, botnet:sprg, campaign:252847557, backdoor, banker, discovery, evasion, loader,...
