New Zaraza Bot Credential-Stealer Sold on Telegram Targeting 38 Web Browsers
A novel credential-stealing malware called Zaraza bot is being offered for sale on Telegram while also using the popular messaging...
threatintel
CISA warns of Android bug exploited by Chinese app to spy on users
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today of a high-severity Android vulnerability believed to have been exploited...
LockBit ransomware encryptors found targeting Mac devices
Image: Norebbo The LockBit ransomware gang has created encryptors targeting Macs for the first time, likely becoming the first major...
US-CERT Vulnerability Summary for the Week of April 3, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Royal Ransomware Victim: 5Design
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Royal Ransomware Victim: Stanley Electric U[.]S[.]
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Royal Ransomware Victim: Dataram
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Royal Ransomware Victim: Talon Outdoor
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Malware Analysis – djvu – b4586f74cee9669371f2e64b6678641d
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:623db25256a5734d1207787d269d05b2, discovery, persistence, ransomware, spyware, stealerMD5: b4586f74cee9669371f2e64b6678641dSHA1: f855ec126871e24159ac9e0bd438cc08d2eb1770ANALYSIS DATE: 2023-04-16T16:20:15ZTTPS: T1222, T1053, T1005, T1081,...
Malware Analysis – ransomware – 88a69bbc9bfdc9edc263a2024ca1d78d
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 88a69bbc9bfdc9edc263a2024ca1d78dSHA1: f973e09d77438bc01a93e310eb4513f24acc601eANALYSIS DATE: 2023-04-16T16:12:17ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – amadey – 2cd65f24e1ef47b1c27daf46f55c9351
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:rhadamanthys, family:smokeloader, family:vidar, botnet:623db25256a5734d1207787d269d05b2, botnet:pub1, botnet:sprg, backdoor, collection, discovery, evasion, persistence, ransomware, spyware,...
Malware Analysis – discovery – aed07e5e91a732956dba1b37a9a6b48b
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomware, trojanMD5: aed07e5e91a732956dba1b37a9a6b48bSHA1: df1e7a31f48fec1bbc8cadcd3570a6ba7144c7e7ANALYSIS DATE: 2023-04-16T15:24:05ZTTPS: T1018, T1112, T1031, T1089, T1107, T1490, T1562,...
Vice Society Ransomware Victim: CommScope
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Android malware infiltrates 60 Google Play apps with 100M installs
A new Android malware named 'Goldoson' has infiltrated Google Play through 60 legitimate apps that collectively have 100 million downloads....
Hackers start abusing Action1 RMM in ransomware attacks
Security researchers are warning that cybercriminals are increasingly using the Action1 remote access software for persistence on compromised networks and...
NCR suffers Aloha POS outage after BlackCat ransomware attack
Source: NCR Aloha NCR is suffering an outage on its Aloha point of sale platform after being hit by an...
BlackCat/ALPHV Ransomware Victim: Leadway Assurance Company Limited
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
US-CERT Vulnerability Summary for the Week of April 3, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
GVision – A Reverse Image Search App That Use Google Cloud Vision API To Detect Landmarks And Web Entities From Images, Helping You Gather Valuable Information Quickly And Easily
GVision is a reverse image search app that use Google Cloud Vision API to detect landmarks and web entities from...
Royal Ransomware Victim: 5Design
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Royal Ransomware Victim: Stanley Electric U[.]S[.]
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Malware Analysis – amadey – 25e4492533c31df8c81938100d1a89b5
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:smokeloader, family:vidar, botnet:623db25256a5734d1207787d269d05b2, botnet:e749025c61b2caca10aa829a9e1a65a1, botnet:pub1, botnet:sprg, backdoor, discovery, evasion, persistence, ransomware, spyware, stealer,...
Malware Analysis – evasion – 0621da4524d3f97c53d56d062e7938de
Score: 10 MALWARE FAMILY: evasionTAGS:evasion, ransomware, trojanMD5: 0621da4524d3f97c53d56d062e7938deSHA1: f9fc642eb6ea007536a3d2b827a1995915e21417ANALYSIS DATE: 2023-04-15T16:23:11ZTTPS: T1082, T1158, T1112, T1491, T1012, T1053, T1088, T1089 ScoreMeaningExample10Known...
Malware Analysis – djvu – 1dd758012876b986897fa4ecc12660e3
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:623db25256a5734d1207787d269d05b2, discovery, persistence, ransomware, spyware, stealerMD5: 1dd758012876b986897fa4ecc12660e3SHA1: d83c9fcb25192e999272302cc48143b1f8754639ANALYSIS DATE: 2023-04-15T16:25:54ZTTPS: T1060, T1112, T1012, T1082,...
