CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on April 20, 2023. These...
threatintel
CISA: CISA to Continue and Enhance U.K.’s Logging Made Easy Tool
CISA to Continue and Enhance U.K.’s Logging Made Easy Tool CISA has announced plans to continue and enhance the Logging...
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco has released security updates for vulnerabilities affecting Industrial Network Director (IND), Modeling...
CISA: Oracle Releases Security Updates
Oracle Releases Security Updates Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for...
RansomHouse Ransomware Victim: OMT Officine Meccaniche Torino S[.]p[.]A[.]
RansomHouse Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
CISA: CISA Releases Two SBOM Documents
CISA Releases Two SBOM Documents Today, CISA released two community-drafted documents around Software Bill of Materials (SBOM): Types of SBOM...
CISA: Abuse of the Service Location Protocol May Lead to DoS Attacks
Abuse of the Service Location Protocol May Lead to DoS Attacks The Service Location Protocol (SLP, RFC 2608(link is external))...
CISA: VMware Releases Security Update for Aria Operations for Logs
VMware Releases Security Update for Aria Operations for Logs VMware has released a security update to address multiple vulnerabilities in...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on April 25, 2023. These...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
Brute Ratel C4 Detected – 2600:9000:201b:aa00:16:f834:8940:93a1:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
US-CERT Vulnerability Summary for the Week of April 17, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
PortEx – Java Library To Analyse Portable Executable Files With A Special Focus On Malware Analysis And PE Malformation Robustness
PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness,...
Malware Analysis – amadey – 2e2d214abd61d6b40e8ad5e9e437df45
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:smokeloader, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:pub1, botnet:sprg, backdoor, discovery, persistence, ransomware, spyware, stealer, trojanMD5: 2e2d214abd61d6b40e8ad5e9e437df45SHA1:...
Malware Analysis – – 33868397a64763f16d88e37d4289697a
Score: 1 MALWARE FAMILY: TAGS:MD5: 33868397a64763f16d88e37d4289697aSHA1: 2bd06371967738d0101dc73ed3fa321cbeac4db6ANALYSIS DATE: 2023-04-26T16:00:59ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – amadey – fd68d6d16b3b5a68311907694d3c5967
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:redline, family:smokeloader, family:vidar, botnet:1379752987, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:sprg, backdoor, discovery, evasion, infostealer, persistence, ransomware, spyware,...
Malware Analysis – djvu – 51a4106e8f56ecb11ff22995f4cfd3e1
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, spyware, stealerMD5: 51a4106e8f56ecb11ff22995f4cfd3e1SHA1: 2781e07822cf8b54406d5785e0e71e3158f4666fANALYSIS DATE: 2023-04-26T15:49:43ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – amadey – 05cd8d500f128d1c1ab6844e5b98eb4e
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:smokeloader, botnet:pub1, botnet:sprg, backdoor, discovery, ransomware, stealer, trojanMD5: 05cd8d500f128d1c1ab6844e5b98eb4eSHA1: 76211cea5ed0667e98e9b99312d6a40cd6ffb1faANALYSIS DATE: 2023-04-26T15:37:31ZTTPS: T1012,...
Chinese Hackers Using MgBot Malware to Target International NGOs in Mainland China
The advanced persistent threat (APT) group referred to as Evasive Panda has been observed targeting an international non-governmental organization (NGO)...
Chinese Hackers Spotted Using Linux Variant of PingPull in Targeted Cyberattacks
The Chinese nation-state group dubbed Alloy Taurus is using a Linux variant of a backdoor called PingPull as well as...
Charming Kitten’s New BellaCiao Malware Discovered in Multi-Country Attacks
The prolific Iranian nation-state group known as Charming Kitten is actively targeting multiple victims in the U.S., Europe, the Middle...
Black Basta Ransomware Victim: GTT
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Browser Security Survey: 87% of SaaS Adopters Exposed to Browser-borne Attacks
The browser serves as the primary interface between the on-premises environment, the cloud, and the web in the modern enterprise....
Apache Superset Vulnerability: Insecure Default Configuration Exposes Servers to RCE Attacks
The maintainers of the Apache Superset open source data visualization software have released fixes to plug an insecure default configuration...
