New SLP bug can lead to massive 2,200x DDoS amplification attacks
A new reflective Denial-of-Service (DoS) amplification vulnerability in the Service Location Protocol (SLP) allows threat actors to launch massive denial-of-service...
threatintel
TP-Link Archer WiFi router flaw exploited by Mirai malware
The Mirai malware botnet is actively exploiting a TP-Link Archer A21 (AX1800) WiFi router vulnerability tracked as CVE-2023-1389 to incorporate...
BlackByte Ransomware Victim: Dacotah Paper
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Posh C2 Detected – 95[.]164[.]87[.]82:443
The Information provided at the time of posting was detected as "Posh C2". Depending on when you are viewing this...
CISA: Drupal Releases Security Advisory to Address Vulnerability in Drupal Core
Drupal Releases Security Advisory to Address Vulnerability in Drupal Core Drupal has released a security advisory to address an access...
CISA: Cisco Releases Security Advisories for Multiple Products
Cisco Releases Security Advisories for Multiple Products Cisco has released security updates for vulnerabilities affecting Industrial Network Director (IND), Modeling...
CISA: Oracle Releases Security Updates
Oracle Releases Security Updates Oracle has released its Critical Patch Update Advisory, Solaris Third Party Bulletin, and Linux Bulletin for...
CISA: CISA to Continue and Enhance U.K.’s Logging Made Easy Tool
CISA to Continue and Enhance U.K.’s Logging Made Easy Tool CISA has announced plans to continue and enhance the Logging...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on April 20, 2023. These...
CISA: CISA Releases Two SBOM Documents
CISA Releases Two SBOM Documents Today, CISA released two community-drafted documents around Software Bill of Materials (SBOM): Types of SBOM...
CISA: Abuse of the Service Location Protocol May Lead to DoS Attacks
Abuse of the Service Location Protocol May Lead to DoS Attacks The Service Location Protocol (SLP, RFC 2608(link is external))...
CISA: CISA Releases Two Industrial Control Systems Advisories
CISA Releases Two Industrial Control Systems Advisories CISA released two Industrial Control Systems (ICS) advisories on April 25, 2023. These...
CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog,...
CISA: VMware Releases Security Update for Aria Operations for Logs
VMware Releases Security Update for Aria Operations for Logs VMware has released a security update to address multiple vulnerabilities in...
US-CERT Vulnerability Summary for the Week of April 17, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
auditpolCIS – CIS Benchmark Testing Of Windows SIEM Configuration
CIS Benchmark testing of Windows SIEM configuration This is an application for testing the configuration of Windows Audit Policy settings...
CISA: Abuse of the Service Location Protocol May Lead to DoS Attacks
Abuse of the Service Location Protocol May Lead to DoS Attacks The Service Location Protocol (SLP, RFC 2608(link is external))...
Royal Ransomware Victim: Encompass Group
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Malware Analysis – evasion – 495c2a34d4447df001099893059774f6
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealerMD5: 495c2a34d4447df001099893059774f6SHA1: bf7c9c05ae10ffaab5325c434705b33384ddf2b2ANALYSIS DATE: 2023-04-25T15:17:13ZTTPS: T1490, T1060, T1112, T1031, T1562, T1489, T1082,...
Malware Analysis – evasion – c50a968d1c6351e9e087a56b1e5a1acd
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealerMD5: c50a968d1c6351e9e087a56b1e5a1acdSHA1: d9c4742a26bf41c5009f2e56f53ae9fab931a5b1ANALYSIS DATE: 2023-04-25T15:17:13ZTTPS: T1490, T1005, T1081, T1060, T1112, T1031, T1562,...
Malware Analysis – evasion – 469eb4d876c8bd2093e47d2474fbc59b
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealer, upxMD5: 469eb4d876c8bd2093e47d2474fbc59bSHA1: 0ff84a77d24839137002c56e9ff60c7f92080ca8ANALYSIS DATE: 2023-04-25T15:17:13ZTTPS: T1490, T1082, T1005, T1081, T1060, T1112,...
Malware Analysis – evasion – de96342270a559433babd9a496b0e7a8
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealerMD5: de96342270a559433babd9a496b0e7a8SHA1: 061d614f75e29cc48fe846e06380ee44752e432fANALYSIS DATE: 2023-04-25T15:50:52ZTTPS: T1490, T1060, T1112, T1031, T1562, T1489, T1082,...
Malware Analysis – djvu – f60e6578aa0bb267266b0f72fd6ec284
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, spyware, stealerMD5: f60e6578aa0bb267266b0f72fd6ec284SHA1: 5a9ce528a2294269c403e6f4e98d27fd05bc565fANALYSIS DATE: 2023-04-25T15:19:23ZTTPS: T1053, T1005, T1081, T1012,...
Malware Analysis – evasion – 74dfb9ff18eb2dcea85dd97d01f96702
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, persistence, ransomware, spyware, stealer, upxMD5: 74dfb9ff18eb2dcea85dd97d01f96702SHA1: e6c134f0cb8f2bdf2255d06ef5720c314c03837fANALYSIS DATE: 2023-04-25T15:17:13ZTTPS: T1490, T1060, T1112, T1031, T1562, T1489,...
