Cobalt Stike Beacon Detected – 198[.]46[.]189[.]193:8765
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
threatintel
US-CERT Vulnerability Summary for the Week of June 12, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Gato – GitHub Self-Hosted Runner Enumeration And Attack Tool
Gato, or GitHub Attack Toolkit, is an enumeration and attack tool that allows both blue teamers and offensive security practitioners...
Malware Analysis – banker – 1fd1f86a3032c69587ab152daad57589
Score: 9 MALWARE FAMILY: bankerTAGS:banker, evasion, ransomwareMD5: 1fd1f86a3032c69587ab152daad57589SHA1: 1e6e7c779f661f5a4cef2ad09c19507a1ef7928dANALYSIS DATE: 2023-06-25T17:13:55ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – evasion – e62724f27f21db9b5673ff3604bfe6e6
Score: 9 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: e62724f27f21db9b5673ff3604bfe6e6SHA1: 7d55e8191afe080143d44566c293aef3fee97360ANALYSIS DATE: 2023-06-25T17:25:58ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Medusa Locker Ransomware Victim: Universitas Matthiae Belii association
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Medusa Locker Ransomware Victim: Real Estate Systems Integrator
Medusa Locker Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
Cobalt Stike Beacon Detected – 139[.]155[.]144[.]97:9443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 146[.]190[.]212[.]94:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]223[.]34[.]106:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 47[.]113[.]231[.]140:81
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 95[.]214[.]27[.]59:9999
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 139[.]199[.]181[.]68:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 194[.]41[.]59[.]3:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
NOESCAPE Ransomware Victim: Cyril Johnston Hire
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
NOESCAPE Ransomware Victim: Credit Team
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
NOESCAPE Ransomware Victim: Promotion Fulfillment Center
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
CISA orders agencies to patch iPhone bugs abused in spyware attacks
Today, CISA ordered federal agencies to patch recently patched security vulnerabilities exploited as zero-days to deploy Triangulation spyware on iPhones...
Fortinet fixes critical FortiNAC remote command execution flaw
Cybersecurity solutions company Fortinet has updated its zero-trust access solution FortiNAC to address a critical-severity vulnerability that attackers could leverage...
MOVEIt breach impacts Genworth, CalPERS as data for 3.2 million exposed
PBI Research Services (PBI) has suffered a data breach with three clients disclosing that the data for 4.75 million people...
FBI seizes BreachForums after arresting its owner Pompompurin in March
U.S. law enforcement today seized the clear web domain of the notorious BreachForums (aka Breached) hacking forum three months after...
The Week in Ransomware – June 23rd 2023 – The Reddit Files
It was a relatively quiet week regarding ransomware news, with the BlackCat ransomware gang extorting Reddit and the ongoing MOVEit...
Grafana warns of critical auth bypass due to Azure AD integration
Grafana has released security fixes for multiple versions of its application, addressing a vulnerability that enables attackers to bypass authentication...
LastPass users furious after being locked out due to MFA resets
LastPass password manager users have been experiencing significant login issues starting early May after being prompted to reset their authenticator...
