threatintel

US-CERT Vulnerability Summary for the Week of April 17, 2023

April 29, 2023

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...

Bearer – Code Security Scanning Tool (SAST) That Discover, Filter And Prioritize Security Risks And Vulnerabilities Leading To Sensitive Data Exposures (PII, PHI, PD)

April 29, 2023

Discover, filter, and prioritize security risks and vulnerabilities impacting your code. Bearer is a static application security testing (SAST) tool...

9a6d23b1b8322752c865399b654d25a3e5d256b0b5bb17a22f85ae58df38d60d

FirebaseExploiter – Vulnerability Discovery Tool That Discovers Firebase Database Which Are Open And Can Be Exploitable

April 29, 2023

FirebaseExploiter is a vulnerability discovery tool that discovers Firebase Database which are open and can be exploitable. Primarily built for...

Malware Analysis – persistence – 09250d8b8323c62fb59941b458fa70d1

April 29, 2023

Score: 10 MALWARE FAMILY: persistenceTAGS:persistence, ransomwareMD5: 09250d8b8323c62fb59941b458fa70d1SHA1: da5f6347207257139ac82b50bc8276de9c1afd9eANALYSIS DATE: 2023-04-29T15:39:47ZTTPS: T1112, T1060, T1012, T1120, T1082, T1107, T1490 ScoreMeaningExample10Known badA malware...

Malware Analysis – djvu – cabb11a8e237ff7233e19b9cb6cc829d

April 29, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, spyware, stealerMD5: cabb11a8e237ff7233e19b9cb6cc829dSHA1: ffe487aba123018573a275adfe98c44d1cee9c77ANALYSIS DATE: 2023-04-29T15:35:17ZTTPS: T1060, T1112, T1222, T1053,...

Malware Analysis – djvu – 1420395c269bb059c6f60d8faee97088

April 29, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5cb879265de0011bfc7588d5d251aee6, discovery, persistence, ransomware, spyware, stealerMD5: 1420395c269bb059c6f60d8faee97088SHA1: 1c3662586dcf5451f479d7c1812a22cc9db25dbdANALYSIS DATE: 2023-04-29T16:22:32ZTTPS: T1012, T1082, T1005, T1081,...

Malware Analysis – ransomware – b55fca9a67bd38321a51a8724b61ee12

April 29, 2023

Score: 7 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: b55fca9a67bd38321a51a8724b61ee12SHA1: 99e8e1961755df056c605ca052e92da3ddb0a3d3ANALYSIS DATE: 2023-04-29T15:56:53ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...

Malware Analysis – amadey – cea30f806e644cebe48399eefa345e51

April 29, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:icedid, family:redline, family:smokeloader, family:vidar, botnet:1616034f091df9fd0229bc38dd17597f, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:potok 2, botnet:pub1, campaign:252847557, backdoor, banker, discovery, evasion,...

Malware Analysis – amadey – 845774441d6a856cfb4529fdef819fda

April 29, 2023

Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:1616034f091df9fd0229bc38dd17597f, botnet:5cb879265de0011bfc7588d5d251aee6, botnet:potok 2, botnet:pub1, backdoor, discovery, evasion, infostealer, persistence, ransomware,...

threatintel

US-CERT Vulnerability Summary for the Week of April 17, 2023

Bearer – Code Security Scanning Tool (SAST) That Discover, Filter And Prioritize Security Risks And Vulnerabilities Leading To Sensitive Data Exposures (PII, PHI, PD)

FirebaseExploiter – Vulnerability Discovery Tool That Discovers Firebase Database Which Are Open And Can Be Exploitable

Malware Analysis – persistence – 09250d8b8323c62fb59941b458fa70d1

Malware Analysis – djvu – cabb11a8e237ff7233e19b9cb6cc829d

Malware Analysis – djvu – 1420395c269bb059c6f60d8faee97088

Malware Analysis – ransomware – b55fca9a67bd38321a51a8724b61ee12

Malware Analysis – amadey – cea30f806e644cebe48399eefa345e51

Malware Analysis – amadey – 845774441d6a856cfb4529fdef819fda

Black Basta Ransomware Victim: AUTOCAM MEDICAL

Black Basta Ransomware Victim: TAMMAC

Black Basta Ransomware Victim: BLUME

LockBit 3.0 Ransomware Victim: baughmanco[.]com

ChatGPT is Back in Italy After Addressing Data Privacy Concerns

CISA Warns of Critical Flaws in Illumina’s DNA Sequencing Instruments

RansomHouse Ransomware Victim: Albany ENT & Allergy Services

Mandiant’s mWISE Event is Where Security’s Best Get Better

CISA warns of critical bugs in Illumina DNA sequencing systems

Hackers swap stealth for realistic checkout forms to steal credit cards

ViperSoftX info-stealing malware now targets password managers

The Week in Ransomware – April 28th 2023 – Clop at it again

Cold storage giant Americold outage caused by network breach

Cl0p Ransomware Victim: GC-EMPLOYMENT[.]COM

CISA: Oracle Releases Security Updates

Cobalt Strike Beacon Detected – 121[.]43[.]37[.]134:4434

Cobalt Strike Beacon Detected – 119[.]29[.]231[.]118:443

Cobalt Strike Beacon Detected – 39[.]101[.]74[.]162:443

Cobalt Strike Beacon Detected – 8[.]218[.]112[.]112:8880

Cobalt Strike Beacon Detected – 47[.]109[.]48[.]57:443

You may have missed