Pilfered Keys: Free App Infected by Malware Steals Keychain Data
Open-source applications are a practical way to save money while keeping up with your productivity. However, this can be abused...
threatintel
Complete Guide to Protecting 7 Attack Vectors
The quicker a cyberattack is identified, the less it costs. Jon Clay, VP of Threat Intelligence, reviews 7 key initial...
F5 fixed 2 high-severity Remote Code Execution bugs in its products
Researchers at cybersecurity firm Rapid7 have identified several vulnerabilities and other potential security issues affecting F5 products. Rapid7 researchers discovered...
CISA: Cisco Releases Security Updates for Identity Services Engine
Cisco Releases Security Updates for Identity Services Engine Cisco has released security updates for vulnerabilities affecting Cisco Identity Services Engine...
Lazarus APT uses DTrack backdoor in attacks against LATAM and European orgs
North Korea-linked Lazarus APT is using a new version of the DTrack backdoor in attacks aimed at organizations in Europe...
Black Basta Ransomware Victim: IMA Financial Group, Inc[.]
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Black Basta Ransomware Victim: Kessing Rechtsanwälte und Fachanwälte in PartGmbB
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Malware Analysis – djvu – 26bc838e4d36c0d4f7c8e45458670276
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 26bc838e4d36c0d4f7c8e45458670276SHA1: ea289be9fbd1f6252caa58f7e41dc0ed4f4a3ea3ANALYSIS DATE: 2022-11-16T16:25:43ZTTPS: T1005, T1081, T1222, T1082,...
Malware Analysis – amadey – 114a29e4828e47605fb68bbda1c91cd4
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:asyncrat, family:dcrat, family:djvu, family:eternity, family:raccoon, family:redline, family:smokeloader, family:vidar, botnet:517, botnet:@redlinevip cloud (tg: @fatherofcarders), botnet:client6, botnet:dbffbdbc9786a5c270e6dd2d647e18ea,...
Malware Analysis – evasion – 06121671b9de18edfc74f1ca3c566001
Score: 8 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: 06121671b9de18edfc74f1ca3c566001SHA1: 12d586ccb57197b5ea48ff978f6e59ed20a1f7a3ANALYSIS DATE: 2022-11-16T15:12:04ZTTPS: T1082, T1491, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – djvu – 4af869180d81d4cfb263e86d7161a18a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 4af869180d81d4cfb263e86d7161a18aSHA1: 01a0428bb825147cde47c922f04b6e074f908ca0ANALYSIS DATE: 2022-11-16T15:16:16ZTTPS: T1060, T1112, T1082, T1005,...
CISA: Mozilla Releases Security Updates for Multiple Products
Mozilla Releases Security Updates for Multiple Products Mozilla has released security updates to address vulnerabilities in Thunderbird, Firefox ESR, and Firefox. An...
CISA: CISA and FBI Release Advisory on Iranian Government-Sponsored APT Actors Compromising Federal Network
CISA and FBI Release Advisory on Iranian Government-Sponsored APT Actors Compromising Federal Network Today, CISA and the Federal Bureau of...
Malware Analysis – smokeloader – 5ca04c00a108bc8a1ebc6f2acb206914
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 5ca04c00a108bc8a1ebc6f2acb206914SHA1: 1aa8c66127e76ee084070eb985d9a5f776bde6d4ANALYSIS DATE: 2022-11-16T17:52:07ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – amadey – 7960146c3ce0103f7c63f99952955c3c
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:eternity, family:raccoon, family:redline, family:smokeloader, family:vidar, botnet:3m, botnet:517, botnet:@redlinevip cloud (tg: @fatherofcarders), botnet:dbffbdbc9786a5c270e6dd2d647e18ea, botnet:mario23_10,...
Malware Analysis – djvu – 5b95e84a91c972f557690b38cddd8fd4
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 5b95e84a91c972f557690b38cddd8fd4SHA1: 9c8edebbd80c013835a370484d173fa5abc8053aANALYSIS DATE: 2022-11-16T16:32:01ZTTPS: T1053, T1005, T1081, T1012,...
Malware Analysis – lockbit – 48aa442a0670b65a82eee99c1ed1ac78
Score: 10 MALWARE FAMILY: lockbitTAGS:family:lockbit, discovery, evasion, persistence, ransomwareMD5: 48aa442a0670b65a82eee99c1ed1ac78SHA1: 12117609b746257a6cdd2808dcb50c6af9c1810dANALYSIS DATE: 2022-11-16T17:50:04ZTTPS: T1490, T1046, T1082, T1107, T1060, T1112 ScoreMeaningExample10Known...
New RapperBot Campaign targets game servers with DDoS attacks
Fortinet researchers discovered new samples of RapperBot used to build a botnet to launch Distributed DDoS attacks against game servers....
TripleCross – A Linux eBPF Rootkit With A Backdoor, C2, Library Injection, Execution Hijacking, Persistence And Stealth Capabilities.
TripleCross is a Linux eBPF rootkit that demonstrates the offensive capabilities of the eBPF technology. TripleCross is inspired by previous...
Cobalt Stike Beacon Detected – 2[.]56[.]173[.]252:2086
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 18[.]208[.]157[.]91:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 42[.]194[.]209[.]253:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 104[.]244[.]73[.]220:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Black Basta Ransomware Victim: Kessing Rechtsanwälte und Fachanwälte in PartGmbB
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
