What’s the Difference Between CSPM & SSPM?
Cloud Security Posture Management (CSPM) and SaaS Security Posture Management (SSPM) are frequently confused. The similarity of the acronyms notwithstanding,...
threatintel
Vice Society Ransomware Using Stealthy PowerShell Tool for Data Exfiltration
Threat actors associated with the Vice Society ransomware gang have been observed using a bespoke PowerShell-based tool to fly under...
Tour of the Underground: Master the Art of Dark Web Intelligence Gathering
The Deep, Dark Web – The Underground – is a haven for cybercriminals, teeming with tools and resources to launch...
Google Uncovers APT41’s Use of Open Source GC2 Tool to Target Media and Job Sites
A Chinese nation-state group targeted an unnamed Taiwanese media organization to deliver an open source red teaming tool known as...
LockBit 3.0 Ransomware Victim: brl[.]fr
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: alpine4u[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
New Zaraza Bot Credential-Stealer Sold on Telegram Targeting 38 Web Browsers
A novel credential-stealing malware called Zaraza bot is being offered for sale on Telegram while also using the popular messaging...
CISA warns of Android bug exploited by Chinese app to spy on users
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned today of a high-severity Android vulnerability believed to have been exploited...
LockBit ransomware encryptors found targeting Mac devices
Image: Norebbo The LockBit ransomware gang has created encryptors targeting Macs for the first time, likely becoming the first major...
US-CERT Vulnerability Summary for the Week of April 3, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Royal Ransomware Victim: Stanley Electric U[.]S[.]
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Royal Ransomware Victim: Dataram
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Royal Ransomware Victim: Talon Outdoor
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Royal Ransomware Victim: 5Design
RoyalRansomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the...
Malware Analysis – djvu – b4586f74cee9669371f2e64b6678641d
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:623db25256a5734d1207787d269d05b2, discovery, persistence, ransomware, spyware, stealerMD5: b4586f74cee9669371f2e64b6678641dSHA1: f855ec126871e24159ac9e0bd438cc08d2eb1770ANALYSIS DATE: 2023-04-16T16:20:15ZTTPS: T1222, T1053, T1005, T1081,...
Malware Analysis – ransomware – 88a69bbc9bfdc9edc263a2024ca1d78d
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, spyware, stealerMD5: 88a69bbc9bfdc9edc263a2024ca1d78dSHA1: f973e09d77438bc01a93e310eb4513f24acc601eANALYSIS DATE: 2023-04-16T16:12:17ZTTPS: T1005, T1081 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – amadey – 2cd65f24e1ef47b1c27daf46f55c9351
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:lumma, family:rhadamanthys, family:smokeloader, family:vidar, botnet:623db25256a5734d1207787d269d05b2, botnet:pub1, botnet:sprg, backdoor, collection, discovery, evasion, persistence, ransomware, spyware,...
Malware Analysis – discovery – aed07e5e91a732956dba1b37a9a6b48b
Score: 10 MALWARE FAMILY: discoveryTAGS:discovery, evasion, persistence, ransomware, trojanMD5: aed07e5e91a732956dba1b37a9a6b48bSHA1: df1e7a31f48fec1bbc8cadcd3570a6ba7144c7e7ANALYSIS DATE: 2023-04-16T15:24:05ZTTPS: T1018, T1112, T1031, T1089, T1107, T1490, T1562,...
Vice Society Ransomware Victim: CommScope
Vice Society Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Android malware infiltrates 60 Google Play apps with 100M installs
A new Android malware named 'Goldoson' has infiltrated Google Play through 60 legitimate apps that collectively have 100 million downloads....
Hackers start abusing Action1 RMM in ransomware attacks
Security researchers are warning that cybercriminals are increasingly using the Action1 remote access software for persistence on compromised networks and...
NCR suffers Aloha POS outage after BlackCat ransomware attack
Source: NCR Aloha NCR is suffering an outage on its Aloha point of sale platform after being hit by an...
BlackCat/ALPHV Ransomware Victim: Leadway Assurance Company Limited
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
US-CERT Vulnerability Summary for the Week of April 3, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
