New AlienFox toolkit steals credentials for 18 cloud services
A new modular toolkit called ‘AlienFox’ allows threat actors to scan for misconfigured servers to steal authentication secrets and credentials...
threatintel
Winter Vivern hackers exploit Zimbra flaw to steal NATO emails
A Russian hacking group tracked as TA473, aka 'Winter Vivern,' has been actively exploiting vulnerabilities in unpatched Zimbra endpoints since...
Realtek and Cacti flaws now actively exploited by malware botnets
Multiple malware botnets actively target Cacti and Realtek vulnerabilities in campaigns detected between January and March 2023, spreading ShellBot and Moobot...
CISA orders agencies to patch bugs exploited to drop spyware
The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies today to patch security vulnerabilities exploited as zero-days in...
Ukrainian cyberpolice busts fraud gang that stole $4.3 million
Ukraine's cyberpolice has arrested members of a fraud gang that stole roughly $4,300,000 from over a thousand victims across the...
Microsoft OneNote will block 120 dangerous file extensions
Microsoft has shared more information on what malicious embedded files OneNote will soon block to defend users against ongoing phishing...
Cl0p Ransomware Victim: MULTIPLAN[.]COM
Cl0p Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
US-CERT Vulnerability Summary for the Week of March 20, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Researchers Detail Severe “Super FabriXss” Vulnerability in Microsoft Azure SFX
Details have emerged about a now-patched vulnerability in Azure Service Fabric Explorer (SFX) that could lead to unauthenticated remote code...
Malware Analysis – persistence – f755a44bbb97e9ba70bf38f1bdc67722
Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, spyware, stealerMD5: f755a44bbb97e9ba70bf38f1bdc67722SHA1: f70331eb64fd893047f263623ffb1e74e6fe4187ANALYSIS DATE: 2023-03-30T15:05:37ZTTPS: T1491, T1112, T1005, T1081, T1060, T1082, T1107, T1490...
Malware Analysis – djvu – ca4c8c98cbf461f832cbf2764c82a5bd
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: ca4c8c98cbf461f832cbf2764c82a5bdSHA1: 67154ad8db949e4a23eb725f47842ff5d045f02fANALYSIS DATE: 2023-03-30T15:15:00ZTTPS: T1005, T1081, T1012, T1082,...
Malware Analysis – amadey – 404a7c5c03a53b10f0eed922316e6681
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, family:socelars, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, botnet:frtrack, botnet:pub1, backdoor, discovery, evasion, infostealer, persistence, ransomware, spyware,...
Malware Analysis – djvu – 1413865f4a87f28b94e00396de7459d2
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: 1413865f4a87f28b94e00396de7459d2SHA1: 549c641578f2dd01c2b257fe4cb5625977da8574ANALYSIS DATE: 2023-03-30T15:27:08ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – ransomware – 1ace926cf826999d3aa1e63372d009c8
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 1ace926cf826999d3aa1e63372d009c8SHA1: 0ac145c53c1c3bcb14a428f943309c5c5dc7aa62ANALYSIS DATE: 2023-03-30T15:24:49ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – amadey – 32962e720a69b0ea507f89962cdacfac
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, family:socelars, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, botnet:frtrack, botnet:pub1, backdoor, discovery, evasion, infostealer, persistence, ransomware, spyware,...
Malware Analysis – ransomware – 53586770fa7c3483b5b6b626ad7130e8
Score: 9 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 53586770fa7c3483b5b6b626ad7130e8SHA1: 36e3f72106c29c83a87ad69d58375038d0b6a326ANALYSIS DATE: 2023-03-30T16:24:25ZTTPS: T1082, T1012, T1120, T1107, T1490 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – ransomware – b673d92b77489d12779dc1fb5e8f6fdd
Score: 8 MALWARE FAMILY: ransomwareTAGS:ransomware, upxMD5: b673d92b77489d12779dc1fb5e8f6fddSHA1: 1921915dc4400a4aa70ca68a6ba1fd99106a336fANALYSIS DATE: 2023-03-30T15:57:56ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – djvu – d2a9396b590d7fe9e348a090e03d9d3d
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: d2a9396b590d7fe9e348a090e03d9d3dSHA1: 90d5a76ed3a67d0565a7748a1d5f9aedb70b063cANALYSIS DATE: 2023-03-30T16:56:44ZTTPS: T1012, T1082, T1222, T1053,...
Malware Analysis – amadey – 474154bf80eeca7d3be7614bea80b4b8
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, family:socelars, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, botnet:pub1, backdoor, discovery, evasion, infostealer, persistence, ransomware, spyware, stealer,...
Malware Analysis – djvu – 62bc08785fba8084b146de9cb4aa493a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: 62bc08785fba8084b146de9cb4aa493aSHA1: cbf7d9ea2adc622690b8e1af17351b91e40390ddANALYSIS DATE: 2023-03-30T17:31:32ZTTPS: T1012, T1082, T1053, T1005,...
Malware Analysis – amadey – 035d846ddc6a64f19b463d2ddf2bddaa
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, botnet:pub1, backdoor, discovery, persistence, ransomware, trojanMD5: 035d846ddc6a64f19b463d2ddf2bddaaSHA1: 56d52240fac546cadf5fc243ee3b938fbdab679eANALYSIS DATE: 2023-03-30T17:35:33ZTTPS: T1012, T1120, T1082,...
Malware Analysis – djvu – 42c20aa157f4523e908b8d6f9755e5cc
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: 42c20aa157f4523e908b8d6f9755e5ccSHA1: b7e2115f166d96b382dd369544db23b3aeea886cANALYSIS DATE: 2023-03-30T17:54:14ZTTPS: T1222, T1082, T1053, T1005,...
Malware Analysis – djvu – 06401e594be2ba59fe355f2c669ced41
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: 06401e594be2ba59fe355f2c669ced41SHA1: afab8237ea21303da96c8940b6add1df40c7602bANALYSIS DATE: 2023-03-30T17:56:22ZTTPS: T1053, T1005, T1081, T1012,...
New Wi-Fi Protocol Security Flaw Affecting Linux, Android and iOS Devices
A group of academics from Northeastern University and KU Leuven has disclosed a fundamental design flaw in the IEEE 802.11...
