Chinese RedGolf Group Targeting Windows and Linux Systems with KEYPLUG Backdoor
A Chinese state-sponsored threat activity group tracked as RedGolf has been attributed to the use of a custom Windows and...
threatintel
AlienFox Malware Targets API Keys and Secrets from AWS, Google, and Microsoft Cloud Services
A new "comprehensive toolset" called AlienFox is being distributed on Telegram as a way for threat actors to harvest credentials...
Cyberstorage: Leveraging the Multi-Cloud to Combat Data Exfiltration
Multi-cloud data storage, once merely a byproduct of the great cloud migration, has now become a strategy for data management....
3CX Desktop App Supply Chain Attack Leaves Millions at Risk – Urgent Update on the Way!
3CX said it's working on a software update for its desktop app after multiple cybersecurity vendors sounded the alarm on...
LockBit 3.0 Ransomware Victim: tharworx[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: overseas-ast[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: hammondlumber[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
3CX App Supply Chain Attack Leaves Millions at Risk – Urgent Update on the Way!
3CX said it's working on a software update for its desktop app after multiple cybersecurity vendors sounded the alarm on...
RansomHouse Ransomware Victim: Hospital Clinic de Barcelona
RansomHouse Logo NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Karakurt Ransomware Victim: FINANCE INSTITUTION AUCTION
KARAKURT RANSOMWARE NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
QNAP warns customers to patch Linux Sudo flaw in NAS devices
Taiwanese hardware vendor QNAP warns customers to secure their Linux-powered network-attached storage (NAS) devices against a high-severity Sudo privilege escalation...
Hackers compromise 3CX desktop app in a supply chain attack
A digitally signed and trojanized version of the 3CX Voice Over Internet Protocol (VOIP) desktop client is reportedly being used...
Google finds more Android, iOS zero-days used to install spyware
Google's Threat Analysis Group (TAG) discovered several exploit chains using Android, iOS, and Chrome zero-day and n-day vulnerabilities to install...
US-CERT Vulnerability Summary for the Week of March 20, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Malware Analysis – djvu – a2813d8a07a0bfe6ab8d8f5f3e486bd6
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: a2813d8a07a0bfe6ab8d8f5f3e486bd6SHA1: 2f490cd0ac83ae8455dcc087946334b79f95c5a7ANALYSIS DATE: 2023-03-29T15:24:46ZTTPS: T1012, T1082, T1222, T1005,...
Malware Analysis – djvu – 7f7af90a656514364fc769f4ba85ebf1
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: 7f7af90a656514364fc769f4ba85ebf1SHA1: 740c283a238c669008b6bf50c2e97edb209c631bANALYSIS DATE: 2023-03-29T14:59:29ZTTPS: T1082, T1005, T1081, T1053,...
Malware Analysis – djvu – 8b52be4221750ba22b73867d77f514a8
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, botnet:pub1, backdoor, discovery, persistence, ransomware, trojanMD5: 8b52be4221750ba22b73867d77f514a8SHA1: 45b9ed5aa5947e7d7c761a7ee0f9ca04f3d6a425ANALYSIS DATE: 2023-03-29T15:38:27ZTTPS: T1012, T1120, T1082, T1222,...
Malware Analysis – djvu – bb6f35a6a6a07b124686f9abdd64205b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: bb6f35a6a6a07b124686f9abdd64205bSHA1: ccc9af1cf9221571e6619ad0aa04e294a1efe033ANALYSIS DATE: 2023-03-29T15:53:38ZTTPS: T1222, T1012, T1082, T1053,...
Malware Analysis – djvu – 94c00dfd7eb99d7de68c95f27a3d5854
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: 94c00dfd7eb99d7de68c95f27a3d5854SHA1: 02dc1e168b8e9df3cefc60e3f5d4d0bd850b69c5ANALYSIS DATE: 2023-03-29T15:44:27ZTTPS: T1222, T1060, T1112, T1053,...
Malware Analysis – amadey – bb827f6d5b1d086843fa951b69b8e702
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, botnet:frtrack, botnet:pub1, botnet:rober, backdoor, discovery, evasion, infostealer, persistence, ransomware, spyware,...
Malware Analysis – djvu – 41c2e6a9aedab7b3015ada13c70a5673
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: 41c2e6a9aedab7b3015ada13c70a5673SHA1: 62a1c491c10e64d730ad4f589855d8478f017251ANALYSIS DATE: 2023-03-29T16:25:15ZTTPS: T1005, T1081, T1053, T1082,...
Malware Analysis – djvu – afd8945316aedd2fb57dd654431c26ba
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: afd8945316aedd2fb57dd654431c26baSHA1: f49694b571523786df36ab5d711dc5ea91ef878fANALYSIS DATE: 2023-03-29T17:52:09ZTTPS: T1005, T1081, T1060, T1112,...
Malware Analysis – djvu – 15a5bb819748cdec8893209495776408
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, discovery, persistence, ransomware, spyware, stealerMD5: 15a5bb819748cdec8893209495776408SHA1: da3561824dbab0b96c63a5cfd2f364364216ea0aANALYSIS DATE: 2023-03-29T16:31:20ZTTPS: T1060, T1112, T1082, T1053,...
Malware Analysis – amadey – 941ebdb94364e7958adc8638cb5dd933
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:redline, family:smokeloader, family:vidar, botnet:5df88deb5dde677ba658b77ad5f60248, botnet:pub1, botnet:rober, backdoor, discovery, evasion, infostealer, persistence, ransomware, spyware, stealer,...
