Where SSO Falls Short in Protecting SaaS
Single sign-on (SSO) is an authentication method that allows users to authenticate their identity for multiple applications with just one...
threatintel
New MacStealer macOS Malware Steals iCloud Keychain Data and Passwords
A new information-stealing malware has set its sights on Apple's macOS operating system to siphon sensitive information from compromised devices....
LockBit 3.0 Ransomware Victim: mcna[.]net
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: ita-moulding-process[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: ulmacarretillas[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
FBI: Business email compromise tactics used to defraud U.S. vendors
The Federal Bureau of Investigation is warning companies in the U.S. of threat actors using tactics similar to business email...
Emotet malware distributed as fake W-9 tax forms from the IRS
A new Emotet phishing campaign is targeting U.S. taxpayers by impersonating W-9 tax forms allegedly sent by the Internal Revenue...
Brute Ratel C4 Detected – 52[.]192[.]166[.]233:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
US-CERT Vulnerability Summary for the Week of March 13, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and...
Malware Analysis – djvu – c2c9766bc21d684fdb277faa414fd9ce
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:00d92484c9b27bc8482a2cc94cacc508, discovery, persistence, ransomware, spyware, stealerMD5: c2c9766bc21d684fdb277faa414fd9ceSHA1: 0570ff0ab1e3de949f78a28c3baad118cfaf3e14ANALYSIS DATE: 2023-03-26T15:15:31ZTTPS: T1222, T1082, T1005, T1081,...
Malware Analysis – djvu – 4337baca641bc801e6223757534aee9d
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:00d92484c9b27bc8482a2cc94cacc508, discovery, persistence, ransomware, spyware, stealerMD5: 4337baca641bc801e6223757534aee9dSHA1: 6b73961e68d5988454ad04de870c7ea6570aeaf1ANALYSIS DATE: 2023-03-26T15:05:04ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – smokeloader – 4293ec458e657eeb42ca2ec2eb09b76d
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 4293ec458e657eeb42ca2ec2eb09b76dSHA1: 2589d4a26f3462d7bb19756c291b6ad9235abd21ANALYSIS DATE: 2023-03-26T15:23:02ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – amadey – a1c240e28cf9828fe5adc68119a57fa6
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:smokeloader, botnet:pub1, botnet:sprg, backdoor, discovery, ransomware, trojanMD5: a1c240e28cf9828fe5adc68119a57fa6SHA1: 0afbabe69316a1b24c1fc374e58247b14a821cc3ANALYSIS DATE: 2023-03-26T16:09:36ZTTPS: T1012, T1120, T1082,...
Malware Analysis – discovery – fea29a2bbc979a1a83a9887b62240d6e
Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploitMD5: fea29a2bbc979a1a83a9887b62240d6eSHA1: b6c1ab3b84f50a1aa567c311b77fade00379b006ANALYSIS DATE: 2023-03-26T16:12:51ZTTPS: T1082, T1112, T1222 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – discovery – 709002961b4a3d18185690cf820c4758
Score: 8 MALWARE FAMILY: discoveryTAGS:discovery, exploitMD5: 709002961b4a3d18185690cf820c4758SHA1: 9e45ade994f2d711f12fd1bdd24c76c29190d919ANALYSIS DATE: 2023-03-26T16:01:50ZTTPS: T1222, T1082, T1112 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne...
Malware Analysis – – a4d576b2217f5bdcc4efca32e703e0a2
Score: 1 MALWARE FAMILY: TAGS:MD5: a4d576b2217f5bdcc4efca32e703e0a2SHA1: 5703dc18b0092465cc69af76897a0555b593f9abANALYSIS DATE: 2023-03-26T15:25:02ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – 438c524825fa5796932fc0b3e71c5530
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:00d92484c9b27bc8482a2cc94cacc508, discovery, persistence, ransomware, spyware, stealerMD5: 438c524825fa5796932fc0b3e71c5530SHA1: f2078d3751e1c7df7c900be289051d0748ae22f7ANALYSIS DATE: 2023-03-26T16:47:46ZTTPS: T1053, T1005, T1081, T1012,...
Malware Analysis – djvu – 09a12cf0789b098cd676c9d8e239726a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:00d92484c9b27bc8482a2cc94cacc508, discovery, persistence, ransomware, spyware, stealerMD5: 09a12cf0789b098cd676c9d8e239726aSHA1: 4e1059ceb454a080cbc96b95f60c65194f898976ANALYSIS DATE: 2023-03-26T16:22:08ZTTPS: T1082, T1012, T1053, T1060,...
Malware Analysis – amadey – d5f44fb56fbe9aa34059918852502617
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:djvu, family:pseudomanuscrypt, family:redline, family:smokeloader, family:vidar, botnet:00d92484c9b27bc8482a2cc94cacc508, botnet:koreamon, botnet:pub1, botnet:sprg, backdoor, discovery, infostealer, loader, persistence, ransomware,...
Malware Analysis – djvu – 294f2eaa193bad38c22be347cb2edd88
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:00d92484c9b27bc8482a2cc94cacc508, discovery, persistence, ransomware, spyware, stealerMD5: 294f2eaa193bad38c22be347cb2edd88SHA1: 759cb9fff31528b19c2574b48c030e9eb77d355fANALYSIS DATE: 2023-03-26T16:26:10ZTTPS: T1012, T1082, T1060, T1112,...
Malware Analysis – amadey – 8766c5f2748e04e7edb4ad8a8eca5efa
Score: 10 MALWARE FAMILY: amadeyTAGS:family:amadey, family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:00d92484c9b27bc8482a2cc94cacc508, botnet:pub1, botnet:sprg, backdoor, discovery, infostealer, persistence, ransomware, rat, spyware, stealer,...
Malware Analysis – ransomware – 3b8e23af5c43555dce7c6e90a0828ef4
Score: 6 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 3b8e23af5c43555dce7c6e90a0828ef4SHA1: d2eb46086dae54f298d00874e11677ddd58e2a34ANALYSIS DATE: 2023-03-26T17:25:43ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – djvu – d01add98dd3e93807d593dad541418ba
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:00d92484c9b27bc8482a2cc94cacc508, discovery, persistence, ransomware, spyware, stealerMD5: d01add98dd3e93807d593dad541418baSHA1: 4a31947640b3dfc80ff145e21d1a1d07edeb6af8ANALYSIS DATE: 2023-03-26T17:14:30ZTTPS: T1082, T1005, T1081, T1012,...
Malware Analysis – djvu – c2a469fb30d243a2f1c4a9513da82c3a
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:00d92484c9b27bc8482a2cc94cacc508, discovery, persistence, ransomware, spyware, stealerMD5: c2a469fb30d243a2f1c4a9513da82c3aSHA1: cfe2eef7288a95c05b9c5eee1bf0815cf47fb369ANALYSIS DATE: 2023-03-26T16:59:38ZTTPS: T1060, T1112, T1082, T1005,...
