Attack Surface Management 2022 Midyear Review Part 2
In our 2022 midyear roundup, we examine the most significant trends and incidents that influenced the cybersecurity landscape in the...
threatintel
Where is the Origin?: QAKBOT Uses Valid Code Signing
Code signing certificates help us assure the file's validity and legitimacy. However, threat actors can use that against us. In...
LockBit 3.0 Ransomware Victim: tiffinmetal[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Thomson Reuters collected and leaked at least 3TB of sensitive data
The multinational media conglomerate Thomson Reuters left a database with sensitive customer and corporate data exposed online Original post at...
SiriSpy flaw allows eavesdropping on users’ conversations with Siri
SiriSpy is a vulnerability affecting Apple iOS and macOS that allowed apps to eavesdrop on users’ conversations with Siri. SiriSpy...
Whids – Open Source EDR For Windows
What EDR with artifact collection driven by detection. The detection engine is built on top of a previous project NB:...
LockBit 3.0 Ransomware Victim: steelesolutions[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Preparing for the long haul: the cyber threat from Russia
Preparing for the long haul: the cyber threat from Russia In January 2022, ahead of Russia’s invasion of Ukraine, we...
Cobalt Stike Beacon Detected – 82[.]156[.]14[.]220:801
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 20[.]219[.]255[.]76:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]189[.]7[.]48:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 45[.]32[.]74[.]236:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 176[.]113[.]115[.]102:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 185[.]143[.]223[.]71:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 87[.]251[.]67[.]211:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 1[.]15[.]189[.]200:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 199[.]255[.]99[.]112:23424
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 107[.]174[.]158[.]174:6666
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 178[.]18[.]255[.]124:444
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]143[.]215[.]30:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Malware Analysis – – 4e5a9de6dee1ea7cabb43974a889a531
Score: 3 MALWARE FAMILY: TAGS:MD5: 4e5a9de6dee1ea7cabb43974a889a531SHA1: 1c9c65accb79f622b1adc8e34e14848776686a30ANALYSIS DATE: 2022-10-27T08:46:37ZTTPS: T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – danabot – 824e08873738c225a76596134d687c92
Score: 10 MALWARE FAMILY: danabotTAGS:family:danabot, family:djvu, family:redline, family:smokeloader, family:systembc, family:vidar, botnet:1752, botnet:517, botnet:mario23_10, backdoor, banker, collection, discovery, infostealer, persistence, ransomware,...
Malware Analysis – danabot – ea2f34622dce523e0b9d6a05a02f6cb1
Score: 10 MALWARE FAMILY: danabotTAGS:family:danabot, family:djvu, family:redline, family:smokeloader, family:systembc, family:vidar, botnet:1752, botnet:517, botnet:mario23_10, backdoor, banker, collection, discovery, infostealer, persistence, ransomware,...
Malware Analysis – ransomware – 48688a2329f8b69a3e0a2c6ea98d80a3
Score: 10 MALWARE FAMILY: ransomwareTAGS:ransomwareMD5: 48688a2329f8b69a3e0a2c6ea98d80a3SHA1: cb9b12f24391d04cb64cc91e84ef7491179fd87cANALYSIS DATE: 2022-10-27T07:59:00ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
