Cobalt Stike Beacon Detected – 107[.]172[.]216[.]160:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
threatintel
US-CERT Bulletin (SB22-339):Vulnerability Summary for the Week of November 28, 2022
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
LockBit 3.0 Ransomware Victim: sentenia[.]net
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: brunoy[.]fr
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: handrhealthcare[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
French hospital cancels operations after a ransomware attack
A French hospital near Paris canceled operations and transfer some patients due to a cyber attack suffered over the weekend....
Exclusive: The largest mobile malware marketplace identified by Resecurity in the Dark Web
Resecurity has identified a new underground marketplace in the Dark Web oriented towards mobile malware developers and operators. “In the Box” dark...
Scscanner – Tool To Read Website Status Code Response From The Lists
scscanner is tool to read To do List Add multi-processing Add filter status code options Add save to file options...
Cobalt Stike Beacon Detected – 194[.]180[.]48[.]249:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 8[.]141[.]161[.]11:5555
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 180[.]76[.]146[.]71:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Critical Ping bug potentially allows remote hack of FreeBSD systems
A critical stack-based buffer overflow bug, tracked as CVE-2022-23093, in the ping service can allow to take over FreeBSD systems. The maintainers...
Lazarus APT uses fake cryptocurrency apps to spread AppleJeus Malware
The North Korea-linked Lazarus APT spreads fake cryptocurrency apps under the fake brand BloxHolder to install the AppleJeus malware. Volexity...
Cobalt Stike Beacon Detected – 43[.]139[.]69[.]104:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]138[.]127[.]159:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Law enforcement agencies can extract data from thousands of cars’ infotainment systems
Law enforcement agencies can extract data from the infotainment systems of thousands of different car models. Data managed by infotainment...
Malware Analysis – dcrat – 9f698fc266aff6e94205f920a615106f
Score: 10 MALWARE FAMILY: dcratTAGS:family:dcrat, family:djvu, family:smokeloader, family:vidar, botnet:517, backdoor, collection, discovery, infostealer, persistence, ransomware, rat, spyware, stealer, trojanMD5: 9f698fc266aff6e94205f920a615106fSHA1:...
Malware Analysis – djvu – 7735257079f68c14085172a039be19c1
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, spyware, stealerMD5: 7735257079f68c14085172a039be19c1SHA1: d309f77684d82dd81896f46a41ebe9882352e459ANALYSIS DATE: 2022-12-04T15:47:11ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – wannacry – 84505f29fde00a6200617e8485d21bd7
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, ransomware, wormMD5: 84505f29fde00a6200617e8485d21bd7SHA1: b57d66060afb3b7b0d69901ce3f4c174e7beadb6ANALYSIS DATE: 2022-12-04T15:52:49ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more...
Malware Analysis – venus – 07f5fbcb96179acffab2638392d08fb8
Score: 10 MALWARE FAMILY: venusTAGS:family:venus, evasion, persistence, ransomwareMD5: 07f5fbcb96179acffab2638392d08fb8SHA1: 22d84ca8e620ef5fc0027b3e06876d1a04d10406ANALYSIS DATE: 2022-12-04T15:56:17ZTTPS: T1060, T1112, T1012, T1120, T1082, T1018, T1031 ScoreMeaningExample10Known...
Malware Analysis – smokeloader – cce955acd6c57914fac564a5421b6f43
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: cce955acd6c57914fac564a5421b6f43SHA1: 80847cd8e71b5e63679fee62cd0d8bd75e56d034ANALYSIS DATE: 2022-12-04T16:20:15ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
Malware Analysis – djvu – a1216bce2dcf7c35dfe1ab2119579211
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:517, discovery, persistence, ransomware, stealerMD5: a1216bce2dcf7c35dfe1ab2119579211SHA1: 00805f940cb220ab8045059236b11fb53fc5f3cdANALYSIS DATE: 2022-12-04T17:27:46ZTTPS: T1222, T1012, T1082, T1053, T1060,...
Malware Analysis – smokeloader – 60130c36350c6b3d646ec4f3b83c12e2
Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 60130c36350c6b3d646ec4f3b83c12e2SHA1: 6e22ee16e8e6bed7f75cfee657352650edcccbd8ANALYSIS DATE: 2022-12-04T17:14:38ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...
US DHS Cyber Safety Board will review Lapsus$ gang’s operations
US DHS Cyber Safety Review Board will review attacks linked to the Lapsus$ extortion gang that hit multiple high-profile companies....
