Cobalt Stike Beacon Detected – 3[.]90[.]213[.]150:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
threatintel
Cobalt Stike Beacon Detected – 124[.]221[.]169[.]111:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Brute Ratel C4 Detected – 35[.]72[.]0[.]113:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
Brute Ratel C4 Detected – 149[.]28[.]251[.]203:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
CISA: CISA, NSA, and MS-ISAC Release Advisory on the Malicious Use of RMM Software
CISA, NSA, and MS-ISAC Release Advisory on the Malicious Use of RMM Software Today, the Cybersecurity and Infrastructure Security Agency...
CISA: VMware Releases Security Updates for VMware vRealize Log Insight
VMware Releases Security Updates for VMware vRealize Log Insight VMware released security updates to address multiple vulnerabilities in VMware vRealize...
DC-Sonar – Analyzing AD Domains For Security Risks Related To User Accounts
DC Sonar Community Repositories The project consists of repositories: dc-sonar-frontend dc-sonar-user-layer dc-sonar-workers-layer ntlm-scrutinizer Disclaimer It's only for education purposes. Avoid...
Cobalt Stike Beacon Detected – 39[.]101[.]1[.]65:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 81[.]161[.]229[.]168:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 18[.]197[.]201[.]242:4433
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]223[.]215[.]12:8091
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
LockBit 3.0 Ransomware Victim: flatironssolutions[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Malware Analysis – darkcomet – 0370e5464c8f4718128f18548ca236aa
Score: 10 MALWARE FAMILY: darkcometTAGS:family:darkcomet, ransomware, rat, trojanMD5: 0370e5464c8f4718128f18548ca236aaSHA1: a7dc7c6526971d70b887b937bd6965ee82e5fdd0ANALYSIS DATE: 2023-01-25T03:51:31ZTTPS: T1012, T1082, T1491, T1112 ScoreMeaningExample10Known badA malware family...
Malware Analysis – djvu – c82d642d03203afc33ec1bf6c736b5c5
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: c82d642d03203afc33ec1bf6c736b5c5SHA1: 45385bbb8d54c5adc84e49450c7ec1f69b60906bANALYSIS DATE: 2023-01-25T03:43:41ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – djvu – 333bcc4a842670afc9f50160d7e3055c
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 333bcc4a842670afc9f50160d7e3055cSHA1: b72cdacbb3e38a705344cdaab0454996563e98fdANALYSIS DATE: 2023-01-25T05:09:28ZTTPS: T1082, T1012, T1005, T1081,...
Malware Analysis – wannacry – bc5ee0bcefce9d21f9a17c60a19c2b18
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, discovery, persistence, ransomware, spyware, stealer, wormMD5: bc5ee0bcefce9d21f9a17c60a19c2b18SHA1: 6b207ad03911865694e5f4c3059c2a5f0242c6daANALYSIS DATE: 2023-01-25T05:04:09ZTTPS: T1491, T1112, T1060, T1107, T1490,...
Malware Analysis – wannacry – e8340564caba7a2635af2c79cb7103eb
Score: 10 MALWARE FAMILY: wannacryTAGS:family:wannacry, bootkit, discovery, persistence, ransomware, spyware, stealer, wormMD5: e8340564caba7a2635af2c79cb7103ebSHA1: 8c62c79508abe5ffa36608d1846dcb20b2a27137ANALYSIS DATE: 2023-01-25T05:05:54ZTTPS: T1112, T1060, T1222, T1012,...
Malware Analysis – djvu – f297068017e333ac96d70756a87babf6
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, stealerMD5: f297068017e333ac96d70756a87babf6SHA1: 6dbfc207b81246788e0cab826b3dd96a31dfb276ANALYSIS DATE: 2023-01-25T04:11:03ZTTPS: T1130, T1112, T1060, T1222, T1082...
U.S. sues Google for abusing dominance over online ad market
The U.S. Justice Department has filed a federal lawsuit today against Google for abusing its dominant position in the online...
Riot Games receives ransom demand from hackers, refuses to pay
Riot Games says it will not pay a $10 million ransom demanded by attackers who stole League of Legends source code...
Ransomware access brokers use Google ads to breach your network
A threat actor tracked as DEV-0569 uses Google Ads in widespread, ongoing advertising campaigns to distribute malware, steal victims' passwords,...
FBI: North Korean hackers stole $100 million in Harmony crypto hack
The FBI has confirmed that the North Korean state-sponsored 'Lazarus' and APT38 hacking groups were behind the theft of $100...
Russia’s largest ISP says 2022 broke all DDoS attack records
Russia's largest internet service provider Rostelecom says 2022 was a record year for Distributed denial of service attacks (DDoS) targeting...
75k WordPress sites impacted by critical online course plugin flaws
The WordPress online course plugin 'LearnPress' was vulnerable to multiple critical-severity flaws, including pre-auth SQL injection and local file inclusion....
