VMware fixes critical security bugs in vRealize log analysis tool
VMware released security patches on Tuesday to address vRealize Log Insight vulnerabilities that could enable attackers to gain remote execution...
threatintel
Microsoft shares workaround for unresponsive Windows Start Menu
Microsoft has confirmed an issue causing the Windows Start menu to become unresponsive and some applications to no longer launch....
Hackers use Golang source code interpreter to evade detection
A Chinese-speaking hacking group tracked as ‘DragonSpark’ was observed employing Golang source code interpretation to evade detection while launching espionage...
GoTo says hackers stole customers’ backups and encryption key
GoTo (formerly LogMeIn) is warning customers that threat actors who breached its development environment in November 2022 stole encrypted backups...
Cobalt Stike Beacon Detected – 198[.]154[.]94[.]36:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 179[.]43[.]162[.]31:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 120[.]48[.]99[.]90:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 3[.]73[.]0[.]134:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 43[.]138[.]21[.]132:8808
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 91[.]213[.]50[.]35:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Brute Ratel C4 Detected – 54[.]249[.]216[.]44:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
US-CERT Bulletin (SB23-023):Vulnerability Summary for the Week of January 16, 2023
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
LockBit 3.0 Ransomware Victim: elsan[.]care
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
CISA: CISA Releases Protecting Our Future: Partnering to Safeguard K–12 organizations from Cybersecurity Threats
CISA Releases Protecting Our Future: Partnering to Safeguard K–12 organizations from Cybersecurity Threats Today, CISA released Protecting Our Future: Partnering...
LockBit 3.0 Ransomware Victim: xlntinc[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Get-AppLockerEventlog – Script For Fetching Applocker Event Log By Parsing The Win-Event Log
This script will parse all the channels of events from the win-event log to extract all the log relatives to...
Malware Analysis – djvu – 6735e0d9fc3b11c7cbdd071d3829162b
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: 6735e0d9fc3b11c7cbdd071d3829162bSHA1: 1ebc132342713c73f1020c8012b0b5063c28b2aaANALYSIS DATE: 2023-01-24T09:04:30ZTTPS: T1012, T1082, T1005, T1081,...
Malware Analysis – evasion – c7a9226978be7b4ead9febb8ac854e7c
Score: 6 MALWARE FAMILY: evasionTAGS:evasion, ransomwareMD5: c7a9226978be7b4ead9febb8ac854e7cSHA1: cb7e60b4c4c4f4737c4cfe74addde018515918dfANALYSIS DATE: 2023-01-24T09:00:06ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known...
Malware Analysis – dharma – be47139183c40fceb264c6946627b93f
Score: 10 MALWARE FAMILY: dharmaTAGS:family:dharma, persistence, ransomware, spyware, stealerMD5: be47139183c40fceb264c6946627b93fSHA1: 06f645d6afc2f909dbdf61c0982dcd74126bc5f5ANALYSIS DATE: 2023-01-24T09:17:14ZTTPS: T1005, T1081, T1112, T1060, T1107, T1490, T1082...
Malware Analysis – djvu – c249a253e8f6bab49a07078d3b07bdf4
Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:vidar, botnet:19, discovery, persistence, ransomware, spyware, stealerMD5: c249a253e8f6bab49a07078d3b07bdf4SHA1: 0bca272f816478d880ab6b1e29d3239c587726ffANALYSIS DATE: 2023-01-24T10:51:50ZTTPS: T1060, T1112, T1012, T1082,...
Malware Analysis – upx – 5f586940f6b6ae2f8cbdeaec316b62ef
Score: 9 MALWARE FAMILY: upxTAGS:upxMD5: 5f586940f6b6ae2f8cbdeaec316b62efSHA1: 97197beb2de16b0b38c20b4846f4325283f28356ANALYSIS DATE: 2023-01-24T09:57:48ZTTPS: ScoreMeaningExample10Known badA malware family was detected.8-9Likely maliciousOne or more known damaging...
Malware Analysis – dharma – e096b294d0ed5f42ca68bc41c47ac27a
Score: 10 MALWARE FAMILY: dharmaTAGS:family:dharma, persistence, ransomware, spyware, stealerMD5: e096b294d0ed5f42ca68bc41c47ac27aSHA1: 1d5601986887ead48d036f1401330b8c9fd59eebANALYSIS DATE: 2023-01-24T09:17:03ZTTPS: T1005, T1081, T1082, T1112, T1060, T1107, T1490...
Malware Analysis – dharma – 58402f0f41e3bfecbea9ca1bcc0f0c2b
Score: 10 MALWARE FAMILY: dharmaTAGS:family:dharma, persistence, ransomware, spyware, stealerMD5: 58402f0f41e3bfecbea9ca1bcc0f0c2bSHA1: 0a2b11df94790e1121c17e350eb846a236e0fbcfANALYSIS DATE: 2023-01-24T09:17:05ZTTPS: T1060, T1112, T1107, T1490, T1005, T1081, T1082...
Malware Analysis – persistence – b6cfdefd2ef6bb507cbac8634ec3f6a1
Score: 9 MALWARE FAMILY: persistenceTAGS:persistence, ransomware, spyware, stealerMD5: b6cfdefd2ef6bb507cbac8634ec3f6a1SHA1: 583bbf424a7114586dd48fe57be999cbd750ba56ANALYSIS DATE: 2023-01-24T09:17:07ZTTPS: T1107, T1490, T1060, T1112, T1005, T1081, T1491 ScoreMeaningExample10Known...
