Author: Tekno Phreak
-
Cobalt Strike Beacon Detected – 47[.]242[.]37[.]176:8080
* [Cobalt Strike](https://www.redpacketsecurity.com/category/cobalt-strike/)Cobalt Strike Beacon Detected — 47-[.-]242-[.-]37-[.-]176:8080===============================================================[January 12, 2025](https://www.redpacketsecurity.com/2025/01/) Cobalt Strike Beacon Detection Alerts > The Information provided at…
-
Wireshark 4.4.3 Released, (Sat, Jan 11th)
[Wireshark 4.4.3 Released](/forums/diary/Wireshark+443+Released/31578/)=======================================================================* * [](http://www.facebook.com/sharer.php?u=https%3A%2F%2Fisc.sans.edu%2Fforums%2Fdiary%2F31578 ‘Share on Facebook’)* [](http://twitter.com/share?text=Wireshark%204.4.3%20Released&url=https%3A%2F%2Fisc.sans.edu%2Fforums%2Fdiary%2F31578&via=SANS_ISC ‘Share on Twitter’) **Published** : 2025-01-11. **Last Updated** : 2025-01-12 07:44:13…
-
Cobalt Strike Beacon Detected – 45[.]221[.]99[.]49:443
* [Cobalt Strike](https://www.redpacketsecurity.com/category/cobalt-strike/)Cobalt Strike Beacon Detected — 45-[.-]221-[.-]99-[.-]49:443=============================================================[January 12, 2025](https://www.redpacketsecurity.com/2025/01/) Cobalt Strike Beacon Detection Alerts > The Information provided at…
-
IBM watsonx.ai Vulnerability Let Attackers Embed Arbitrary JavaScript Code in Web UI
IBM disclosed a significant vulnerability in its watsonx.ai platform, potentially exposing users to [cross-site scripting (XSS)](https://cybersecuritynews.com/xss-remains-as-the-most-vulnerability/) attacks. The vulnerability, identified…
-
DoJ charged three Russian citizens with operating crypto-mixing services
The U.S. Department of Justice charged three Russian citizens with operating crypto-mixing services that helped crooks launder cryptocurrency.———————————————————————————————————————————————-The U.S. Department…
-
Information Stealer Masquerades as LDAPNightmare (CVE202449113) PoC Exploit
A fake proof-of-concept exploit for the LDAPNightmare vulnerability (CVE-2024-49113) is being used to distribute information-stealing malware. The malicious repository, disguised…
-
Black Basta Ransomware Campaign Drops Zbot, DarkGate, and Custom Malware
A resurgence of activity related to the Black Basta ransomware campaign has been observed since early October. The threat actors…
-
Recruitment Phishing Scam Imitates Hiring Process
A sophisticated phishing campaign has been discovered that exploits recruitment branding to deliver malware. The attack begins with a phishing…
-
Increase in Distribution of AutoIt Compile Malware via Phishing Emails
The distribution of malware compiled with AutoIt has been rapidly increasing, surpassing .NET-type malware. AutoIt, a scripting language for Windows…
-
Stealthy Credit Card Skimmer Targets WordPress Checkout Pages via Database Injection
A sophisticated credit card skimmer malware has been discovered targeting WordPress websites. The malware injects malicious JavaScript into database entries,…