December 26, 2024
December 26, 2024 Hash 13b026cb09a226a52843ff719e85f79c8 27f7376160f54d9f7e4ab16a1fdd217d2 30a75e1da5eb625454bc7403c4de6c571 URL 1https[:]//s1-filecr[.]xyz/8c56e7c6fd199021?download_token=6fa57627a4efea0514ca60bf6182af0c4b4db3bb3522c43d59ba16238986102b 2http[:]//213[.]136[.]90[.]188[:]8081/XClient[.]exe 3http[:]//213[.]136[.]90[.]188[:]8081/TsurugiClient[.]exe IP 1180[.]115[.]169[.]21 2114[.]34[.]21[.]234 3110[.]35[.]153[.]55...
Weekly Detection Rule (YARA and Snort) Information – Week 4, December 2024
The following is the information on Yara and Snort rules (week 4, December 2024) collected and shared by the AhnLab TIP service. 5 YARA Rules Detection name Description Source PK_BankID_poko Phishing Kit impersonating BankID https://github.com/t4d/PhishingKit-Yara-Rules PK_DisneyPlus_blackforce Phishing Kit impersonating Disney Plus https://github.com/t4d/PhishingKit-Yara-Rules PK_O365_itna1337 Phishing Kit impersonating Office 365 https://github.com/t4d/PhishingKit-Yara-Rules PK_BanquePostale_z0n51_2
Ransom & Dark Web Issues Week 4, December 2024
ASEC Blog publishes Ransom & Dark Web Issues Week 4, December 2024 LockBit ransomware gang: Announces return with the release of version 4.0 despite the arrest of key member Rostislav Panev World’s largest donut brand, posted as a new victim of Play ransomware. Data from
CrushFTP Security Update Advisory (CVE-2024-53552)
Overview We have released a security update to address a vulnerability in CrushFTP. Users...
Dell Product Security Update Advisory
Overview We have released security updates to fix vulnerabilities in Dell products. Users of...
Systeminformation Security Update Advisory (CVE-2024-56334)
Overview We have released a security update that addresses a vulnerability in systeminformation. Affected...
December 25, 2024
December 25, 2024 Hash 1557b56bf159c6b848d4b923cbedef9a2 2947e53f697ad517051459d246a6af27a 3e3f4e5b1329106d782497651d7d20890 URL 1http[:]//123[.]5[.]154[.]202[:]34356/bin[.]sh 2http[:]//get-dstudio[.]com/dl/ds-setup%5bpaim2e8vm%5d[.]exe 3http[:]//121[.]62[.]21[.]150/hgchfch[.]exe IP 1202[.]218[.]225[.]78 214[.]58[.]37[.]202 345[.]140[.]17[.]52...
Adobe Product Line Security Update Advisory
Overview Adobe(https://adobe.com) has released a security update that addresses a vulnerability in its supplied...
December 24, 2024
December 24, 2024 Hash 12c0aa5d643ed8b0e01993dbb1d4acee6 2dfb562f29f1ba8b3f824c9d7e489ead6 339fe7006b4fd0df18a2636c20455bb8a URL 1http[:]//66[.]63[.]187[.]92/mpsl 2http[:]//pywolwnvd[.]biz/uqeticcgaidpkbs 3http[:]//przvgke[.]biz/gil IP 1222[.]142[.]255[.]226 28[.]130[.]168[.]78 3101[.]126[.]68[.]11...
WordPress Plugin Security Update Advisory
Overview An update has been released to address vulnerabilities in WordPress VibeThemes WPLMS. Users...
