July 31, 2024
July 31, 2024 Hash 1c1f3321a0ddbb1faad3340d68ec7085a 299134c57a4e745964cedcefe8e10a8a2 3172896cd64074e10fe8f50d211cc77d6 URL 1http[:]//www[.]lvmay[.]top/rhm/wwlib 2http[:]//ncean[.]in/ 3http[:]//www[.]hillviewcredit[.]com/ IP 187[.]106[.]235[.]193 291[.]92[.]254[.]4 3100[.]2[.]171[.]170...
Weekly Detection Rule (YARA and Snort) Information – Week 1, August 2024
The following is the information on Yara and Snort rules (week 1, August 2024) collected and shared by the AhnLab TIP service. 26 YARA Rules Detection name Description Source PK_A1_webmail Phishing Kit impersonating A1.net webmail https://github.com/t4d/PhishingKit-Yara-Rules PK_CitiBank_imgamerzchoices Phishing Kit impersonating Citi Bank https://github.com/t4d/PhishingKit-Yara-Rules PK_ING_alexronyy Phishing Kit impersonating ING bank https://github.com/t4d/PhishingKit-Yara-Rules
MOVEit Product Security Update Advisory (CVE-2024-6576)
Overview MOVEit has released an update to address a vulnerability in our their product....
Apache Pinot Security Update Advisory (CVE-2024-39676)
Overview Apache has released an update to address a vulnerability in Apache Pinot. Users...
GitLab Product Security Update Advisory (CVE-2024-7047)
Overview GitLab has released an update to address a vulnerability in their products. Users of...
Cyberdigm Product Security Advisory
Overview Cyberdigm has released an update to fix vulnerabilities in their products. Users of...
SnakeKeylogger Malware Detected by AhnLab EDR
1. Overview SnakeKeylogger, an Infostealer created with .NET, can leak data using emails, FTP, SMTP, or Telegram. The malware has been consistently distributed and was covered in a previous ASEC Blog post. [1] This post will reveal the trace of the malicious behaviors of SnakeKeylogger analyzed in the previous post
July 30, 2024
July 30, 2024 Hash 13b014dbdf1af35a3a14555ff94e8b38e 2645ab024c206bc2ae47060a6d41bf366 36dc72b00f58eab5213449e3b84cd30c6 URL 1https[:]//facebooks-com[.]vn/thi-the-o-go-vap-thoi-rua?v 2http[:]//getdstudioapp[.]net/dl/ds-setup%5b5yncv488nl%5d[.]exe 3http[:]//getdstudioapp[.]net/dl/ds-setup%5bqddsogyky%5d[.]exe IP 1111[.]90[.]173[.]220 289[.]187[.]164[.]138 3117[.]217[.]40[.]114...
Apache StreamPipes Security Update Advisory
Overview Apache has released an update to address a vulnerability in StreamPipes. Users of...
MS Family July 2024 Routine Security Update Advisory
Overview Microsoft(https://www.microsoft.com) has released a security update that fixes vulnerabilities in products it has...
