December 29, 2024
December 29, 2024 Hash 106ba397d57b997dfb5729ca18976e05b 27663e0d8ee2e6e28eb2803cdf037bde9 3e254ebb1ad831c79896678e01162287f URL 1http[:]//52575815-38-20200406120634[.]webstarterz[.]com/wSh0v9LdbDMrnEs[.]exe 2https[:]//fashionyellow561[.]weebly[.]com/ 3http[:]//alfolw[.]dk/[email%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%83%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%C3%82%C2%83%C3%83%C2%82%C3%82%C2%82%C3%83%C2%83%C3%82%C2%82%C3%83%C2%82%C3%82%C2%82protected][.]zip IP 1191[.]252[.]5[.]175 2175[.]197[.]99[.]143 3159[.]65[.]93[.]40...
December 28, 2024
December 28, 2024 Hash 12642c695763663499f1301870a39f840 2e222be35ccf32215c1cdbabbf1c01f0f 373d87cb493bc60c62944adde0df9b501 URL 1https[:]//nznra[.]weebly[.]com/blog/objectdock-plus-cracked 2https[:]//garrywide[.]weebly[.]com/magic-bullet-looks-premiere[.]html 3https[:]//paintskyey[.]weebly[.]com/blog/contract-vanzare-cumparare-auto-germania-pdf IP 1104[.]167[.]25[.]220 2123[.]140[.]114[.]196 3185[.]197[.]249[.]19...
December 27, 2024
December 27, 2024 Hash 1dae79672bbeddefcfbe41b5104852337 21ab2548e89e865f83bce578b8aff8512 393aed94fef922d429c6770e80c9fb65a URL 1https[:]//triptrip[.]melody-wave[.]shop/re2[.]mp4 2http[:]//myups[.]biz/bbb 3http[:]//nqwjmb[.]biz/nfn IP 1164[.]92[.]198[.]80 245[.]56[.]109[.]58 31[.]34[.]239[.]180...
Amazon Redshift Driver Security Update Advisory
Overview We have released a security update to address a vulnerability in the Apache...
Apache Product Security Update Advisory
Overview We have released a security update to address a vulnerability in Apache products. Users...
Android Malware & Security Issue 4st Week of December, 2024
ASEC Blog publishes “Android Malware & Security Issue 4st Week of December, 2024”
December 26, 2024
December 26, 2024 Hash 13b026cb09a226a52843ff719e85f79c8 27f7376160f54d9f7e4ab16a1fdd217d2 30a75e1da5eb625454bc7403c4de6c571 URL 1https[:]//s1-filecr[.]xyz/8c56e7c6fd199021?download_token=6fa57627a4efea0514ca60bf6182af0c4b4db3bb3522c43d59ba16238986102b 2http[:]//213[.]136[.]90[.]188[:]8081/XClient[.]exe 3http[:]//213[.]136[.]90[.]188[:]8081/TsurugiClient[.]exe IP 1180[.]115[.]169[.]21 2114[.]34[.]21[.]234 3110[.]35[.]153[.]55...
Weekly Detection Rule (YARA and Snort) Information – Week 4, December 2024
The following is the information on Yara and Snort rules (week 4, December 2024) collected and shared by the AhnLab TIP service. 5 YARA Rules Detection name Description Source PK_BankID_poko Phishing Kit impersonating BankID https://github.com/t4d/PhishingKit-Yara-Rules PK_DisneyPlus_blackforce Phishing Kit impersonating Disney Plus https://github.com/t4d/PhishingKit-Yara-Rules PK_O365_itna1337 Phishing Kit impersonating Office 365 https://github.com/t4d/PhishingKit-Yara-Rules PK_BanquePostale_z0n51_2
Ransom & Dark Web Issues Week 4, December 2024
ASEC Blog publishes Ransom & Dark Web Issues Week 4, December 2024 LockBit ransomware gang: Announces return with the release of version 4.0 despite the arrest of key member Rostislav Panev World’s largest donut brand, posted as a new victim of Play ransomware. Data from
CrushFTP Security Update Advisory (CVE-2024-53552)
Overview We have released a security update to address a vulnerability in CrushFTP. Users...
