Info collector

Malware spam: “Invoice RE-2017-09-21-00xxx” from “Amazon Marketplace”

By on September 21, 2017 in Latest SPAM

This fake Amazon spam comes with a malicious attachment: Subject:       Invoice RE-2017-09-21-00794 From:       “Amazon Marketplace” [yAhbPDAoufvZE@marketplace.amazon.co.uk] Date:       Thu, September 21, 2017 9:21 am Priority:       Normal ————- Begin message ————- Dear customer, We want to use this opportunity to first say “Thank you very much for your purchase!”

Continue Reading »

Malware spam: “Status of invoice” with .7z attachment

By on September 18, 2017 in Latest SPAM

This spam leads to Locky ransomware: Subject:       Status of invoiceFrom:       “Rosella Setter” ordering@[redacted]Date:       Mon, September 18, 2017 9:30 amHello,Could you please let me know the status of the attached invoice? Iappreciate your help!Best regards,Rosella SetterTel: 206-575-8068 x 100 Fax: 206-575-8094*NEW*   Ordering@[redacted].com* Kindly note we will be closed Monday in

Continue Reading »

QTUM Cryptocurrency spam

By on September 6, 2017 in Latest SPAM

This spam email appears to be sent by the Necurs botnet, advertising a new Bitcoin-like cryptocurrency called QTUM. Necurs is often used to pump malware, pharma and data spam and sometimes stock pump and dump. There is no guarantee that this is actually being sent by the people running QTUM, it could simply be a […]

Continue Reading »

Malware spam: “Scanning” pretending to be from tayloredgroup.co.uk

By on September 5, 2017 in Latest SPAM

This spam email pretends to be from tayloredgroup.co.uk but it is just a simple forgery leading to Locky ransomware. There is both a malicious attachment and link in the body text. The name of the sender varies. Subject:       ScanningFrom:       “Jeanette Randels” [Jeanette.Randels@tayloredgroup.co.uk]Date:       Thu, May 18, 2017 8:26 pmhttps://dropbox.com/file/9A30AA– Jeanette Randels

Continue Reading »

FCC Promotes Best Practices for SS7 Communications

By on August 27, 2017 in Recent Vulnerabilities

Original release date: August 24, 2017 The Federal Communications Commission (FCC) has released a public notice encouraging communications service providers to voluntarily use security best practices recommended by the Communications Security, Reliability, and Interoperability Council (CSRIC), a federal advisory committee to the FCC. These best practices help prevent exploitation of Signaling System 7 (SS7) network […]

Continue Reading »

DNSSEC Key Signing Key Rollover

By on August 27, 2017 in Recent Vulnerabilities

Original release date: August 21, 2017 On October 11, 2017, the Internet Corporation for Assigned Names and Numbers (ICANN) will be changing the Root Zone Key Signing Key (KSK) used in the domain name system (DNS) Security Extensions (DNSSEC) protocol.  DNSSEC is a set of DNS protocol extensions used to digitally sign DNS information, which […]

Continue Reading »

Mozilla Releases Security Update

By on August 27, 2017 in Recent Vulnerabilities

Original release date: August 21, 2017 Mozilla has released a security update to address multiple vulnerabilities in Thunderbird. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. US-CERT encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 52.3 and apply the necessary update. This product […]

Continue Reading »

SB17-233: Vulnerability Summary for the Week of August 14, 2017

By on August 27, 2017 in Recent Vulnerabilities

Original release date: August 21, 2017 The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center […]

Continue Reading »

Drupal Releases Security Updates

By on August 27, 2017 in Recent Vulnerabilities

Original release date: August 16, 2017 Drupal has released an advisory to address several vulnerabilities in Drupal 8.x. A remote attacker could exploit one of these vulnerabilities to obtain or modify sensitive information. US-CERT encourages users and administrators to review Drupal’s Security Advisory and upgrade to version 8.3.7. This product is provided subject to this […]

Continue Reading »

Malware spam: “Voicemail Service” / “New voice message..”

By on August 25, 2017 in Latest SPAM

The jumble of numbers in this spam is a bit confusing. Attached is a malicious RAR file that leads to Locky ransomware. Subject:       New voice message 18538124076 in mailbox 185381240761 from “18538124076” From:       “Voicemail Service” [vmservice@victimdomain.tdl]Date:       Fri, August 25, 2017 12:36 pmDear user:just wanted to let you know you were just left […]

Continue Reading »

Top
All of these posts originated on blog.dynamoo.com, us-cert.gov and malwaredomainlist.com and are automatically reposted on colors.cbnetsecurity.com.X