Info collector

cristian

OpenSSL Releases Security Update

By on February 20, 2017 in Recent Vulnerabilities

Original release date: February 16, 2017 OpenSSL version 1.1.0e has been released to address a vulnerability for users of version 1.1.0. Exploitation of this vulnerability may allow a remote attacker to cause a denial-of-service condition. Users and administrators are encouraged to review the OpenSSL Security Advisory and apply the necessary update. This product is provided […]

Continue Reading »

Malware spam: “RBC – Secure Message” / service@rbc-secure-message.com

By on February 15, 2017 in Latest SPAM

This fake banking email leads to some sort of malware: From:    RBC – Royal Bank [service@rbc-secure-message.com] Date:    15 February 2017 at 17:50 Subject:    RBC – Secure Message Signed by:    rbc-secure-message.com Secure Message This is an automated message send by Royal Bank Secure Messaging Server. To ensure both you and the RBC

Continue Reading »

Highly personalised malspam making extensive use of hijacked domains

By on February 15, 2017 in Latest SPAM

This spam email contained not only the intended victim’s name, but also their home address and an apparently valid mobile telephone number: Sent: 14 February 2017 13:52 To: [redacted] From: Subject: Mr [Redacted] Your order G29804772-064 confirmation Dear Mr [redacted], Thank you for placing an order with us. For your

Continue Reading »

fo5.a1-downloader.org (2017/02/09_14:04)

By on February 9, 2017 in Malware Domains

Host: fo5.a1-downloader.org/g2v9s1.php?id=yourname@yourdomain.com, IP address: 188.225.32.177, ASN: 9123, Country: RU, Description: trojan download

Continue Reading »

aadroid.net (2017/02/09_14:04)

By on February 9, 2017 in Malware Domains

Host: aadroid.net/sys.olk, IP address: 107.180.51.15, ASN: 26496, Country: US, Description: ransomware

Continue Reading »

www.lifelabs.vn (2017/01/25_20:15)

By on January 25, 2017 in Malware Domains

Host: www.lifelabs.vn/api/get.php?id=aW5mb0BzYXBjdXBncmFkZXMuY29t, IP address: 118.69.196.199, ASN: 18403, Country: VN, Description: Trojan.Backdoor, Office.Word.Downloader

Continue Reading »

falconsafe.com.sg (2017/01/25_20:16)

By on January 25, 2017 in Malware Domains

Host: falconsafe.com.sg/api/get.php?id=aW5mb0BzYXBjdXBncmFkZXMuY29t, IP address: 43.229.84.107, ASN: 38532, Country: SG, Description: Trojan.Backdoor, Office.Word.Downloader

Continue Reading »

WARNING: pmacademyusa.org / “Project Management Academy USA”

By on January 23, 2017 in Latest SPAM

For the past six years I have been following the exploits of Patchree “Patty” Patchrint and Anthony Christopher Jones who claim to run a series of seminars on project management and grant writing. Umm.. and failed restaurants in Los Angeles. I’m not going to repeat all of the information in this post, I advise you […]

Continue Reading »

Malware spam: “The Insolvency Service” / “Investigations Inquiry Notification” / chucktowncheckin.com / chapelnash.com

By on January 19, 2017 in Latest SPAM

This malware spam in unusual in many respects. The payload may be some sort of ransomware [UPDATE: this appears to be Cerber]. From: The Insolvency Service [mailto:service@chucktowncheckin.com] Sent: 19 January 2017 12:22 Subject: EGY 318NHAR12 – Investigations Inquiry Notification Company Investigations Inquiry Informing You that we have received appeal regarding your company which

Continue Reading »

61kx.uk-insolvencydirect.com (2017/01/19_13:05)

By on January 19, 2017 in Malware Domains

Host: 61kx.uk-insolvencydirect.com/sending_data/in_cgi/bbwp/cases/Inquiry.php, IP address: 35.166.113.223, ASN: 16509, Country: US, Description: leads to ransomware

Continue Reading »

Top