Info collector

Malware spam: “Company Documents” / WebFilling@companieshousemail.co.uk and companieshouseemail.co.uk plus others

By on April 13, 2017 in Latest SPAM

This spam email does not come from Companies House, but is instead a simple forgery with a malicious attachment: From:    Companies House [WebFilling@companieshousemail.co.uk]Date:    13 April 2017 at 11:10Subject:    Company DocumentsSigned by:    companieshousemail.co.uk Company Documents This

Continue Reading »

Pump and dump spam: Quest Management Inc (QSMG) stock

By on April 11, 2017 in Latest SPAM

Following on from last month’s INCT pump and dump spam the Necurs botnet is now promoting Quest Management Inc (QSMG) instead. From:    Jenna GoffDate:    11 April 2017 at 13:37Subject:    FDA approval is about to send this stock up fifty foldWhy is Quest Management (Symbol: QSMG) guaranteed to jump 5,000% this month?They have a cure for […]

Continue Reading »

Malware spam: “DHL Urgent Delivery”

By on April 11, 2017 in Latest SPAM

This fake DHL spam includes the recipients real name. In this case it was sent to someone in Germany, but written in English. The malware payload is identical to this one in Polish. Von: DHL Parcel [mailto:info@glaefcke.de] Gesendet: Dienstag, 11. April 2017 11:03An: [redacted]Betreff: DHL Urgent DeliveryYOUR DELIVERY IS TODAY Hi, [redacted]The scheduled delivery is […]

Continue Reading »

Malware spam: “Sprawdź stan przesylki DHL”

By on April 11, 2017 in Latest SPAM

This spam targeting Polish victims seems quite widespread. It leads to malware. The email is personalised with the victim’s real name which has been harvested from somewhere. From: DHL Express (Poland) [mailto:biuro@nawigatorxxi.pl] Sent: Monday, April 10, 2017 7:09 PM To: [redacted] Subject: Sprawdź stan przesylki DHL Sprawdź stan przesylki DHL Szanowny Kliencie, [redacted] Informujemy,

Continue Reading »

borezo.info – spam selling anti-spam services

By on April 3, 2017 in Latest SPAM

If you are in the business of selling spam filtering.. it is probably not a good idea to do it by sending out spam.. From:    Camille Arpaillange [contact@borezo.info]To:    contact@[redacted]Date:    3 April 2017 at 15:55Subject:    [redacted] – Protect emails received on your domain nameSigned by:    sg.borezo.infoDiscover our SaaS solutionAnti-Virus, Anti-Spam and Anti-Phishing SMTP

Continue Reading »

25.0.0.0/8 is not your private network

By on April 3, 2017 in Latest SPAM

A recent phishing email originating from an Office 365 caused some confusion.. apparently originating fom an address in the 25.0.0.0.8 range which according to a WHOIS lookup is the UK’s Ministry of Defence. % Abuse contact for ‘25.0.0.0 – 25.255.255.255’ is ‘hostmaster@mod.uk’inetnum:        25.0.0.0 – 25.255.255.255netname:        UK-MOD-19850128country:        GBorg:           

Continue Reading »

Internet Information Services (IIS) 6.0 Vulnerability

By on April 3, 2017 in Recent Vulnerabilities

Original release date: March 30, 2017 US-CERT is aware of active exploitation of a vulnerability in Windows Server 2003 Operating System Internet Information Services (IIS) 6.0. Exploitation of this vulnerability may allow a remote attacker to take control of an affected system.  On June 15, 2015, Microsoft ended support for Windows Server 2003 Operating System, which […]

Continue Reading »

Google Releases Security Updates for Chrome

By on April 3, 2017 in Recent Vulnerabilities

Original release date: March 30, 2017 Google has released Chrome version 57.0.2987.133 for Windows, Mac, and Linux. This version addresses multiple vulnerabilities that, if exploited, may allow an attacker to take control of an affected system. Users and administrators are encouraged to review the Chrome Releases page and apply the necessary updates. This product is provided […]

Continue Reading »

Leaked documents reveal post-Brexit switch to pre-decimal currency

By on March 31, 2017 in Latest SPAM

So with the UK leaving the EU thing kicking off into full swing a lot of interesting stories have been lost in the noise. As expected not only have hard Brexiteers managed to sneak in proposals that we ditch the metric system, it now also seems that they want to ditch decimal currency too. Madness? […]

Continue Reading »

Malware spam: “Re:Payment Remittance Copy”

By on March 30, 2017 in Latest SPAM

This fake financial spam leads to malware. From:    AL HUDA LTD [ap.office@triumftools.sk]Date:    30 March 2017 at 09:05Subject:    Re:Payment Remittance CopySigned by:    triumftools.sk Dear Sir, As instructed by your customer for your payment, Find attached formal remittance copy received from our bank and contact your  client for payment confirmation. All payment details is

Continue Reading »

Top
All of these posts originated on blog.dynamoo.com, us-cert.gov and malwaredomainlist.com and are automatically reposted on colors.cbnetsecurity.com.X